last executing test programs:

10m31.789162084s ago: executing program 32 (id=335):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0)
r1 = add_key(&(0x7f0000001340)='keyring\x00', &(0x7f0000001380)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$set_timeout(0xf, r1, 0xfffffffffffffffd)
read$FUSE(r0, &(0x7f0000001580)={0x2020}, 0x2020)

8m6.751030089s ago: executing program 33 (id=1166):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xe1000, 0x280000b, 0x28011, r0, 0x0)
syz_clone3(&(0x7f00000002c0)={0x8040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

4m0.049313089s ago: executing program 1 (id=2098):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000180)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010800000000000000000c00000008000300", @ANYRES32=r2, @ANYBLOB="0a00070008021100000100003000508011000a004abee339084eeef16f162471f4000000080007"], 0x58}}, 0x800)

3m59.506312837s ago: executing program 1 (id=2101):
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000240)='./bus\x00', 0x200000, &(0x7f0000000400)=ANY=[@ANYBLOB="63726561746f723d694bdfcd2c696f636861727365743d6d6163677265656b2c636f6465706167653d63703837342c706172743d3078303030303030303030303030383030312c66696c655f756d61736b3d30303030303030303030303030303030303030303030332c706172743d3078303030303030303030303030303030362c63726561746f723d56a49dcf2c00491ec034978e2b646970f9e6b5027acc3f8a06771abf42840597b40b5a78895115b35f108c3cc9b12afc500201bd6108"], 0x0, 0x371, &(0x7f0000000a40)="$eJzs3U1rFEkcBvCnat432exskiWLx2jAU0ziQRFBkXjyC3iQ4JhMIKSNYCKoKBk9iwgeBMFjbp5Fv4JexC+gpxyCJ70EkbRUdXVP9UxX90xeZhLy/CBjT3e9/Kumq7sqMmkQ0bF1ZfbrxtlN9SMKAHIALgASQBnIA/gPY+V7K2tLa159Ia2gnM6hfgSCnKItzfxKPSmryqdzGFX1Lo9Bex8dDN/3/W+ZqX4AL3sSDvWJCMZ+GwmUzOjUx4s9j2xXGh0kKPUmlEPE+oTFNrZxH0P9DIeIiPrP3P+luUsMmvm7lMCEmYfru0e534F2x15BxOY328Cjf3ofz6ER3f9l8N4Xqn90j4jmek8v4VQfSrNKbF/Tuc4Jv9ndes4oWz4AkbWq1LHIyuKSV59s6AKe4pJhJRvVrwuAnDoT7QzXtK1lmtnreMLaNIWrtGwDug0F1YaCI/4RZ42uqfaHLbzSG20J5j51EJP4KD6LOVHFayxE87+8L1RxusQqULEzBPFPuUvUrawGqWKt1KPPV339r67kRBjz+7dRKzcqrn4tI6diSaJKEa3z92oY5wtHz+ndw/GLgmndtLVn3Q/YuUYSc81E738l1jUa5IpyyspiwatPzt/xUn+Vsm+SVnQF8VxcF+P4jneYteb/UqWegHtkxka50CnNmZHanrxO6fgcY/SV6HZXI5OA3/HTtVPPcAvnMbT64OFyzfPqdw94Izx7UtKEwyThUBFdVgrsOebgRDSno9qj/rWrKKuNAoB966gd3/cTDknk996c5Zq6JK2WYzFf/TtoXpCmoLfPvYmarC+zjcwProMNNII+tA5ddiduXjLVnvCK0GWlOvt6lEvdLbrJ/jPqlqQTsuYJK8LiwY4d0Rw7/0cnWw6l5MBaNiq7qPTa4+Wa1+X1hI4ka7yM3di62O9wqPfUvEsE6z9rvTKlrzrqpZqy/smcdVglTjtWQMP69S+ES1EtY8014F7BDYQbXn0mbc118jRwqqVGibDGJ63FVk2cOIz/K1lKCquSlkPM4gtu8vf/RERERERERERERERERERERERERERHTbffRnB/nWDHfA/JOlQMvkYSr3HzGP7hDSIiIiIiIiIiIiIiIiIiIiIiIiIiIiKivbGe/wvk9BNjin1//m+ug+f/isxHfBJRhj8BAAD//+lvYTM=")
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f00000002c0)=""/193, 0xc1)

3m58.863780397s ago: executing program 1 (id=2108):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000100), 0x1, 0x2b, 0x0)
syz_emit_ethernet(0x9a, &(0x7f00000001c0)={@random="ed4e0300", @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, "6bbe4d", 0x64, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], {0x4e20, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x2, 0x2, "8c7c8db45d2c0ba8decba26565b12e6b32dd8c20597f6a5959d0921165374b57", "30ffdcbac90c2e58724369f6012f4b84", {"6854dedc3e3710b7a86a6efb5f14d84d", "18e136787f03e12095dc39942fb20364"}}}}}}}}, 0x0)

3m56.789567279s ago: executing program 1 (id=2115):
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x3800813, &(0x7f0000000100)=ANY=[@ANYBLOB='iocharset=cp1251,utf8,overriderockperm,nojoliet,nojoliet,overriderockperm,dmode=0x0000000000000003,dmode=0x0000000000000002,mode=0x0000000000000080,hide,block=0x0000000000000200,map=acorn,overriderockperm,check=relaxed,gid=', @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0x0, @ANYBLOB=',check=relaxed,overriderockperm,dmode=0x0000000000000050,smackfsdef=nojoliet,fowner>', @ANYRESDEC, @ANYBLOB="2c6673757569643d34333961623538622d63bd3844bc5d6331a62c7569643e0000000000000000", @ANYRESDEC, @ANYBLOB=',smackfsfloor=-)/,dont_hash,mask=MAY_APPEND,obj_role=,\x00'], 0x5, 0xa62, &(0x7f00000029c0)="$eJzs3ctvXNd9B/DvHZIiQ7uWYquuKzjiSK4UxmEpkqqlCl6kEjmSmPJRkBRgoYsojahCEFu3cQs4RoEoQNFVjBZo0UW7M7rqykA2TReFN0W7a1ZdFCj8LwRdqSsGd2ZIzpAzHIrhy/LnQ8zMffzuOb8793E4r3vCF8v66bax9fX6bWDb+Pb5Xcbv/fOR5MyJdWvm808+/bi8/ehpTqUv7xT/kgwlqSb9Sd5IBqZnlhbnexT0JHmQ5LOkSDKYxuOePEjx13l5a/yzFP9Y1tvVqb2WTC/rfKkd9/4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnUTE9MzExWZzK7MK996oNSXWH6ZmlxSLr6zvnbCzT8NN6r9/FT3vWmxTlLUNDG119v3F2a/brSaoX82Zj7M16h+QZykcvvX7m3df6KxvLd8vmlzK492I/+MFHT767trb6/Y5zi+IAszphGvvIndrC7PLi7PzNO7Xq7PJi9ca1axNX7t5ert6enast319eqc1Xp5dqN1cWl6qj09+oTt64cbVaG7+/eG/hzsz4XG1j4vXfnJqYuFb99vjv1W4uLS8uXPn2+PL03dm5udmFO/WYcnYZc73cEX93dqW6Urs5X60+ery2enVbZn3Ztv+WQZO91qcMmuoVNDUxNTU5OTU1+aNm79mbE669c+Od6xMT/RMNL6c5kB0Rh7TTcrJ8pftmPviTOOxTpdH+J3OZzULu5b1UO/5NZyZLWcx8l/lNG+3/pSu1XatNS/vfbOX7W+afK+8u5nxzdKhL+98ll6P7+yA/yEd5ku9mLWtZzfePPaOj/buTWhYym+UsZjbzuVmfUm1OqeZGruVaJvKd3M1IltOf25nNXGpZzv0sZyW1+h41naXUcjMrWcxSqhnNdL6RaiZzIzdyNdXUMp77Wcy9LOROZnKzXsqjPK4/71d3yXEzaHIvQVO7BO1ozLu1/5u2L1Lb/s8JL6DKrlv5EM7isD/rzfb/VO/Q0em20f7DSwoAAAA4UL/+n3nl7Kv/8b9Jka/VP5e/PTtXmzjutAAAAIADVP+63pvlw0A59LUUXv8DAADAi6ao/8auSDKckcbQxi+hvAkAAAAAL4j65//nU4xsTfD6HwAAAF4wva+x3zOiGNu4/G/1YePxYTOiMVYM356dq41PL869O5nL9asM1H9psKO0vqQYqP/84O1caERdGG48Dm+VWNY5VEZNjr87mbdzsbkio2+VD2+NdoicakR+vRH59dbIvrRFXi0jAeBFd3GX9niv7f/bGWtEjJ0rG9NT/efa2uC+obIRn9CyAsBJsdnHzv83uzTr0P6fb1wb4Hy39v+3dnn9X0a8mkcjja8UjOd7eT9reZixNL9xMNKp1I3eCBpfQxjb/m7AYHv5w82vLPzseiVjO94PGNpc19bY1UxlrOM7Ai3lFhs5XG3E9R3WVgCAo3Vx13Z4o/2vv0netf0fa3/9n22v/1vaXF8pBICTYLMH++cdGNl78HGvIwDQTisNAAAAAAAAAAAAAAAAAAAAAAAAAAAAB29PF/D/r8vJ2tpqst/OAjoM/Ozf//VXusb8+KVk6Hky3H2gkgPJeTDJgaz74Q30JTmu2r+V516q3MYn5al7kQaKp/UD9pcq55hPTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByJIunrNL2SDCaZSHLl6LM6PE+PO4GDUt3fYsWzPMuHeeWg0wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+LJrXv+/ksbjS41J6a8kl5I8SPL7x53j8xjqMf/ZEeVx8vxR/b7l+v+VZCDrRfqzvr6+nhQD0zNLi/PlrlAMlvM//+TTj8tb1yJ/uDGws1eFsoCyhrbOJZo1tEwZaF/qq/WlhmdWP3jyZ+//SXXmVn3HvLVye25m/s7S72wFvl78pNEFQms3CBv5/sWlf/ublsmnmpX/JP3dVmR7vbfr9c7srPfXOi3dpd49eLy2OlXWtFJ7b+XP/7jSOuvVXEjeGk1G22v6w/LWpaYL25/PdsXPi78qXsnf50F9+5fPRrFelJvodH39v/Lo8drq+PfeX3u4mdMPH3/YUsCZjCR52H6U9chppH4+6eileq0DZa0T9aDy7myP8nbVUuLk1vPatg5fre8yw8+1DtXu61DX43lvZnR1e0br5UHyt3/6Wln4Llt6sEOJl3vU2FHx8+J/irv57/xlS/8flXL7X0rHo7NDEfXIlj2ldV7b4VW5tLXmU60zvrO9zK5HJYfgx/mD/Pbm9q/Uz/+tx81Ul+Nm83z0rZaJXY6bjUOry3Ex2H6k7jguml7L5ec8A/7T6R0tSnutObutRWqefbot08zzbCOqS56/mm8m/ef2fkYpkm/2OKP0OiPt9/j/h2I0/5en+v8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOviLp6zS9klxKcibJ6XK8mqxvj3m6j/oqw8V+0jww+8n5i6fouqLFszzLh3nlqDMCAAAAAAAA4HDcmvn8k08/Lm/1z+P78huV5pxq0p/kTPF3A9MzS4vzPQoaSB5sfKQ/1Dmky+Q8KO9e3hr/rBx7o0d9x/v1AQD4QvtFAAAA//8zt20A")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)

3m55.438630561s ago: executing program 1 (id=2121):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000480)=0x7d)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0x78)

3m54.38591317s ago: executing program 1 (id=2128):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback, 0x7fff}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e23, 0x8f, @loopback, 0x1}}, 0x9caa, 0x6, 0x8000, 0x3, 0x6}, &(0x7f00000001c0)=0x98)

3m52.141295517s ago: executing program 34 (id=2128):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback, 0x7fff}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e23, 0x8f, @loopback, 0x1}}, 0x9caa, 0x6, 0x8000, 0x3, 0x6}, &(0x7f00000001c0)=0x98)

3m43.068407829s ago: executing program 4 (id=2174):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r1 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)

3m42.14802127s ago: executing program 4 (id=2176):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa0d81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000002c0)={0xffffffff, 0x3, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x1e, 0x0, 0x6, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x100000]}}], 0x1c)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000600)={0x0, 0x7a120, 0x60, {0x3, 0x103}, 0x0, 0x9})

3m41.43152394s ago: executing program 4 (id=2177):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

3m41.242716382s ago: executing program 5 (id=2178):
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x7ffe, 0xc5f7, @value=0x1})
r0 = add_key$user(&(0x7f0000000080), &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000200)='\x00', 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/67, 0x43, 0x0)

3m40.745587363s ago: executing program 5 (id=2180):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f00000013c0)="f64720ebb80b54784eb40de6fb48fe599e7957ab0c00ec4944b7207be605d4803908903d7f48112d74ba4753b3604b627fe392549d01ee1fdf4b47097c79b745f8168056445d461342ab41528d16e5c28763ed8521bb68f33022ae5eaafa2b7a31f24e0737cde9a37b9e81569f827e06f30ff53e418ca31e05c894c2bee31806da8f1f081469b61b73a9d58217c943f3d31f9de677e3fb01f98db74c06edcc8edc5de82efb35f2702fdb6fd2244c91b7896d6a3df95c9baa46f1c16267bc5dda6654e79992f2a95669d309750ec39f14c2c194c83e283431e2bc29f410c3d11e12e5c67a415853a5e89f0e8a157f36701fc3701a273449b77ae35463890549862df81e965a08cc8c6f2a19312fd020fd13335f1b9352fec01a4dfdbac4c66aa67382143aef85252f4d3e251a04498e4e2e6b4f1f3244c36935a22f6cc6b891bebb2bd82fe87e0b2e552b5a93a14470947f941732efc85e6fe0b12543793b72de51087cb0c10b5a04ba2a0d7ba9fbbdd651f35ed0c182107e6d67bf402c97fc705417fcff733a27ce5d808d18aa7d9109dada2d649902c9fc3e03fc59eb18eb7cb3d99c69112576d211b9f0a6ee981da6f3da0dfd9d3c5902414b21b3fdf2e4d86e24b5860af0231ca39c9549f32790968b726f50c2237bb470c63f9fb932d66208550a6e557c09a9283988238e31c46b51d80b286a0a76c8806c9f7da68fb405afbe7c1c0232aca00fd369f3b9640d73147ce0adebd761007d9b0511af2bd349237aef82fc808950c0c0b6cccfef9029e52ddbd63fe1cd3154dddf38ecadda134569338e46c3b609b8262852430e9e47b56526452bbdfafdec1848cfd8249366dca080d03e4340ac23ed97218c77941057a9b489b1ae549ebbdba6f3817e7bf6dfe130de19d2b08438b5bb72a077f97c53e66c9a006159061aa48a099161c28a205b3071c2e0160ca87f56896fd1da72dfa15fbe247a18a7f5bf189ba119134e9841e144cb86e0d4a0c3a1c1367cf9d8e86462f612ae0f28e5385e532c0b2e6b25aa7b84ba793fef5e46485668fc26a982a53b8252507d0237e0858f105bbfa0c83907065d5d7aa5a4ef3fc4c938473e731afb75789eddf392d135d1af163f74c7fb1573a0952ecad3861114d44f40960bb7422daa30b16b0ceab5c68fa00ea20faba81c2f9387b5d06267f5b7231df9d7b6835ac28f7a31ed0d8ab1588d94cb3fd4fc814ef84a6927064a789ff821a79a3cbc13223c045bfa21a85be8f61e08936ce4a30ed6dda2dde1f5ab3d10ccaa612e016222dc3ce5276821812a3135b5a82b1654190c8faf3274372b4d02f6421e378e2039204ff6bdcdc3cfc4e2af2c7b5c5221c97f7fd2d2023bc1965ef06441f712a2c7db054e3c5f03cd5832ec4df0e563d5303a7c6ca9725008d1be150945530e148684767df25a9f346e5378d9831e0e4da7c8238ebb278773272d01b37ad637a443b65fbcf1c5a33cb6ae10b56228a006669cba818f271a29f940adcae7374cd7961b4a9e901225ca47abb248eb162697a9b4dadaa4950d43f7530c5f7b1bd41326a55c072170df0e856b29cdb753d2868d6f308a04570044166600a8472081e859aff8c7052d17faa37342442189bfb994ac8cc51bb0ed784b782003356f422385db073180bd19e1581724121394bc4826d9e6f40b4fba658fc879eb1bce71421214097cc77b44104fe069d2e39e08cc6479cd73e355ef4f4758f307d52fe503cf1e1e3aad79f5bd3f1255cf4672d52b7577603d04f7d2a34552af40345c7f64378a409611337be2699449356476c4d1f59c901efd48e40f0549c5587be3dc33c7bf70184ed3c3298d3a7b9af45c1a022b248bff7f9387d9b9b086f91ac51fb3b575c49fb9ed7a473428abd37462bc0751d50aa8e4d8698dc76d5534ed269878e826b611bb2a241e9fb7f4d59982223170a14b00f76035a946cca99ce7b3c94b246a62c25c3a28b05b56dac8a45d93227d8779cc4e1741ec49e3094dfc63b76aea461799afd0777d19591a30afdd8b71b70d90d894e7b2d0057610fbc897ee7fd7a10ad302960112f22494b8c0174fbf3a5d7d318311f3e4097188030f9fb22a0868d4c7948cb1d74565618774b9d3f4d9adc1fb1ca22433cd0cbcb6fd48d5f808b15c88a52578fcd57b07576c4ab09970c739730b485ec9e55fd7686df296fef144924decc018a8f1b57640b4cd04a5b24692421a8a955a887d9fbd9107fee1de3073c75f8361e00ca6fd76de7d9a50ed31e26d110af54c064932f1268377428bc753fd03840cd8e03f47d852fb7440410cb57139439e4c4ba16a6fabd12766e8cf5d3dc59a9deb5757820cc488ba30e8deebf2e9766322f00820c100f0342a3dc7260adf74e28897fc2cf46423fb601ec420bc2ebd146fd125b9954b83f0b1171315b24974f5373c2e44c84e9b1d7bee072b0f2a03da1879f3cddcd942ffa96f3324835e9b0c97574bb5a98dcf5847d7952df0788205fc4f666996f6b7dd58cfe1de41b935847d4af11ed04aba90fbd2eea668d7608b08c54e672226dd8cc2ad7a4401ef4f59adaa4e32ba0775bffa78beb776a3db106001e5bd4c709ad1d4c4d0813fbb1047d56ddd4de62f673274593e6e77bf3127a732bbe631d25ee1d2db2ec8f3a18ded5fe04f7e9667eb546cdf1be55046e8931221a698c2bb2f2f3c00b1240345fd6c2b86c73b5fcbc6d4528b73cfddd14d74569bde509cd1e43b6fa5ac7da5e063be974b9cdc9423bcf7850048700be34802a9f6ec30191bfc9be487d4d6dce753dbb427c5fa53186eb5615263130c127e1d3c04e6ca2c7c17e741e651c9874953b3356e53bb71396c647c30e800739aa088557b6099b20c4439428dee2eddc1f0ff1e566a9619748129946660ba73286b0689f45bece7683939689cddc2a8fed9737d2c5a07273a769dc71f2babc713e233631f32524259baa0c7634d864c0354b255c6626c3105438eab8185cc9ee1e04314e12a934b2e04603b25b6c6139d372efc223a13527b83f7529915a2d43cff56d2bfb7b8eb89feea45b07269d1115f9085c798e74c90c0d5e18392f43f8dda58f4a82685cd66caa7b283fe3b2f60322d80fc99552e1a6c3428a1881a8fb0d6b0c4e17d8d02189aff824d5346738ff020e2e93dc583158f3ddcf03c46101f859f27559134a62540d49d31b0a1d9a7b06a749386f38fb43647cf20d243b3feac76a43d8e14bb626e97a14357f3dfe77c292052a755fdd507a45707aeab5d9ad65fd0431000e29d653341a87b1203e71ea343b738243b8385b52870c7ededabd9f1ec71f936e069391f0dfa44ae0a631f7a8baed4dbdf11b201775c913effce085102bb2ff963e8e39c5d8d60c785d4655e8e0500fade05beff322acc1f9e73283ff44a8a5c39300845a4ccde16912496ad0121f272bf6148f9620468e80cad21bf926a85e457e6619499b204d1b050d4afc5d1f60cb434993e01f1f176fa6087d95f3ce3cb288cfc3f10576a7cbb1c9e3590146014f5ee6c06de9e32a48c5c22024289810081b244cb3d8e14408b0e8bb026ef91f1006cf9936011008d72261b060652e423c474f0a6ed7c9e782417bc44c1401a23387859f497eab362d627e9261f0d82c171fa70eb2c2cde8a93b0768a86953e64195052c685a4bb882581045ba7298265a0526bc79c793a4f36415f0e603f2d6b704dceb64ff5fab748aaeb75f5ec4887e8234af48e668b6fffefce26a86c52496ee4127802be47d3f0f1daef52e9f2e762183f279c10ec751d78e7a66c4e51b197afcecf65d078a52a7357f9cc347334cb7901105db08ab5ec60607785f5d7b6ea9a750d161f7ea3b39194e991ef65413ab995d464b7b70513328f84fc994f3546ab844ed925f93eb9bb7370f448cc4c9df3d8b2b7500704b6ebeca7cada70ce904187264ecf8253ce666680594c745f58cb14ab165e4d2feea5539c039fa8123e31a8194776972d28fac780263ece1d3bd277dc41eb3027f1c647cc0f5cd206d601374ddc6972eeaa18509de018cae48a5925f0f736469530d6eb79ef2e1d121ad69a3ae86ebded4de3b7044cef53e8cddee470f9a6e9d99fc5d30bc79c41465cf0c8a2fc3c11e809d64f9e6ab86c34e6d31853207ed14abb0f941ea78b0d2d6be8ce679764fdda20f76ad3176685321bd0cedbcaa97e820949ede3a8a10f53467d7a786deeef8984f4b26233b5ee3a9fcd37d39a77e6047719ef22ef91e94447f9b9c7ff30d656793c7283ce86f689664ff1291bb73b8a624f697592e6ba8bade6ed3bb6203913b2d8ab7f124fbec7b5f2d621d853a133a4a3152b524f592894f109159c08d54890757eb3d8e66ad09f3a70b970b2f2534ac62f58948652c30ba8d9567b748fbd8314c98a56905d53b81bcd75dcf0a9fdfc35c8778c7209cb5083ed8502f8c3b8bb4bddf2ccd351e1860a7c87b786e7e1040928794566128b6127d37b5aad09bf0189ebf2184a5db341cddcf4cfdac7a4997f61d534a81d8685399a9ef8dc07f7ccbf6a3b4829f1ae80d6b06ae1d1b3341b8005ca1244d1f57fe9871ed1c461c72cf4bfe3cff128f876907209def85eef79521b5acf85fe5d1fb1453a91e14bd7f55208420ce1794c5c862055d8eba5f4ce60e2dfd120388d38351e56f9935c65feba4835a9061b8604aef74aec41d52674124f3174e906a8622affed4057f754c4388ca71ab79193e229c66ecc540de97b1ff97b4c281cb17b238949de69f0ab0fbd3724a060d2f0b7e45a91a7827846a970bb9364c65fed9540411b455e44776463b622c400d16296642f03e45028b25d0fe7e09174e690132f24c4fd4eb310dccb8a4eb713834e5ed80414678bd5fa864956fb4feb5034b4791bb85d41c971bdea1d41eefe8da7dfaa2992d43e7137cdb8385a69653b0b841a1198d99fbe0117d38552b9662d9fd3635a80c5ba9e018dff00867f113885e83f336e46f0e167c5c8f085133cb9e530370566b9632c06e68970b0cd1a0ee4342aeeb8b9d5c6c6eb3833fa455653545e0711e8ff771566afeb9df1d7b95961047f266439dbcb591a267583e66324a57599fd9a64275c6e6eb35a7b3904fbd88d9bf1c59fa3ab8725eda3c80243b183016c4ca4001af453fb7832ca0b5bec80d7a52011b1e1962b1e55f0cee3228e14e06b611a6fe692e81a798e08721d2966539f79cc0cb998b827dcc2c0c7fc4485cb83e89476f0a2fed70c231ed50ad78ff7382f7f89f649590e50d3ac8bac3f094f81eff7a8073fc5a78661a9b4f8c9de2bcc302c8b98f72c83aaaa042dbb47c21601a2c81ec081c30b3f4ccab8ccf28ec6a7dfb42ece7aa08b78f219d0ddc47953c53402480d957ae7269e242e30c23e1ecbd5fd42c05af9c551c5b8d9bec88ebbe495d0896d09e147f103463f174cd23ee526e2ad613f415a6ece6de200b1d0f27789045c97ca44ab35804409e5c04457bbd48f7cafff51c077f5675cb250585faef0c9b1459779e708cc75e93ad0eab81fc245375d80f20e44aedcd027e2f02eceef0c5387070a3d6e8664b7e9cbf13ee058a272663b5620a721a8c003b10b8f1a0e46211aa214d821570ee8e4aebfa954ccc6fe679cb1bb0e30c47fa7fb8e7352c9d601023df2cacae33773ea9ad449919d3456ed7fa3295da825aa865a5f435bd0157cb34a553c6b8b3c78134b5af13ac6a017d2d05d8e958e04dd3c1b5167cabb464004c901e9e1744104211278f36f7d9144117f526404688c23bcd8a1e9", 0xff0, 0x414, &(0x7f00000001c0)={0x11, 0x1c, r2}, 0x14)

3m40.548056039s ago: executing program 4 (id=2181):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x557, &(0x7f0000000280)="$eJzs3c9qG8cfAPDvynb+Ob9fHAih7aEYcmhKGjm2+yeFHtJjaUMDfYBU2BsTLEfBkkPsBpocmksvJRRKaaD0AXrvMfQF+hSBNhBKMO2hF5eVV7FiS5ZsK7FSfT6w9szuyrOj2e94RiOhAAbWePajEPFqRHyTRBxrOjYc+cHx9fNWn9yaybYk1tY++zOJJN/XOD/Jf4/mmVci4tevIs4UtpZbXV6ZL5XL6WKen6gtXJ+oLq+cvbpQmkvn0mtT09Pn35meev+9d3tW1zcv/f39pw8+Ov/1qdXvfn50/F4SF+Jofqy5HntwuzkzHuP5czISFzadONmDwvpJst8XwK4M5XE+ElkfcCyG8qgH/vu+jIg1YEAl4h8GVGMc0Jjb92ge/NJ4/OH6BGhr/ZP110biUH1udGQ1eWZmlM13x3pQflbGL3/cv5dt0bvXIQA6un0nIs4ND7fv/3bvXBfnbC5D/wcvzoNs/PNWq/FP4en4J1qMf0ZbxO5udI7/wqMeFNNWNv77oOX49+mi1dhQnvtffcw3kly5Wk6zvu3/EXE6Rg5m+e3Wc86vPlxrd6x5/JdtWfmNsWB+HY+GDz77mNlSrbSXOjd7fCfitQ7j36RF+2fPx6UuyziZ3n+93bHN9T+8p9rs3NpPEW+0bP+NFa1k+/XJifr9MNG4K7b66+7J39qV37n9n6+s/Y9sX/+xpHm9tpp3CDvw46F/0nbHxpN80XQH93/z3PVAvu9mqVZbnIw4kHwSW/ZPbTy2kW+cn9X/9Knt+79W9392n37eZf3vnrjb9tR+aP/ZHbX/zhMPP/7ih3bld9f/vV1Pnc73dNP/dXuBe3nuAAAAAAAAoN8UIuJoJIXi03ShUCyuv7/jRBwplCvV2pkrlaVrs1H/rOxYjBQaK92jTe+HmMzfD9vIT23KT0fE8Yj4duhwPV+cqZRn97vyAAAAAAAAAAAAAAAAAAAA0CdGNz7/PxRNn//P/D60zxcHPH++8hsGV8f478U3PQF9yf9/GFziHwaX+IfBJf5hcIl/GFziHwaX+IfBJf4BAAAAAAAAAAAAAAAAAAAAAAAAAACgpy5dvJhta6tPbs1k+dkby0vzlRtnZ9PqfHFhaaY4U1m8XpyrVObKaXGmstDp75UrleuTU7F0c6KWVmsT1eWVywuVpWu1y1cXSnPp5XTkhdQKAAAAAAAAAAAAAAAAAAAAXi7V5ZX5UrmcLkpI7Cox3B+XIdHjxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACw4d8AAAD//0gqNi0=")
lsetxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=@known='trusted.overlay.impure\x00', 0x0, 0x0, 0x1)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x2901003, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

3m40.155388906s ago: executing program 5 (id=2183):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x10)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='quota,grpquota_inode_hardlimit=3,noswap'])
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

3m39.668500502s ago: executing program 5 (id=2186):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x2000002, &(0x7f0000005ac0)={[{@volume={'volume', 0x3d, 0x3e}}, {@gid}, {@mode={'mode', 0x3d, 0xe410}}, {@anchor}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@unhide}, {@noadinicb}, {@gid}, {@umask={'umask', 0x3d, 0x8}}]}, 0x1, 0xc32, &(0x7f0000000e00)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x800, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

3m39.2434435s ago: executing program 4 (id=2187):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffe8c, 0x0, 0x0, 0x10, 0xfffeff7e}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r1, 0x7a, 0xfffffffffffffffe}, 0x10)

3m37.974180249s ago: executing program 5 (id=2191):
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48)

3m36.642744168s ago: executing program 5 (id=2195):
r0 = syz_io_uring_setup(0x49f, &(0x7f0000000400)={0x0, 0xe7a8, 0x3700, 0x7ffe, 0x1af}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x44, 0x0, r0, 0x0, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0)

3m36.536324441s ago: executing program 4 (id=2196):
r0 = socket(0x2, 0x3, 0xfc)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000180)=0x6, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

3m33.249613342s ago: executing program 35 (id=2196):
r0 = socket(0x2, 0x3, 0xfc)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000180)=0x6, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

3m33.040035021s ago: executing program 36 (id=2195):
r0 = syz_io_uring_setup(0x49f, &(0x7f0000000400)={0x0, 0xe7a8, 0x3700, 0x7ffe, 0x1af}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x44, 0x0, r0, 0x0, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0)

3m4.799190905s ago: executing program 6 (id=2267):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x40000)
ppoll(&(0x7f0000000000)=[{r0}], 0x1, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000300)=0x8)

3m3.111616289s ago: executing program 6 (id=2270):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040bd28420000000000000109022400010000000009040100020300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000380)={0x24, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x2, @string={0x2}}, &(0x7f0000000000)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0xb, "003e7aea"}]}}, 0x0}, 0x0)

3m0.444594325s ago: executing program 6 (id=2277):
r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchownat(r1, &(0x7f0000000080)='.\x00', 0xffffffffffffffff, 0x0, 0x0)

2m59.958049399s ago: executing program 6 (id=2281):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x2000002, &(0x7f0000005ac0)={[{@volume={'volume', 0x3d, 0x3e}}, {@gid}, {@mode={'mode', 0x3d, 0xe410}}, {@anchor}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@unhide}, {@noadinicb}, {@gid}, {@umask={'umask', 0x3d, 0x8}}]}, 0x1, 0xc32, &(0x7f0000000e00)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x800, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

2m57.862953185s ago: executing program 6 (id=2289):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendmmsg$inet6(r0, &(0x7f0000004cc0)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x1ff, @private0, 0x401}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000003c0)="f5", 0x1}], 0x1}}, {{&(0x7f0000000480)={0xa, 0x4e24, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8e}, 0x1c, &(0x7f0000000d80)=[{&(0x7f0000000c40)="ea", 0x1}], 0x1}}], 0x2, 0x40)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e24, 0x0, @empty}}, 0x0, 0x1, 0x3bf8580d, 0x0, 0xb3550aa4ba878396, 0x2}, 0x9c)

2m55.163058885s ago: executing program 6 (id=2295):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000500)="580000001400192340834b80043f679a10ff3d425f85b4141691c148c61bcdf1e4220000000001008048244a48fb6cfbe939ca28f23457e792945f64009400050028925aaa000000c600480000000000feff2c707f8f00ff", 0x58}], 0x1)

2m50.262988414s ago: executing program 37 (id=2295):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000500)="580000001400192340834b80043f679a10ff3d425f85b4141691c148c61bcdf1e4220000000001008048244a48fb6cfbe939ca28f23457e792945f64009400050028925aaa000000c600480000000000feff2c707f8f00ff", 0x58}], 0x1)

1m55.675932985s ago: executing program 7 (id=2521):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha224\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmsg$kcm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000680)="8b0be7082cfd611e322fc10c628af14dcd9f783367c1fb92968de934a46143e3ca4d2cf5c4c8305b33dd46c5f3a31aeb743ccfeead71f3719e9694faddfac99f70a3425374ba7b66ea8398c7367a38caa7059707a711eae62b2fd14f03be2c4f44f4bc7d3e2046e0135bbb83754025a596d60a168e59f67d70c374ab6297956baa550947e54779a48be45c2a892f403536707c85550828d2945703efd6822706808eee901b88f9ca38d90e4ddace053cb9e30ca676901ede", 0xb8}], 0x1}, 0x4000000)

1m55.112195665s ago: executing program 7 (id=2527):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e000000040000000400000003"], 0x48)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0xfffffffc}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x15, 0x1c, &(0x7f0000000400)=ANY=[@ANYBLOB="1808000060000000000000000000008018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bc0908000000000035090100000000009500000000070000b7020000000000007b9a00fe000000006609000000000000dbaaf0ff50000000bf8620000000000007080000f8ffffffbfa400000000000007040000f0ffffff770000000800000018220000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000180000084609f0ff76000000bf9800000000000056080000000018008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m54.547709791s ago: executing program 7 (id=2531):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x32)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000080))

1m53.930771714s ago: executing program 7 (id=2534):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x8, &(0x7f0000000600), 0x0, 0x554, &(0x7f0000000640)="$eJzs3U9oHNUfAPDvzCb59U9+JhURWxQDHipIt9larHpqe7GHggU9iHhoaDc1dNOEJAUTemjBi1BB1KuHXgTP3iV3byKoN48iVJGIJyEyu7PJmuwmIWSdJPP5wOy+N2+T9747vMx7M/NIAKU1lr2kEScj4noSMdJRNhB54Vjrcyt/3LuRbUmsrr71exJJvq/9+SR/P55njkTEd5cjnqxsrnd+cen2RKNRn8vzZxemZ8/OLy6dmZqeuFW/Vb9TO/fq+Qvjr9XO1/Ys1odfffbLlatvPvvxh++/Mvl940wSF2M4L+uMY6+Mxdjad9Ip+14v7HVlBRroOPYcLJX8+A1GxNMxEpW812dGYuphoY0D+mq1ErEKlFSi/0NJtccB7bl9P+bB+9njS60J0Ob4B1rXRuJIc250bCXpmBm15ruje1B/Vsff9059kW3Rp+sQW7n/ICKe6RZ/0mzbaPMqThZ/+q/404gYz9+z/ed2Wf/YhvxBiv9iR/yXd1l/0fEDUE7Ll1on8s3nv3Rt/BNdxj/DXc5du1H0+a/3+G89/kqP8d+1Hdbx80dXPu1V1jn+y7as/vZY8L/w+EHEqa7xJ2vxJ13iz8Y913dYxxs//HalV1nR8a8+ijjddf6zfkcr2fr+5NnJqUZ9vPXatY5vvn3vy171Fx1/dvyP9Yh/q+Of7ZvdYR1fX3s03ats+/jTX4eSt5upoXzPBxMLC3O1iKHk6ub920xE2p9p/44s/hdf2Lr/d4v/aDZ32GH8s+/cXtl9/P2VxX9zl8f/kx3W8de7d5/rVVZ0/AAAAAAAAHCYpM1nOZK0upZO02q1tYb3qTiWNmbmF16anLl752brmY/RGEzbd7pHWvkky9fy52Hb+XMb8i9HxImI+LxytJmv3php3Cw6eAAAAAAAAAAAAAAAAAAAANgnjm9Y//9npbX+HyiJgaIbABRG/4fy0v+hvPR/KC/9H8pL/4fy0v+hvPR/KC/9H8pL/4fy0v8BAAAA4FA68fzyT0lE3H/9aHPLDOVlg4W2DOi3tOgGAIWpFN0AoDBu/UN5meMDyTblR3oVLG/3kwAAAAAAAAAAAADAXjl90vp/KCvr/6G8rP+H8rL+H8rLHB+w/h8AAAAAAAAAAAAA9r/h5pak1Xwt8HCkabUa8f+IGI3BZHKqUR+PiCci4sfK4P+yfK3oRgMAAAAAAAAAAAAAAAAAAMAhM7+4dHui0ajPSUhISKwliv7LBAAAAAAAAAAAAAAAAAAA5bO+6LfolgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAcdb//3//EkXHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcTP8EAAD//wugIGI=")
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000002300)='./file0/../file0\x00', &(0x7f0000000240)='./file0\x00')

1m52.876325626s ago: executing program 7 (id=2540):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x2042, 0x19d)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000002c0), 0x1, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

1m52.28976205s ago: executing program 7 (id=2542):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x50, r1, 0x1, 0x20000002, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1711}], @key_params=[@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}], @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @key_params=[@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}]}]]}, 0x50}, 0x1, 0x0, 0x0, 0x4044040}, 0x0)

1m50.768638212s ago: executing program 38 (id=2542):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x50, r1, 0x1, 0x20000002, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1711}], @key_params=[@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}], @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @key_params=[@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}]}]]}, 0x50}, 0x1, 0x0, 0x0, 0x4044040}, 0x0)

11.460305186s ago: executing program 3 (id=2953):
r0 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080)
sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="cd", 0x1}], 0x1}, 0x240448c4)

10.008080257s ago: executing program 3 (id=2961):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r0, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r1 = syz_io_uring_setup(0x39, &(0x7f0000000580)={0x0, 0xaa9b, 0x13500}, &(0x7f0000000240), &(0x7f0000001880))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x21, &(0x7f0000000440), 0x1)

9.421476415s ago: executing program 3 (id=2964):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000009, 0x46031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})

8.794653338s ago: executing program 3 (id=2968):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)

8.215587987s ago: executing program 0 (id=2971):
r0 = socket$unix(0x1, 0x2, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000300)="c48877ea052bbd75e52c8e8dfc10ede917aeb849ed3ffce408810b04d62d87cb9fba77d7b022b7eaa46d10ff4823fbca88c515c8e067fdd3b8688d611f56a1", 0x3f}], 0x1}, 0x8000000)
syz_emit_ethernet(0x7a, &(0x7f0000000300)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa008100000086dd602e5cea00403c0020010000000000000000000000000002ff0200000000000000000000000000010004c910"], 0x0)

8.164977101s ago: executing program 3 (id=2972):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYBLOB="4400000010000305000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="1546010000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r1, @ANYBLOB="08000a00d3"], 0x44}}, 0x20008040)

7.602629164s ago: executing program 0 (id=2975):
unshare(0x24020400)
r0 = memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9b5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\\\xb0:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1exQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1.E\b1\xcb\xa2\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040))

7.372420283s ago: executing program 2 (id=2976):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x802}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x14, 0x42, 0x201, 0x0, 0x0, {0xa}}, 0x14}}, 0x40044c4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)

7.286337133s ago: executing program 8 (id=2977):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x105042, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
splice(r0, 0x0, r2, 0x0, 0x1fffffffffff, 0x0)

6.833482168s ago: executing program 0 (id=2978):
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
io_setup(0x81, &(0x7f0000000180)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000002340)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r1, 0x0}])

6.805560921s ago: executing program 2 (id=2979):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000080)='./file1\x00', 0x2, &(0x7f0000000400)=ANY=[], 0x1, 0xf0d, &(0x7f0000001e80)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiICYHhCVEEVCnCoOVFwolQJSkUCVKtRT21Or3npCvVCpSqWgHtpIiavYb9a7L/vY9cSetXd/P+nz2zdvdr5vbMeZmZ19G4CR1Vj7evToQhHCO5+9/ejLTxWfXF12V2uNA2tfi9hrhhAm2vpFsr0v4oLLF1860a0twuG1r2U/PHah9dyZEMJKOBA+D83w4dLyVx+8+8jBj1+bvuXNs8+8sk2735LuBwAADKPzf17++33//NMD85fO7z8eplrLy+PzZuzPxOP+Q/FAuTxeboTOftEW7SaT9cZiNJL1xpL1xpM845l8E8l2JjLrTfbIN9a2rNt+AgAAwG5Untc2Q9FY7Og3GouL6+f9V30xN1ksPnd6+dSZARUKAAAAVPafc2s33QohhBBCCCGEEGKIY3Vu0FcgAAAAgFGTzhd2jZWtnamrtbVmf/kvPNzo/nzYAnX//n99/ukB5+9ixPO//6q/OAAAVDesR5PlfpXH0eU8Buk8gmPJ8zZ7/N9ItjO+yTpz8wrulvkGc3Wm39edKlf/Zn+Og5KrP50Pc6fK1Z/O07lT5eqfqrmOqnL1d7nysyPl6t9Tcx1V5erfW3MdVeXqn6m5jqpy9c/WXEdVufpvqLmOqnL176u5jqpy9e+W22pz9TdrrqOqXP3zNddRVa7+G2uuo6pc/TfVXEdVufpvrrmOQbkztuX3YX9mvZku53S75RwPAAAARt3/zP8nhBBCtMf6LRCDr0MIIYQQYkvj3KAvQAAAAAADV74voHzX+2pUjo/1GB9vH5/eWKEcn+jx/Mke41M9xgEAAIAQfvf6qdveKjbmu7ve+fDKeaP2hE+uhArzGKXzEW42//XOe3a9+XfLvGUAAACMluIHn1+5/9H3Xpi/dH7/8baz3yvxfLecB3Q8Xhv4NPbL+wJmk35RnkMf78zTyKyXXh+4Ibe9x69zRwEAAGCElefvzVA0FtvOu5uh0Vhc3DgfXwgTxanTyycPxX75+Sx/nJuYurr8oZrrBgAAAPq3cb7f/fy//BzfhTBZLD53evnUmfX+bGv5RKP9usDcxvKi/bpAM1l+OLP8SOyXn9/5o7k9a8sXT/x4+amt3nkAAAAYEWdePPvMk8vLJ3/igQceeNB6MOi/TAAAwFb78su3J356ZPb36+//35j/7kp8cCD2m3Fuv7/E5eV9AuX7AK55v/4TnXnmcus937leM1lvLMZUUvd023bC2nyDnc+bz+Vrdm5nMpNvJsk3m+RL5ykYT9YvuswlGLrMT1iuN5csT+dhHE9yFEn+u7vkAgAAgNLSC88+v3TmxbMPnn72yadPPn3yuSOHj33/2LFDD33voaW1+/qX2u/uBwAAAHajjZt+B10JAAAAAAAAAAAAAAAAAAAAjK46Pk5s0PsIAAAAo+7f50IIK0JkovyAwUHXIXZyrE4NvobhjrBD/x2+/tHgaxBCCCF2R0wN/P9y531iJYTV1fST5gEAAAC21+WLL51ob6+xUmxpvtbWmuvNlZi3bGcf/Nv81ShXu/Bw5/WSvVtaDaOu7t9/+Xdq/qmu4++/urX5p8PG377Q19+/RucGjnf09vSb996lXy+08ocQbh/vM3+6/4/3m7HTwST/vaG//KvvJfmf6Og1+s1/X5J/b5/5r9n/5/vN2On+mH8h9g/e02/+zl0sf0vL/ej3F+C7yf4/FfrNn+x/s8+EiQdifgAYRa3/zVfPDbaQLVYeJZTH0zOxX+5vPNwM6d0Pmz3+byTbGb/uyju3Wx4H3Rr70606OvOWNlt/+X2Zje0NFetM7Za7SnL1b9XPcbvl6p+ouY6qcvVP1lxHVbn6u5+97zy5+qdrrqOqXP19X4gYsFz9u+W6cq7+mZrrqCpX/2zNdVSVq3+z/48PSq7+fTXXUVWu/rma66gqV3/Fy2q1y9U/X3MdVeXqv7HmOqrK1X9TzXVUlav/5prrGJQ7Yps7Hy7PP+fiWNlvJv2pLt/Lvl8MAQAAALbVv3bkPBBtVw4GXosQQgghhBDDH/9dXTfoOoQQ2xerq4O8+sCgbe+7mQHYqfz9H21+/qPNz3+0+fnzdcpX4oukXxrrMT7eY3yix/hkMp7+vk71GL8p2e5qeV0zurnH+DfiHuTG9/V4/q09xhd6jN/WY/z2HuN39BgHAABgNNwSW+eHAAAAMLxe/s2nb/z23icuzl86v/94mLxm3vlDsT8VX1t/PfbTee9LE/E1/5/F/q9i+4fY/iNZ3/0nAAAAsP3Kz4nx+j8AAAAMr/JzSp3/AwAAwPCaj63zfwAAABheN8bW+T8AAAAMsWK6++LYltcF7o5tv/P6AQA73zdje2ds98f2rth+K7blccA9sf12TfUBAFvnlz/8+bG3io35/o8k45fj8rK9xsr6lYKi0TmT/57Y7o3td/qsJ/08gH7zl/b1mWe78s9dZ34AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHg01r4ePbpQhPDOZ28/+ovJN/56ddldrTUOrH0tYq8ZQphoPa8c3eh/FFe8fPGlE+3tldgW4XAoQtFaHh670Mo0E0JYCQfC56EZPlxa/uqDdx85+PFr07e8efaZV7bxW9CxfwAAADCM/h8AAP//PZYhLQ==")
chdir(&(0x7f00000001c0)='./file0\x00')
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)

6.614162282s ago: executing program 3 (id=2980):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000380)={0x3c, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x4}]]}, 0x3c}}, 0x40048a4)

6.563994619s ago: executing program 8 (id=2981):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x8)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuseblk(&(0x7f0000000240), &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000440)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}})
mount$fuseblk(&(0x7f0000002440), &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)

6.403953585s ago: executing program 9 (id=2982):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffd51, &(0x7f0000000000)='cgroup\x00', <r0=>0x0}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000040)='cpu.max\x00', 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0], 0x8)

4.161557595s ago: executing program 39 (id=2980):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000380)={0x3c, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x4}]]}, 0x3c}}, 0x40048a4)

4.125704783s ago: executing program 9 (id=2984):
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f00000008c0)='./bus\x00', 0x808808, &(0x7f0000000380)=ANY=[@ANYBLOB="636f6465706167653d757466382c66696c655f756d61736b3d30303030303030303030303030303030303030303030332c696f636861727365743d63703737352c71756965742c008f7881d185c35a6a28ef06c5b85628f12a02248de249c2a338d049166371583781680d171f47"], 0x1, 0x2e2, &(0x7f0000000900)="$eJzs3T9v004cx/HPOUmb/lF//rVFSCygQiVYKgoMiCUIZWVnQkCTShVREW2RgIWCGBEPgJ2nwINgAfEEYGLiAXQzuvPZdVLHaaCJ2/J+SQnO+e78NfbF9zUKFoB/1p3m94/Xf9qXkSqqSLolBZLqUlXSGZ2tP9vc2djptFtFHVVcC/syiluaA3XWNtt5TW0718IL7aeqZrNlGI0oim7/cH9EZYeCErnRnyOQJv04dOvrY45rVHal82XHMG7ZA2z2tKfnmisxHADAMeCv/4G/TMy6IqMgkJb9Zf9UXf/3yg7gaN3oHCgqns9nrv9udhcZe3z/c6v28z2Xwtn1QZIlHiaYWs/nCcVnVtcE0wzKKl0swdT6RlUra6/VCvRGDS9TbdG9t+JTNzEg2qWc3LRA/95qujsd742bUfZKQlrf6LQn7UJO/AvDbfHvmc/mq7lvQn1QK53/VSNjD5M7UmHPkQpqNv6r/Xucca1sLfm0v9FoBF1V/ncbOee34A3Yy3p+RpLtM7lBsJtGUBSn2/a8um8rxHu3OqDVQl6rMP3Up9ViV6uKPxNW1p50Cm+ljEayi+a9uWeW9Euf1MzM/wMb37IyI7Poq964mv7MiPdnIr9m+nfT093+cLnQW3NyqP2CN9zdsnd6pJua237x8nGl02lv2YWHOQtPZ7eML6m9lXLrjH6hooI62t0viaxXUXTYnqNRBn/lSDu03x9piR0+eZXtKEtLgnEfplO3YEdKzqrmFxWdkCdnIYqkPqtG9TWF42TbJAfdF0yVHBDGzc67TJz/uZm8n9W5FMm+hQXz9IH/aJTpcTXN4LqngvPufXqoDG6mfwaX2eK1Pjmjy7kuXpYuZQqNCrcY+jhPCdPUNz3g/j8AAAAAAAAAAAAAAAAAAMBJc4Q/J0h+yXhgVcm7CAAAAAAAAAAAAAAAAAAAAADAifdHz//N+z/i3fN/w3E9/7f4yUAADuV3AAAA//+rand4")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000180), 0xfefc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)

4.10451948s ago: executing program 2 (id=2985):
unshare(0x22020600)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r0=>0x0, <r1=>0x0})
close(r0)
ppoll(&(0x7f000000c040)=[{r1, 0x2391}], 0x1, 0x0, 0x0, 0x0)

4.103899569s ago: executing program 0 (id=2986):
r0 = fsopen(&(0x7f00000000c0)='nilfs2\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x103a42, 0x18)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x8, 0x0, 0x0, 0x0)

4.054254789s ago: executing program 8 (id=2987):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r0 = epoll_create1(0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f00000000c0)={0x70000011})

3.426338326s ago: executing program 2 (id=2988):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000500)={0x20, r1, 0x1, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x4}]}, 0x20}}, 0x22044800)

3.340647836s ago: executing program 0 (id=2989):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001180)=@newqdisc={0x40, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x14, 0x2, [@TCA_HHF_EVICT_TIMEOUT={0x8, 0x6, 0x2}, @TCA_HHF_ADMIT_BYTES={0x8, 0x5, 0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40001}, 0x0)

3.33213795s ago: executing program 8 (id=2990):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r0, &(0x7f0000000a00)=ANY=[@ANYBLOB="7f454c46040700030700000000000000020003"], 0x58)
close(r0)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)

2.914632993s ago: executing program 9 (id=2991):
syz_mount_image$cramfs(&(0x7f0000000cc0), &(0x7f0000000000)='./file1\x00', 0x2800804, &(0x7f0000000040)=ANY=[], 0xf8, 0x161, &(0x7f00000004c0)="$eJzs0c9qE1EUx/HvnbnJRElMRIXgwmRnTAjkD7oTyYjBgHFAEdSVEEcUEiIG1GVDt10Eus2if7alr5C0XZSWZNOn6Ca7QpcpN5NhoM9wPrv7O4dzmDNvXs4Lisjrfu/3H38w8L/nP3jt5sfLyaRh8jiQMPVMWA/6pw34iWaqYTEEE5+k4MevO77V6XfNe9EAB7iHybu+RS8d7nMfaoYa7rK0w+zYWfVZ65VB9gg+0/XrxGLm/ViDmw7mVYDZLjxliXs/yKrAFWCDUnGwwkGtUu6Bgv/j0uHB+fvZWatc/OJv1ZqjZ8msXQL2cFXi1IpOMp+133ltb16v1V4kKlWL5xfmGmyM0G+Tf+GrAj121u3lYpzsE/0JNhVsr3YtjlTKfMTOtdcL+l6ZAf/sPKjcuPMtG9t3yFjYBW2qS24xv2hViS4ihBBCCCGEEEIIIYQQQgghhBBCRG4CAAD//+ZJR90=")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

2.656802904s ago: executing program 8 (id=2992):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@noload}]}, 0xfa, 0x47e, &(0x7f0000001840)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLQ7faHbLrCfTzK7zzMzu8/znZln55l5djeAjjWQPSQR/4uI3yOiL8/evsJA/nTz+qWxv69fGkuiXn/rr6Sx3o3rl8bKVcvXbc8z9XqR39Kk3MvvRoxOTU2cL/JDs2c/GJq5cPGFybOjpydOT5wbOX78yOF9PcdGjrYkziyuG3s+nt67+8Q7V94YO3nlvZ+SNPK4Y1EcrTKQb92mnm51YW22Y0E66c4ee4vc/l/mlzQ7EminrojIdlet0f77oiu23lrWF6991tbKARuqXq/Xl/lUnqsD97Ek2l0DoD3KE312/VtOm9T1uCtcezm/AMrivllM+ZLuSPPE/tqi69tWGoiIk3P/fJVNsUH3IQAAFvou6/8836z/l8bDeaIne/h/MYbSHxEPRMTOiHgwInZFxEMRjXUfiYhH11j+4hGSpf2f9OodB7cKWf/vpWJs6/b+X1qu0t9V5HY04q8lpyanJg4V2+Rg1Lacmkwmhpcp4/tXf/uiatnC/l82ZeWXfcGiHle7F92gGx+dHV1PzAtd+zRiT3ez+JPGuEAU43q7I2LPHZYx+Wx35bKV419G9duuWv3riGfy/T8Xi+IvJZXjk8MvHhs5OtQbUxOHhsqjYqmff738ZlX564q/BbL9v63p8X8r/v6kN2LmwsUzjfHambWXcfmPzyuvadZ4/J/YURz/PcnbjRk9xYKPRmdnzw9H9CSvL50/Mv9uZb5cP4v/4IHm7X9nzG+JxyJib0Tsi4jHs4vCou5PRMSTEXFgmfh/fOWp99ce/+aMlWbxj6+0/2Ph/l97ouvMD9+uHH9vRFTt/yON1MFizmo+/1ZbwfVsOwAAALhX5N+BT9LB+XQyOJh/h39XbEunpmdmnzs1/eG58fy78v1RS8s7XX0L7ocOF/eGy/zIovzh4r7xl11bG/nBsemp8XYHDx1u+5L2n6ZZ+8/82dXu2gEbrgXjaMA9SvuHzqX9Q2dKVmz/tU2rC7D5nP+hczVr/59Urj34zYZWBthUzv/QuVbR/ufyp+peAXBvcv6HzqX9Q0eq/G18uq6f/G9QIioX/Vv8n2G7a9g5iUjvimrc/4nuVf+ZRVWitrQt1/vy9p/N2dL0Ve3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiN/wIAAP//8pDkiQ==")
r0 = open(&(0x7f00000000c0)='.\x00', 0xc8000, 0x145)
getdents(r0, 0x0, 0x0)
getdents(r0, 0x0, 0x0)

2.060059012s ago: executing program 9 (id=2993):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newlink={0x68, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xd}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x38, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @private2}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}, @IFLA_IPTUN_COLLECT_METADATA={0x4}, @IFLA_IPTUN_LINK={0x8, 0x1, r2}]}}}]}, 0x68}}, 0x0)

1.367512543s ago: executing program 8 (id=2994):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=@migrate={0xec, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa, 0xe0}, 0x2}, [@migrate={0x9c, 0x11, [{@in=@private=0xa010100, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@private2, @in6=@local, 0x33, 0x0, 0x0, 0x2, 0x2, 0xa}, {@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@private2, @in=@rand_addr=0x64010102, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x8, 0x2}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x800}, 0x0)

982.169589ms ago: executing program 0 (id=2995):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000780)=ANY=[@ANYBLOB="12010000cf8bed20d90f25004029000000010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x24, &(0x7f0000000700)=ANY=[@ANYBLOB="201109"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000540)={0x1, 0x79, 0x4, &(0x7f0000000500)={0x14, "f2eb3419f0eadfc126c73da429a3f7eeb637eecf3b624c5198fc7c650c1b47117d"}})

863.778309ms ago: executing program 9 (id=2996):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x2, 0x7, 0x1, 0x1, 0x10000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180), &(0x7f00000001c0), 0x75, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

827.988514ms ago: executing program 2 (id=2997):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'macvlan1\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000140)="330520000000000000000000dffebf30f8784f997bea54fefe8717599e7dae766eaa89002095d0876200", 0x2a, 0x0, &(0x7f0000000300)={0x11, 0x5, r1, 0x1, 0x59, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

338.764601ms ago: executing program 2 (id=2998):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000040)='cpu.max.burst\x00', 0x2, 0x0)
r2 = dup(r1)
sendfile(r2, r2, 0x0, 0x400)

0s ago: executing program 9 (id=2999):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x4957, &(0x7f00000000c0)={0x0, 0xefed, 0x3180, 0x1, 0x40024e}, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000fcffffff1000000008000600000000001800018014000200776c616e300000000000000000000000080007"], 0x3c}}, 0x0)

kernel console output (not intermixed with test programs):

thout journal. Quota mode: writeback.
[  682.793758][T10699] ext4 filesystem being mounted at /422/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  683.101850][T10713] syzkaller1: tun_chr_ioctl cmd 1074025677
[  683.108741][T10713] syzkaller1: linktype set to 804
[  683.229370][   T30] audit: type=1800 audit(2000000327.910:71): pid=10714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1973" name="file2" dev="loop3" ino=16 res=0 errno=0
[  683.315300][   T30] audit: type=1800 audit(2000000328.010:72): pid=10699 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1973" name="file1" dev="loop3" ino=15 res=0 errno=0
[  683.945338][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  684.461330][T10722] loop6: detected capacity change from 0 to 1024
[  686.326632][T10735] loop1: detected capacity change from 0 to 64
[  686.406978][T10735] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  686.420411][T10734] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1983'.
[  687.444074][T10746] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2000'.
[  687.454070][T10746] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2000'.
[  688.558627][T10762] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1995'.
[  688.575291][T10762] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1995'.
[  689.457109][T10772] netlink: 'syz.3.2003': attribute type 4 has an invalid length.
[  690.499191][T10783] overlayfs: workdir and upperdir must be separate subtrees
[  691.326868][T10790] loop3: detected capacity change from 0 to 2048
[  691.393054][T10790] EXT4-fs: Ignoring removed nomblk_io_submit option
[  691.581359][T10790] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  691.651262][T10790] EXT4-fs error (device loop3): ext4_find_dest_de:2052: inode #12: block 5: comm syz.3.2011: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[  691.687662][T10790] EXT4-fs (loop3): Remounting filesystem read-only
[  692.234018][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  693.175576][T10812] loop6: detected capacity change from 0 to 2048
[  693.385653][T10818] loop5: detected capacity change from 0 to 512
[  693.435547][T10818] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  693.465900][T10812] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  693.605271][T10822] netlink: 'syz.3.2025': attribute type 1 has an invalid length.
[  693.623515][T10820] loop1: detected capacity change from 0 to 1024
[  693.654996][T10818] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  693.668991][T10818] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  693.983646][ T6928] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  694.260287][   T57] hfsplus: b-tree write err: -5, ino 4
[  694.495335][T10830] loop6: detected capacity change from 0 to 128
[  695.577412][T10844] loop6: detected capacity change from 0 to 128
[  695.647822][T10845] loop5: detected capacity change from 0 to 256
[  695.707903][T10845] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  695.758420][T10844] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  695.853060][T10844] ext4 filesystem being mounted at /170/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  695.893865][T10845] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  696.041259][T10850] Bluetooth: MGMT ver 1.23
[  696.643090][ T8737] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  696.741272][T10856] loop4: detected capacity change from 0 to 128
[  696.790877][T10856] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  697.536175][ T3818] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  699.244600][T10884] loop5: detected capacity change from 0 to 64
[  699.597564][T10886] loop1: detected capacity change from 0 to 512
[  699.668238][T10886] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  699.682118][T10886] UDF-fs: Scanning with blocksize 512 failed
[  699.708915][T10886] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  699.722883][T10886] UDF-fs: Scanning with blocksize 1024 failed
[  699.779030][T10886] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  699.792710][T10886] UDF-fs: Scanning with blocksize 2048 failed
[  699.858078][T10886] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  700.006607][T10886] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  700.184313][   T30] audit: type=1800 audit(2000000344.900:73): pid=10886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2052" name="file1" dev="loop1" ino=36 res=0 errno=0
[  701.388075][T10895] loop4: detected capacity change from 0 to 4096
[  701.413283][   T32] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  701.509960][T10895] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  701.630918][   T32] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  701.641736][   T32] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  701.653542][   T32] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  701.663835][   T32] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  701.838669][T10895] ntfs3(loop4): ino=19, mi_enum_attr
[  701.845949][T10895] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  701.874111][   T32] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00
[  701.884857][   T32] usb 7-1: New USB device strings: Mfr=64, Product=0, SerialNumber=0
[  701.893843][   T32] usb 7-1: Manufacturer: syz
[  701.952246][   T32] usb 7-1: config 0 descriptor??
[  702.413271][   T32] keytouch 0003:0926:3333.000F: fixing up Keytouch IEC report descriptor
[  702.550190][   T32] input: syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:0926:3333.000F/input/input25
[  702.760972][   T32] keytouch 0003:0926:3333.000F: input,hidraw0: USB HID v0.00 Keyboard [syz] on usb-dummy_hcd.6-1/input0
[  702.851963][   T32] usb 7-1: USB disconnect, device number 7
[  703.127548][T10915] loop4: detected capacity change from 0 to 512
[  703.182904][T10915] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  703.362472][T10915] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  703.376180][T10915] ext4 filesystem being mounted at /400/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  704.235514][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  705.785583][T10947] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2075'.
[  707.840163][T10968] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2087'.
[  708.732961][T10974] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2090'.
[  708.824843][T10978] overlayfs: overlapping lowerdir path
[  708.833201][T10979] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  708.961415][T10982] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2094'.
[  709.452096][T10989] input: syz0 as /devices/virtual/input/input26
[  710.048442][T10999] loop1: detected capacity change from 0 to 64
[  710.863553][T11009] loop4: detected capacity change from 0 to 512
[  710.915744][T11009] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  710.988278][T11009] FAT-fs (loop4): Directory bread(block 1056) failed
[  710.997285][T11009] FAT-fs (loop4): Directory bread(block 1057) failed
[  711.005115][T11009] FAT-fs (loop4): Directory bread(block 1058) failed
[  711.012730][T11009] FAT-fs (loop4): Directory bread(block 1059) failed
[  711.022664][T11009] FAT-fs (loop4): Directory bread(block 1060) failed
[  711.033257][T11009] FAT-fs (loop4): Directory bread(block 1061) failed
[  711.041492][T11009] FAT-fs (loop4): Directory bread(block 1062) failed
[  711.048555][T11009] FAT-fs (loop4): Directory bread(block 1063) failed
[  711.055685][T11009] FAT-fs (loop4): Directory bread(block 1064) failed
[  711.062951][T11009] FAT-fs (loop4): Directory bread(block 1065) failed
[  711.179959][T11009] syz.4.2107: attempt to access beyond end of device
[  711.179959][T11009] loop4: rw=2051, sector=1440, nr_sectors = 64 limit=512
[  712.945637][T11027] netlink: 'syz.5.2114': attribute type 3 has an invalid length.
[  712.954093][T11027] netlink: 116 bytes leftover after parsing attributes in process `syz.5.2114'.
[  713.430438][T11031] loop1: detected capacity change from 0 to 1764
[  713.475367][T11033] loop4: detected capacity change from 0 to 64
[  713.638503][T11033] Trying to free block not in datazone
[  714.896057][ T5865] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  715.161197][ T5865] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  715.171703][ T5865] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  715.189020][T11052] loop3: detected capacity change from 0 to 128
[  715.207659][ T5865] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  715.217568][ T5865] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  715.229105][ T5865] usb 5-1: SerialNumber: syz
[  715.243598][T11052] EXT4-fs: Ignoring removed nobh option
[  715.424643][T11052] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  715.504102][T11052] ext4 filesystem being mounted at /453/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  715.629381][ T5865] usb 5-1: 0:2 : does not exist
[  715.727497][ T5865] usb 5-1: USB disconnect, device number 6
[  715.886299][ T3555] bridge_slave_1: left allmulticast mode
[  715.892413][ T3555] bridge_slave_1: left promiscuous mode
[  715.899205][ T3555] bridge0: port 2(bridge_slave_1) entered disabled state
[  715.921397][ T3555] bridge_slave_0: left allmulticast mode
[  715.928216][ T3555] bridge_slave_0: left promiscuous mode
[  715.937820][ T3555] bridge0: port 1(bridge_slave_0) entered disabled state
[  715.967629][ T5820] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  716.412612][ T3555] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  716.448816][ T3555] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  716.502767][ T3555] bond0 (unregistering): Released all slaves
[  717.017522][ T3555] hsr_slave_0: left promiscuous mode
[  717.033387][ T3555] hsr_slave_1: left promiscuous mode
[  717.041861][ T3555] batman_adv: batadv0: Removing interface: batadv_slave_0
[  717.054297][ T3555] batman_adv: batadv0: Removing interface: batadv_slave_1
[  717.834680][ T3555] team0 (unregistering): Port device team_slave_1 removed
[  717.961526][ T3555] team0 (unregistering): Port device team_slave_0 removed
[  718.052116][T11064] block nbd1: server does not support multiple connections per device.
[  718.086778][T11064] block nbd1: shutting down sockets
[  718.997838][T11071] pimreg: tun_chr_ioctl cmd 1074025677
[  719.005371][T11071] pimreg: linktype set to 780
[  719.013268][T10421] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  719.036633][T10421] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  719.107338][T10421] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  719.157704][T10421] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  719.170611][T10421] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  719.331915][   T30] audit: type=1326 audit(2000000364.010:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[  719.452988][   T30] audit: type=1326 audit(2000000364.190:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf704e539 code=0x7ffc0000
[  719.465863][ T3555] IPVS: stop unused estimator thread 0...
[  719.476427][   T30] audit: type=1326 audit(2000000364.190:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf704e539 code=0x7ffc0000
[  719.505848][   T30] audit: type=1326 audit(2000000364.190:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf704e539 code=0x7ffc0000
[  719.531610][   T30] audit: type=1326 audit(2000000364.190:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf704e539 code=0x7ffc0000
[  719.596386][T11074] loop3: detected capacity change from 0 to 128
[  719.678494][   T30] audit: type=1326 audit(2000000364.330:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf704e539 code=0x7ffc0000
[  719.704214][   T30] audit: type=1326 audit(2000000364.330:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf704e539 code=0x7ffc0000
[  719.727870][   T30] audit: type=1326 audit(2000000364.340:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf704e539 code=0x7ffc0000
[  719.757124][   T30] audit: type=1326 audit(2000000364.340:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf704e539 code=0x7ffc0000
[  719.781564][   T30] audit: type=1326 audit(2000000364.340:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11073 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf704e539 code=0x7ffc0000
[  720.121650][T11082] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2139'.
[  720.131718][T11082] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2139'.
[  720.849002][T11093] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2144'.
[  720.886283][T11093] bond0: entered promiscuous mode
[  720.891775][T11093] bond_slave_0: entered promiscuous mode
[  720.899096][T11093] bond_slave_1: entered promiscuous mode
[  720.999946][T11093] bond0: left promiscuous mode
[  721.005124][T11093] bond_slave_0: left promiscuous mode
[  721.012465][T11093] bond_slave_1: left promiscuous mode
[  721.187920][T11067] chnl_net:caif_netlink_parms(): no params data found
[  721.235047][T10421] Bluetooth: hci1: command tx timeout
[  721.363794][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  721.374009][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  723.208967][T11067] bridge0: port 1(bridge_slave_0) entered blocking state
[  723.221448][T11067] bridge0: port 1(bridge_slave_0) entered disabled state
[  723.229311][T11067] bridge_slave_0: entered allmulticast mode
[  723.239903][T11067] bridge_slave_0: entered promiscuous mode
[  723.329836][T10421] Bluetooth: hci1: command tx timeout
[  723.498350][T11067] bridge0: port 2(bridge_slave_1) entered blocking state
[  723.506833][T11067] bridge0: port 2(bridge_slave_1) entered disabled state
[  723.515250][T11067] bridge_slave_1: entered allmulticast mode
[  723.533574][T11067] bridge_slave_1: entered promiscuous mode
[  724.048944][T11067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  724.144454][T11067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  724.428621][T11067] team0: Port device team_slave_0 added
[  724.502927][T11067] team0: Port device team_slave_1 added
[  724.881035][T11067] batman_adv: batadv0: Adding interface: batadv_slave_0
[  724.888298][T11067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  724.917143][T11067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  725.033428][T11067] batman_adv: batadv0: Adding interface: batadv_slave_1
[  725.040914][T11067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  725.071575][T11067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  725.194692][T11148] 8021q: adding VLAN 0 to HW filter on device batadv1
[  725.208523][T11148] batadv1: entered promiscuous mode
[  725.218994][T11148] team0: Port device batadv1 added
[  725.400178][T10421] Bluetooth: hci1: command tx timeout
[  725.645169][T11067] hsr_slave_0: entered promiscuous mode
[  725.656483][T11067] hsr_slave_1: entered promiscuous mode
[  726.191943][   T24] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  726.410036][ T5871] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  726.420907][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  726.439751][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  726.456523][   T24] usb 6-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  726.467111][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  726.516693][   T24] usb 6-1: config 0 descriptor??
[  726.600330][ T5871] usb 7-1: Using ep0 maxpacket: 16
[  726.658379][ T5871] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  726.670597][ T5871] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  726.769972][ T5871] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  726.779863][ T5871] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  726.788305][ T5871] usb 7-1: Product: syz
[  726.793075][ T5871] usb 7-1: Manufacturer: syz
[  726.801889][ T5871] usb 7-1: SerialNumber: syz
[  726.922050][ T5871] usb 7-1: config 0 descriptor??
[  726.950250][ T5871] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  726.960342][ T5871] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class)
[  727.300289][   T24] hid-led 0003:27B8:01ED.0010: probe with driver hid-led failed with error -71
[  727.351567][   T24] usb 6-1: USB disconnect, device number 10
[  727.398819][T11067] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  727.473340][T10421] Bluetooth: hci1: command tx timeout
[  727.491772][T11067] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  727.550497][T11067] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  727.584384][ T5871] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[  727.601395][T11067] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  727.650399][T11168] loop3: detected capacity change from 0 to 4096
[  727.731474][T11168] NILFS (loop3): invalid segment: Checksum error in segment payload
[  727.740833][T11168] NILFS (loop3): trying rollback from an earlier position
[  727.810711][ T5871] em28xx 7-1:0.0: Config register raw data: 0xfffffffb
[  727.841696][ T5871] em28xx 7-1:0.0: AC97 chip type couldn't be determined
[  727.849124][ T5871] em28xx 7-1:0.0: No AC97 audio processor
[  727.888730][ T5871] usb 7-1: USB disconnect, device number 8
[  727.895651][T11168] NILFS (loop3): recovery complete
[  727.906125][ T5871] em28xx 7-1:0.0: Disconnecting em28xx
[  727.919128][T11172] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  727.990582][ T5871] em28xx 7-1:0.0: Freeing device
[  728.236805][T11174] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2177'.
[  728.248069][T11174] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2177'.
[  728.891217][T11067] 8021q: adding VLAN 0 to HW filter on device bond0
[  729.097361][T11067] 8021q: adding VLAN 0 to HW filter on device team0
[  729.142657][T11183] loop4: detected capacity change from 0 to 1024
[  729.236961][ T3571] bridge0: port 1(bridge_slave_0) entered blocking state
[  729.244806][ T3571] bridge0: port 1(bridge_slave_0) entered forwarding state
[  729.315536][T11183] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  729.394496][ T3571] bridge0: port 2(bridge_slave_1) entered blocking state
[  729.402346][ T3571] bridge0: port 2(bridge_slave_1) entered forwarding state
[  729.701072][T11067] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  729.712347][T11067] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  730.163546][ T5822] EXT4-fs warning (device loop4): ext4_empty_dir:3099: inode #11: comm syz-executor: directory missing '..'
[  730.245422][ T5822] EXT4-fs warning (device loop4): ext4_empty_dir:3099: inode #11: comm syz-executor: directory missing '..'
[  730.302509][ T5822] EXT4-fs warning (device loop4): ext4_empty_dir:3099: inode #11: comm syz-executor: directory missing '..'
[  730.348654][ T5822] EXT4-fs warning (device loop4): ext4_empty_dir:3099: inode #11: comm syz-executor: directory missing '..'
[  730.417259][T11197] loop5: detected capacity change from 0 to 2048
[  730.424200][ T5822] EXT4-fs warning (device loop4): ext4_empty_dir:3099: inode #11: comm syz-executor: directory missing '..'
[  730.426786][ T5822] EXT4-fs warning (device loop4): ext4_empty_dir:3099: inode #11: comm syz-executor: directory missing '..'
[  730.539376][ T5822] EXT4-fs warning (device loop4): ext4_empty_dir:3099: inode #11: comm syz-executor: directory missing '..'
[  730.567146][T11197] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  730.633794][ T5822] EXT4-fs warning (device loop4): ext4_empty_dir:3099: inode #11: comm syz-executor: directory missing '..'
[  730.705568][ T5822] EXT4-fs warning (device loop4): ext4_empty_dir:3099: inode #11: comm syz-executor: directory missing '..'
[  730.766186][T11197] overlayfs: upper fs needs to support d_type.
[  730.828945][ T5822] EXT4-fs warning (device loop4): ext4_empty_dir:3099: inode #11: comm syz-executor: directory missing '..'
[  730.907465][T11197] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  730.916191][T11197] overlayfs: failed to set xattr on upper
[  730.922503][T11197] overlayfs: ...falling back to redirect_dir=nofollow.
[  730.929690][T11197] overlayfs: ...falling back to index=off.
[  730.935684][T11197] overlayfs: ...falling back to uuid=null.
[  731.436536][ T6928] UDF-fs: error (device loop5): udf_read_inode: (ino 1440) failed !bh
[  731.479090][ T6928] UDF-fs: error (device loop5): udf_read_inode: (ino 1440) failed !bh
[  731.587967][T11205] loop6: detected capacity change from 0 to 4096
[  731.670086][T11205] EXT4-fs (loop6): Test dummy encryption mode enabled
[  731.757363][T11205] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  731.825599][T11205] System zones: 0-5
[  731.882937][T11205] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  731.925205][T11212] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2192'.
[  731.952487][T11212] xfrm1: entered promiscuous mode
[  731.957759][T11212] xfrm1: entered allmulticast mode
[  732.082272][T11067] 8021q: adding VLAN 0 to HW filter on device batadv0
[  732.290332][T10756] bridge0: port 3(syz_tun) entered disabled state
[  732.372735][T10756] syz_tun (unregistering): left allmulticast mode
[  732.386842][T10756] syz_tun (unregistering): left promiscuous mode
[  732.395759][T10756] bridge0: port 3(syz_tun) entered disabled state
[  732.443663][ T8737] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  732.494940][ T9880] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  732.544029][ T1839] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  732.725947][ T1839] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  732.903611][ T1839] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  732.995758][ T1839] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  733.491384][ T1839] bridge_slave_1: left allmulticast mode
[  733.497984][ T1839] bridge_slave_1: left promiscuous mode
[  733.506868][ T1839] bridge0: port 2(bridge_slave_1) entered disabled state
[  733.598907][ T1839] bridge_slave_0: left allmulticast mode
[  733.605155][ T1839] bridge_slave_0: left promiscuous mode
[  733.612370][ T1839] bridge0: port 1(bridge_slave_0) entered disabled state
[  734.431502][ T1839] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  734.491827][ T1839] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  734.550678][ T1839] bond0 (unregistering): Released all slaves
[  735.382105][ T1839] hsr_slave_0: left promiscuous mode
[  735.401964][ T1839] hsr_slave_1: left promiscuous mode
[  735.410510][ T1839] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  735.418128][ T1839] batman_adv: batadv0: Removing interface: batadv_slave_0
[  735.492705][ T1839] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  735.503608][ T1839] batman_adv: batadv0: Removing interface: batadv_slave_1
[  735.601844][ T1839] veth1_vlan: left allmulticast mode
[  735.613608][ T1839] veth1_macvtap: left promiscuous mode
[  735.619848][ T1839] veth0_macvtap: left promiscuous mode
[  735.625849][ T1839] veth1_vlan: left promiscuous mode
[  735.632707][ T1839] veth0_vlan: left promiscuous mode
[  736.906435][ T5865] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  737.187316][ T1839] team0 (unregistering): Port device team_slave_1 removed
[  737.270951][ T5865] usb 7-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  737.281448][ T5865] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  737.283627][   T24] kernel write not supported for file /input/mouse0 (pid: 24 comm: kworker/1:0)
[  737.291367][ T5865] usb 7-1: Product: syz
[  737.303164][ T1839] team0 (unregistering): Port device team_slave_0 removed
[  737.307627][ T5865] usb 7-1: Manufacturer: syz
[  737.320332][ T5865] usb 7-1: SerialNumber: syz
[  737.595735][ T5865] r8152-cfgselector 7-1: Unknown version 0x0000
[  737.602417][ T5865] r8152-cfgselector 7-1: config 0 descriptor??
[  737.812153][ T5112] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  737.839835][ T5112] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  737.885564][ T5112] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  738.101505][ T5112] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  738.203130][ T5112] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  738.221642][   T32] r8152-cfgselector 7-1: USB disconnect, device number 9
[  738.343274][T11067] veth0_vlan: entered promiscuous mode
[  738.358365][ T5816] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  738.403702][T11067] veth1_vlan: entered promiscuous mode
[  738.454813][ T5816] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  738.481799][ T5816] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  738.563245][ T5816] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  738.600932][ T5816] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  738.774727][ T1839] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  738.935718][ T1839] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  739.054669][ T1839] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  739.326158][ T1839] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  739.438471][T11067] veth0_macvtap: entered promiscuous mode
[  739.595082][T11067] veth1_macvtap: entered promiscuous mode
[  740.104222][T11067] batman_adv: batadv0: Interface activated: batadv_slave_0
[  740.141857][ T1839] bridge_slave_1: left allmulticast mode
[  740.147838][ T1839] bridge_slave_1: left promiscuous mode
[  740.155429][ T1839] bridge0: port 2(bridge_slave_1) entered disabled state
[  740.188660][ T1839] bridge_slave_0: left allmulticast mode
[  740.194976][ T1839] bridge_slave_0: left promiscuous mode
[  740.202095][ T1839] bridge0: port 1(bridge_slave_0) entered disabled state
[  740.319172][T11254] loop6: detected capacity change from 0 to 2048
[  740.371007][ T5816] Bluetooth: hci2: command tx timeout
[  740.525114][T11254] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  740.683403][ T5816] Bluetooth: hci4: command tx timeout
[  740.692371][T11254] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2206: bg 0: block 464: padding at end of block bitmap is not set
[  740.795496][ T1839] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  740.818527][T11261] loop3: detected capacity change from 0 to 128
[  740.835010][ T1839] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  740.863788][T11261] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  740.866334][ T1839] bond0 (unregistering): Released all slaves
[  740.974815][ T8737] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  741.040182][T11067] batman_adv: batadv0: Interface activated: batadv_slave_1
[  741.061956][T11261] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  741.072652][T11237] chnl_net:caif_netlink_parms(): no params data found
[  741.179693][ T1839] tipc: Left network mode
[  741.273274][   T57] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  741.521969][   T57] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  741.531681][   T57] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  741.626463][   T57] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  742.219927][ T1839] hsr_slave_0: left promiscuous mode
[  742.263645][ T1839] hsr_slave_1: left promiscuous mode
[  742.272825][ T1839] batman_adv: batadv0: Removing interface: batadv_slave_0
[  742.333702][ T1839] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  742.341740][ T1839] batman_adv: batadv0: Removing interface: batadv_slave_1
[  742.435085][ T5816] Bluetooth: hci2: command tx timeout
[  742.538724][ T1839] team_slave_0: left promiscuous mode
[  742.544768][ T1839] team_slave_1: left promiscuous mode
[  742.552409][ T1839] veth1_macvtap: left promiscuous mode
[  742.558183][ T1839] veth0_macvtap: left promiscuous mode
[  742.564227][ T1839] veth1_vlan: left promiscuous mode
[  742.572403][ T1839] veth0_vlan: left promiscuous mode
[  742.750535][ T5816] Bluetooth: hci4: command tx timeout
[  743.451920][ T1839] team0 (unregistering): Port device team_slave_1 removed
[  743.509235][ T1839] team0 (unregistering): Port device team_slave_0 removed
[  744.151377][T11241] chnl_net:caif_netlink_parms(): no params data found
[  744.553468][ T5816] Bluetooth: hci2: command tx timeout
[  744.605245][ T1839] IPVS: stop unused estimator thread 0...
[  744.692441][T11237] bridge0: port 1(bridge_slave_0) entered blocking state
[  744.703307][T11237] bridge0: port 1(bridge_slave_0) entered disabled state
[  744.711532][T11237] bridge_slave_0: entered allmulticast mode
[  744.725139][T11237] bridge_slave_0: entered promiscuous mode
[  744.786191][T11237] bridge0: port 2(bridge_slave_1) entered blocking state
[  744.797372][T11237] bridge0: port 2(bridge_slave_1) entered disabled state
[  744.805396][T11237] bridge_slave_1: entered allmulticast mode
[  744.816346][T11237] bridge_slave_1: entered promiscuous mode
[  744.832287][ T5816] Bluetooth: hci4: command tx timeout
[  745.154602][T11237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  745.234151][T11237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  745.357532][T11286] sctp: failed to load transform for md5: -2
[  745.646086][T11237] team0: Port device team_slave_0 added
[  745.722734][T11237] team0: Port device team_slave_1 added
[  745.970660][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  745.970766][   T30] audit: type=1326 audit(2000000390.700:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11299 comm="syz.3.2215" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf704e539 code=0x0
[  746.008775][T11237] batman_adv: batadv0: Adding interface: batadv_slave_0
[  746.018539][T11237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  746.045561][T11237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  746.051459][T11243] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  746.145005][T11241] bridge0: port 1(bridge_slave_0) entered blocking state
[  746.158800][T11241] bridge0: port 1(bridge_slave_0) entered disabled state
[  746.168461][T11241] bridge_slave_0: entered allmulticast mode
[  746.178770][T11241] bridge_slave_0: entered promiscuous mode
[  746.199296][T11237] batman_adv: batadv0: Adding interface: batadv_slave_1
[  746.207762][T11237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  746.231358][T11243] usb 7-1: Using ep0 maxpacket: 8
[  746.235365][T11237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  746.260304][T11241] bridge0: port 2(bridge_slave_1) entered blocking state
[  746.268082][T11241] bridge0: port 2(bridge_slave_1) entered disabled state
[  746.275369][T11243] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  746.275525][T11243] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  746.286464][T11241] bridge_slave_1: entered allmulticast mode
[  746.295585][T11243] usb 7-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  746.305434][T11241] bridge_slave_1: entered promiscuous mode
[  746.310848][T11243] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.410003][T11243] usb 7-1: config 0 descriptor??
[  746.604651][ T5816] Bluetooth: hci2: command tx timeout
[  746.638874][T11237] hsr_slave_0: entered promiscuous mode
[  746.651286][T11237] hsr_slave_1: entered promiscuous mode
[  746.660748][T11237] debugfs: 'hsr0' already exists in 'hsr'
[  746.669080][T11237] Cannot create hsr debugfs directory
[  746.695529][T11241] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  746.720594][T11241] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  746.749099][T11243] usb 7-1: USB disconnect, device number 10
[  746.917806][ T5816] Bluetooth: hci4: command tx timeout
[  747.237005][T11306] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  747.259503][T11241] team0: Port device team_slave_0 added
[  747.294918][T11241] team0: Port device team_slave_1 added
[  747.808556][T11241] batman_adv: batadv0: Adding interface: batadv_slave_0
[  747.816219][T11241] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  747.842868][T11241] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  747.917718][T11241] batman_adv: batadv0: Adding interface: batadv_slave_1
[  747.925199][T11241] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  747.952621][T11241] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  748.110330][T11243] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  748.174905][T11237] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  748.241985][T11237] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  748.332051][T11243] usb 7-1: Using ep0 maxpacket: 32
[  748.356568][T11243] usb 7-1: config 0 has an invalid interface number: 35 but max is 0
[  748.367244][T11243] usb 7-1: config 0 has no interface number 0
[  748.374058][T11243] usb 7-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  748.385804][T11243] usb 7-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  748.514763][T11243] usb 7-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[  748.524479][T11243] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  748.532998][T11243] usb 7-1: Product: syz
[  748.537476][T11243] usb 7-1: Manufacturer: syz
[  748.542548][T11243] usb 7-1: SerialNumber: syz
[  748.567527][T11237] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  748.587332][T11243] usb 7-1: config 0 descriptor??
[  748.635855][T11241] hsr_slave_0: entered promiscuous mode
[  748.647001][T11241] hsr_slave_1: entered promiscuous mode
[  748.656564][T11241] debugfs: 'hsr0' already exists in 'hsr'
[  748.662882][T11241] Cannot create hsr debugfs directory
[  748.857016][T11237] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  749.141119][T11243] radio-si470x 7-1:0.35: si470x_get_report: usb_control_msg returned -71
[  749.151529][T11243] radio-si470x 7-1:0.35: probe with driver radio-si470x failed with error -5
[  749.200302][T11243] radio-raremono 7-1:0.35: this is not Thanko's Raremono.
[  749.260789][T11243] usb 7-1: USB disconnect, device number 11
[  749.562523][T11323] loop6: detected capacity change from 0 to 524287999
[  750.104030][T11241] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  750.215635][T11241] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  750.329944][T11241] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  750.405804][T11241] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  750.738677][T11237] 8021q: adding VLAN 0 to HW filter on device bond0
[  750.784307][ T3888] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  750.792712][ T3888] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  751.021028][T11237] 8021q: adding VLAN 0 to HW filter on device team0
[  751.091278][ T4041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  751.100026][ T4041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  751.145731][ T1829] bridge0: port 1(bridge_slave_0) entered blocking state
[  751.153664][ T1829] bridge0: port 1(bridge_slave_0) entered forwarding state
[  751.279603][ T1829] bridge0: port 2(bridge_slave_1) entered blocking state
[  751.287283][ T1829] bridge0: port 2(bridge_slave_1) entered forwarding state
[  752.113572][T11241] 8021q: adding VLAN 0 to HW filter on device bond0
[  752.376674][T11241] 8021q: adding VLAN 0 to HW filter on device team0
[  752.531419][ T1829] bridge0: port 1(bridge_slave_0) entered blocking state
[  752.539107][ T1829] bridge0: port 1(bridge_slave_0) entered forwarding state
[  752.673763][ T1829] bridge0: port 2(bridge_slave_1) entered blocking state
[  752.681473][ T1829] bridge0: port 2(bridge_slave_1) entered forwarding state
[  753.648055][T11354] loop7: detected capacity change from 0 to 1024
[  754.261262][ T1829] hfsplus: b-tree write err: -5, ino 8
[  754.322413][T11237] 8021q: adding VLAN 0 to HW filter on device batadv0
[  754.826035][T11369] sctp: [Deprecated]: syz.7.2235 (pid 11369) Use of int in max_burst socket option deprecated.
[  754.826035][T11369] Use struct sctp_assoc_value instead
[  755.187583][T11241] 8021q: adding VLAN 0 to HW filter on device batadv0
[  755.715381][T11379] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2238'.
[  756.132458][T11384] loop7: detected capacity change from 0 to 512
[  757.350182][T11237] veth0_vlan: entered promiscuous mode
[  757.464573][T11237] veth1_vlan: entered promiscuous mode
[  757.860587][T11237] veth0_macvtap: entered promiscuous mode
[  757.977526][T11237] veth1_macvtap: entered promiscuous mode
[  758.062759][T11406] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  758.263304][T11237] batman_adv: batadv0: Interface activated: batadv_slave_0
[  758.445763][T11237] batman_adv: batadv0: Interface activated: batadv_slave_1
[  758.525598][ T1839] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  758.557495][T11241] veth0_vlan: entered promiscuous mode
[  758.628992][ T1839] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  758.685543][ T1839] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  758.738128][ T1839] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  758.770654][T11241] veth1_vlan: entered promiscuous mode
[  759.197992][T11241] veth0_macvtap: entered promiscuous mode
[  759.278476][T11241] veth1_macvtap: entered promiscuous mode
[  759.522331][T11241] batman_adv: batadv0: Interface activated: batadv_slave_0
[  759.669977][T11241] batman_adv: batadv0: Interface activated: batadv_slave_1
[  759.874396][ T3555] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  759.955440][ T3555] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  760.014042][ T3555] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  760.064236][ T3857] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  761.382236][T11429] sctp: failed to load transform for md5: -2
[  761.810551][ T5865] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  761.989692][ T5865] usb 8-1: Using ep0 maxpacket: 32
[  762.032200][ T5865] usb 8-1: config 0 has an invalid interface number: 51 but max is 0
[  762.040978][ T5865] usb 8-1: config 0 has no interface number 0
[  762.141444][ T5865] usb 8-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  762.152409][ T5865] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  762.160771][ T5865] usb 8-1: Product: syz
[  762.165152][ T5865] usb 8-1: Manufacturer: syz
[  762.170318][ T5865] usb 8-1: SerialNumber: syz
[  762.370911][ T5865] usb 8-1: config 0 descriptor??
[  762.414338][ T5865] quatech2 8-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  762.691138][ T5865] usb 8-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  762.731309][ T5865] usb 8-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  763.153464][    C0] usb 8-1: qt2_read_bulk_callback - non-zero urb status: -71
[  763.157037][   T24] usb 8-1: USB disconnect, device number 2
[  763.260172][   T24] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  763.332615][   T24] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  763.346167][   T24] quatech2 8-1:0.51: device disconnected
[  764.016876][T11466] loop3: detected capacity change from 0 to 16
[  764.090184][T11466] erofs (device loop3): mounted with root inode @ nid 36.
[  765.571713][T11478] loop3: detected capacity change from 0 to 4096
[  765.957426][T11478] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  765.998384][T11490] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2269'.
[  766.655226][ T1829] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  766.663879][ T1829] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  766.687285][   T24] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  766.831791][   T30] audit: type=1800 audit(2000000411.540:97): pid=11498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2266" name="file2" dev="loop3" ino=31 res=0 errno=0
[  766.922399][   T24] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  766.931048][   T24] usb 7-1: config 0 has no interface number 0
[  766.940186][   T24] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  766.952300][   T24] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  766.962685][   T24] usb 7-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  766.976528][   T24] usb 7-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[  766.985724][ T3818] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  766.985825][ T3818] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  767.005557][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  767.173901][   T24] usb 7-1: config 0 descriptor??
[  767.890858][ T3888] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  767.899173][ T3888] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  767.951508][   T24] input: HID 28bd:0042 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.1/0003:28BD:0042.0011/input/input27
[  768.101370][ T1829] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  768.109852][ T1829] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  768.141525][   T24] uclogic 0003:28BD:0042.0011: input,hidraw0: USB HID v0.00 Keypad [HID 28bd:0042] on usb-dummy_hcd.6-1/input1
[  768.223382][   T24] usb 7-1: USB disconnect, device number 12
[  768.240190][ T5865] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  768.429310][ T5865] usb 8-1: Using ep0 maxpacket: 16
[  768.491289][ T5865] usb 8-1: config 0 has an invalid interface number: 119 but max is 0
[  768.501678][ T5865] usb 8-1: config 0 has no interface number 0
[  768.503157][T11509] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2275'.
[  768.508137][ T5865] usb 8-1: config 0 interface 119 has no altsetting 0
[  768.517696][T11509] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2275'.
[  768.609624][ T5865] usb 8-1: New USB device found, idVendor=0b49, idProduct=064f, bcdDevice=26.35
[  768.618990][ T5865] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  768.627460][ T5865] usb 8-1: Product: syz
[  768.632280][ T5865] usb 8-1: Manufacturer: syz
[  768.637255][ T5865] usb 8-1: SerialNumber: syz
[  768.753532][ T5865] usb 8-1: config 0 descriptor??
[  768.758591][T11511] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2276'.
[  768.784888][T11511] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2276'.
[  769.072293][ T5865] usb 8-1: USB disconnect, device number 3
[  769.942142][T11523] loop6: detected capacity change from 0 to 2048
[  770.416089][T11523] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  770.908337][T11523] overlayfs: upper fs needs to support d_type.
[  770.925158][T11523] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  770.934823][T11523] overlayfs: failed to set xattr on upper
[  770.941614][T11523] overlayfs: ...falling back to redirect_dir=nofollow.
[  770.948664][T11523] overlayfs: ...falling back to index=off.
[  770.954899][T11523] overlayfs: ...falling back to uuid=null.
[  771.468671][ T8737] UDF-fs: error (device loop6): udf_read_inode: (ino 1440) failed !bh
[  771.538328][ T8737] UDF-fs: error (device loop6): udf_read_inode: (ino 1440) failed !bh
[  771.987277][T11542] netlink: 'syz.7.2290': attribute type 2 has an invalid length.
[  773.554727][ T8737] bridge0: port 3(syz_tun) entered disabled state
[  773.719365][ T8737] syz_tun (unregistering): left allmulticast mode
[  773.727432][ T8737] syz_tun (unregistering): left promiscuous mode
[  773.734511][ T8737] bridge0: port 3(syz_tun) entered disabled state
[  774.037099][ T3857] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.387198][ T3857] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.630594][ T3857] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.873568][ T3857] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.057259][ T5865] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  775.280196][ T5865] usb 10-1: Using ep0 maxpacket: 32
[  775.320030][ T5865] usb 10-1: config 0 has an invalid interface number: 184 but max is 0
[  775.328818][ T5865] usb 10-1: config 0 has no interface number 0
[  775.337534][ T5865] usb 10-1: config 0 interface 184 has no altsetting 0
[  775.559755][ T5865] usb 10-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  775.569781][ T5865] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  775.578214][ T5865] usb 10-1: Product: syz
[  775.582848][ T5865] usb 10-1: Manufacturer: syz
[  775.587832][ T5865] usb 10-1: SerialNumber: syz
[  775.694288][ T5865] usb 10-1: config 0 descriptor??
[  775.763621][ T5865] smsc75xx v1.0.0
[  775.767501][ T5865] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  775.779583][ T5865] smsc75xx 10-1:0.184: probe with driver smsc75xx failed with error -22
[  776.300401][ T3857] bridge_slave_1: left allmulticast mode
[  776.306521][ T3857] bridge_slave_1: left promiscuous mode
[  776.313639][ T3857] bridge0: port 2(bridge_slave_1) entered disabled state
[  776.437635][ T3857] bridge_slave_0: left allmulticast mode
[  776.444010][ T3857] bridge_slave_0: left promiscuous mode
[  776.451265][ T3857] bridge0: port 1(bridge_slave_0) entered disabled state
[  778.276666][ T3857] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  778.375732][ T3857] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  778.400842][ T5865] usb 10-1: USB disconnect, device number 2
[  778.419009][ T3857] bond0 (unregistering): Released all slaves
[  778.788130][T11519] Set syz1 is full, maxelem 65536 reached
[  779.444337][ T3857] hsr_slave_0: left promiscuous mode
[  779.475004][ T3857] hsr_slave_1: left promiscuous mode
[  779.484242][ T3857] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  779.492246][ T3857] batman_adv: batadv0: Removing interface: batadv_slave_0
[  779.583468][ T3857] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  779.591499][ T3857] batman_adv: batadv0: Removing interface: batadv_slave_1
[  779.634379][ T5865] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  779.711347][T10140] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  779.744925][ T3857] team_slave_0: left promiscuous mode
[  779.750766][ T3857] team_slave_1: left promiscuous mode
[  779.757453][ T3857] veth1_macvtap: left promiscuous mode
[  779.763479][ T3857] veth0_macvtap: left promiscuous mode
[  779.769741][ T3857] veth1_vlan: left promiscuous mode
[  779.775226][ T3857] veth0_vlan: left promiscuous mode
[  779.877115][ T5865] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  779.887954][ T5865] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  779.900104][ T5865] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  779.914494][ T5865] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  779.925565][ T5865] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  780.263527][T10140] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  780.276182][T10140] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  780.286453][T10140] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  780.300319][T10140] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  780.309840][T10140] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  780.415430][ T5865] usb 9-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  780.430042][ T5865] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  780.438371][ T5865] usb 9-1: Product: syz
[  780.442922][ T5865] usb 9-1: Manufacturer: syz
[  780.447857][ T5865] usb 9-1: SerialNumber: syz
[  780.471131][T10140] usb 8-1: config 0 descriptor??
[  780.496009][ T5865] usb 9-1: config 0 descriptor??
[  780.746714][ T5865] radio-si470x 9-1:0.0: DeviceID=0x6465 ChipID=0x7669
[  780.943895][ T5865] radio-si470x 9-1:0.0: software version 100, hardware version 101
[  780.997793][T10140] plantronics 0003:047F:FFFF.0012: unbalanced delimiter at end of report description
[  781.052030][T10140] plantronics 0003:047F:FFFF.0012: parse failed
[  781.059721][T10140] plantronics 0003:047F:FFFF.0012: probe with driver plantronics failed with error -22
[  781.124936][T10421] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  781.139057][T10421] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  781.149227][T10421] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  781.190369][ T5865] radio-si470x 9-1:0.0: submitting int urb failed (-90)
[  781.207282][ T3857] team0 (unregistering): Port device team_slave_1 removed
[  781.259796][T10421] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  781.292824][T10421] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  781.318342][T10140] usb 8-1: USB disconnect, device number 4
[  781.349121][ T3857] team0 (unregistering): Port device team_slave_0 removed
[  781.405045][ T5865] radio-si470x 9-1:0.0: si470x_set_report: usb_control_msg returned -71
[  781.416062][ T5865] radio-si470x 9-1:0.0: probe with driver radio-si470x failed with error -22
[  781.601643][ T5865] usb 9-1: USB disconnect, device number 2
[  781.789833][T11573] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2306'.
[  782.143895][T11573] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  782.282543][T11573] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  782.352992][T11573] bond0 (unregistering): Released all slaves
[  782.643658][ T3857] IPVS: stop unused estimator thread 0...
[  782.835052][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  782.843576][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  783.392600][T10421] Bluetooth: hci0: command tx timeout
[  783.721543][T11570] chnl_net:caif_netlink_parms(): no params data found
[  784.076935][T11595] loop3: detected capacity change from 0 to 128
[  784.232824][   T30] audit: type=1800 audit(2000000428.960:98): pid=11595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2315" name="file2" dev="loop3" ino=1048654 res=0 errno=0
[  784.247791][T11595] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  784.262966][T11595] FAT-fs (loop3): Filesystem has been set read-only
[  784.271104][T11595] syz.3.2315: attempt to access beyond end of device
[  784.271104][T11595] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  784.285833][T11595] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  784.294201][T11595] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  784.472803][T11592] loop7: detected capacity change from 0 to 8192
[  784.489925][T11595] syz.3.2315: attempt to access beyond end of device
[  784.489925][T11595] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  784.506398][T11595] syz.3.2315: attempt to access beyond end of device
[  784.506398][T11595] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  784.563562][T11592] Dev loop7: RDB in block 1 has bad checksum
[  784.570816][T11592] Dev loop7: unable to read RDB block 8
[  784.570895][T11602] syz.3.2315: attempt to access beyond end of device
[  784.570895][T11602] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  784.576962][T11592]  loop7: unable to read partition table
[  784.591273][T11602] syz.3.2315: attempt to access beyond end of device
[  784.591273][T11602] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  784.677596][T11592] loop_reread_partitions: partition scan of loop7 () failed (rc=-5)
[  784.780225][T11595] syz.3.2315: attempt to access beyond end of device
[  784.780225][T11595] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  784.871343][T11595] syz.3.2315: attempt to access beyond end of device
[  784.871343][T11595] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  784.957240][T11595] syz.3.2315: attempt to access beyond end of device
[  784.957240][T11595] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  785.493423][T10421] Bluetooth: hci0: command tx timeout
[  785.624710][T11570] bridge0: port 1(bridge_slave_0) entered blocking state
[  785.632669][T11570] bridge0: port 1(bridge_slave_0) entered disabled state
[  785.645423][T11570] bridge_slave_0: entered allmulticast mode
[  785.656011][T11570] bridge_slave_0: entered promiscuous mode
[  785.738778][T11570] bridge0: port 2(bridge_slave_1) entered blocking state
[  785.753181][T11570] bridge0: port 2(bridge_slave_1) entered disabled state
[  785.761260][T11570] bridge_slave_1: entered allmulticast mode
[  785.771914][T11570] bridge_slave_1: entered promiscuous mode
[  786.108484][T11570] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  786.204739][T11570] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  786.641718][T11570] team0: Port device team_slave_0 added
[  786.678826][T11570] team0: Port device team_slave_1 added
[  786.980031][T10140] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  787.061599][T11570] batman_adv: batadv0: Adding interface: batadv_slave_0
[  787.068788][T11570] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  787.099796][T11570] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  787.160611][T11570] batman_adv: batadv0: Adding interface: batadv_slave_1
[  787.167950][T11570] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  787.199004][T11570] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  787.240788][T10140] usb 10-1: Using ep0 maxpacket: 16
[  787.285196][T10140] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  787.296951][T10140] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  787.307202][T10140] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  787.323342][T10140] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  787.333607][T10140] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.452952][T10140] usb 10-1: config 0 descriptor??
[  787.567690][T10421] Bluetooth: hci0: command tx timeout
[  787.716449][T11637] loop7: detected capacity change from 0 to 256
[  787.804351][T11570] hsr_slave_0: entered promiscuous mode
[  787.819591][T11570] hsr_slave_1: entered promiscuous mode
[  787.836088][T11570] debugfs: 'hsr0' already exists in 'hsr'
[  787.842339][T11570] Cannot create hsr debugfs directory
[  788.047472][T10140] microsoft 0003:045E:07DA.0013: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.9-1/input0
[  788.059715][T10140] microsoft 0003:045E:07DA.0013: no inputs found
[  788.066373][T10140] microsoft 0003:045E:07DA.0013: could not initialize ff, continuing anyway
[  788.242100][T10140] usb 10-1: USB disconnect, device number 3
[  789.108899][T11570] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  789.292609][T11570] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  789.445359][T11570] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  789.630164][T10421] Bluetooth: hci0: command tx timeout
[  789.707166][T11570] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  790.013007][T11663] netlink: 16222 bytes leftover after parsing attributes in process `syz.3.2342'.
[  790.213864][T11570] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  790.322170][T11570] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  790.411578][T11570] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  790.549047][T11570] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  791.802685][T11685] netlink: 'syz.7.2351': attribute type 1 has an invalid length.
[  791.811324][T11685] netlink: 'syz.7.2351': attribute type 2 has an invalid length.
[  791.861600][T11689] netlink: 'syz.7.2351': attribute type 1 has an invalid length.
[  791.870330][T11689] netlink: 'syz.7.2351': attribute type 2 has an invalid length.
[  792.118256][T11570] 8021q: adding VLAN 0 to HW filter on device bond0
[  792.286621][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  792.354338][T11570] 8021q: adding VLAN 0 to HW filter on device team0
[  792.471823][ T3555] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.480283][ T3555] bridge0: port 1(bridge_slave_0) entered forwarding state
[  792.663419][ T3555] bridge0: port 2(bridge_slave_1) entered blocking state
[  792.671175][ T3555] bridge0: port 2(bridge_slave_1) entered forwarding state
[  793.188349][T11702] loop9: detected capacity change from 0 to 256
[  793.300719][T11702] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  793.314791][T11702] exFAT-fs (loop9): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  794.066931][T11707] netlink: 'syz.7.2359': attribute type 2 has an invalid length.
[  796.127156][T11570] 8021q: adding VLAN 0 to HW filter on device batadv0
[  796.134821][T11243] kernel write not supported for file /snd/seq (pid: 11243 comm: kworker/1:4)
[  796.602581][T11743] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  796.756834][T11570] veth0_vlan: entered promiscuous mode
[  796.866921][T11570] veth1_vlan: entered promiscuous mode
[  797.238197][T11570] veth0_macvtap: entered promiscuous mode
[  797.340989][T11570] veth1_macvtap: entered promiscuous mode
[  797.607288][T11570] batman_adv: batadv0: Interface activated: batadv_slave_0
[  797.769179][T11570] batman_adv: batadv0: Interface activated: batadv_slave_1
[  797.902440][ T1829] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  797.993088][   T57] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  798.043037][ T1839] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  798.085053][ T3857] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  798.754020][   T24] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  798.968376][   T24] usb 10-1: config 0 has an invalid interface number: 85 but max is 0
[  798.977562][   T24] usb 10-1: config 0 has no interface number 0
[  798.987583][   T24] usb 10-1: config 0 interface 85 altsetting 151 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  799.001567][   T24] usb 10-1: config 0 interface 85 altsetting 151 endpoint 0x81 has invalid wMaxPacketSize 0
[  799.012861][   T24] usb 10-1: config 0 interface 85 has no altsetting 0
[  799.020091][   T24] usb 10-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[  799.029969][   T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  799.342705][   T24] usb 10-1: config 0 descriptor??
[  799.960426][   T24] hid-led 0003:1D34:0004.0014: unknown main item tag 0x0
[  799.967990][   T24] hid-led 0003:1D34:0004.0014: unknown main item tag 0x0
[  799.981779][   T24] hid-led 0003:1D34:0004.0014: unknown main item tag 0x0
[  799.989257][   T24] hid-led 0003:1D34:0004.0014: unknown main item tag 0x0
[  799.998188][   T24] hid-led 0003:1D34:0004.0014: unknown main item tag 0x0
[  800.005802][   T24] hid-led 0003:1D34:0004.0014: unknown main item tag 0x0
[  800.016918][   T24] hid-led 0003:1D34:0004.0014: unknown main item tag 0x0
[  800.130674][   T24] hid-led 0003:1D34:0004.0014: hidraw0: USB HID v0.00 Device [HID 1d34:0004] on usb-dummy_hcd.9-1/input85
[  800.151645][   T24] hid-led 0003:1D34:0004.0014: Dream Cheeky Webmail Notifier initialized
[  800.346177][ T5865] usb 10-1: USB disconnect, device number 4
[  801.657234][T11812] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  801.672976][T11812] overlayfs: overlapping lowerdir path
[  802.580055][ T3818] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  802.806010][ T3818] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.010846][ T3818] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.216150][ T3818] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.990206][ T3818] bridge_slave_1: left allmulticast mode
[  803.996452][ T3818] bridge_slave_1: left promiscuous mode
[  804.004113][ T3818] bridge0: port 2(bridge_slave_1) entered disabled state
[  804.114009][ T3818] bridge_slave_0: left allmulticast mode
[  804.120247][ T3818] bridge_slave_0: left promiscuous mode
[  804.127019][ T3818] bridge0: port 1(bridge_slave_0) entered disabled state
[  805.121982][ T3818] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  805.171858][ T3818] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  805.211790][ T3818] bond0 (unregistering): Released all slaves
[  805.919357][ T3818] hsr_slave_0: left promiscuous mode
[  805.935932][ T3818] hsr_slave_1: left promiscuous mode
[  805.944952][ T3818] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  805.955673][ T3818] batman_adv: batadv0: Removing interface: batadv_slave_0
[  805.966448][ T3818] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  805.974524][ T3818] batman_adv: batadv0: Removing interface: batadv_slave_1
[  806.032810][ T3818] veth1_macvtap: left promiscuous mode
[  806.038599][ T3818] veth0_macvtap: left promiscuous mode
[  806.045859][ T3818] veth1_vlan: left promiscuous mode
[  806.053318][ T3818] veth0_vlan: left promiscuous mode
[  807.472229][ T3818] team0 (unregistering): Port device team_slave_1 removed
[  807.602949][ T3818] team0 (unregistering): Port device team_slave_0 removed
[  807.944472][ T5816] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  807.956750][T11851] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2401'.
[  807.981943][ T5816] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  807.997393][ T5816] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  808.029097][ T5816] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  808.047003][ T5816] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  808.740111][T11867] capability: warning: `syz.3.2413' uses 32-bit capabilities (legacy support in use)
[  808.862546][T11868] block nbd1: server does not support multiple connections per device.
[  808.872096][T11868] block nbd1: shutting down sockets
[  809.075115][ T3888] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  809.083878][ T3888] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  809.694798][ T1839] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  809.705527][ T1839] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  810.123383][T11859] chnl_net:caif_netlink_parms(): no params data found
[  810.191250][ T5816] Bluetooth: hci4: command tx timeout
[  811.036116][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  811.554671][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  811.812501][T11859] bridge0: port 1(bridge_slave_0) entered blocking state
[  811.822038][T11859] bridge0: port 1(bridge_slave_0) entered disabled state
[  811.830183][T11859] bridge_slave_0: entered allmulticast mode
[  811.840917][T11859] bridge_slave_0: entered promiscuous mode
[  811.879764][T11859] bridge0: port 2(bridge_slave_1) entered blocking state
[  811.887598][T11859] bridge0: port 2(bridge_slave_1) entered disabled state
[  811.899084][T11859] bridge_slave_1: entered allmulticast mode
[  811.909942][T11859] bridge_slave_1: entered promiscuous mode
[  812.100429][T11859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  812.132361][T11859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  812.150573][T11910] block nbd1: server does not support multiple connections per device.
[  812.161058][T11910] block nbd1: shutting down sockets
[  812.271217][ T5816] Bluetooth: hci4: command tx timeout
[  812.427448][T11859] team0: Port device team_slave_0 added
[  812.481918][T11859] team0: Port device team_slave_1 added
[  812.616497][T11913] loop8: detected capacity change from 0 to 512
[  812.777570][T11913] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002]
[  812.806469][T11859] batman_adv: batadv0: Adding interface: batadv_slave_0
[  812.817588][T11859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  812.848193][T11859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  812.893030][T11913] System zones: 1-12
[  812.931616][T11913] EXT4-fs error (device loop8): dx_probe:791: inode #2: comm syz.8.2420: Directory hole found for htree index block 0
[  812.968351][T11913] EXT4-fs (loop8): Remounting filesystem read-only
[  813.005948][T11859] batman_adv: batadv0: Adding interface: batadv_slave_1
[  813.013412][T11859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  813.042776][T11859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  813.056235][T11913] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -117
[  813.100851][T11913] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117
[  813.112178][T11913] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  813.471120][T11859] hsr_slave_0: entered promiscuous mode
[  813.482575][T11859] hsr_slave_1: entered promiscuous mode
[  813.495745][T11859] debugfs: 'hsr0' already exists in 'hsr'
[  813.501995][T11859] Cannot create hsr debugfs directory
[  813.666034][T11237] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  814.364156][ T5816] Bluetooth: hci4: command tx timeout
[  814.852561][T11941] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2431'.
[  815.190431][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  815.211221][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  815.620515][T11948] block nbd1: server does not support multiple connections per device.
[  815.630134][T11948] block nbd1: shutting down sockets
[  815.666864][T11952] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2434'.
[  815.687139][T11859] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  815.821852][T11859] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  815.894132][T11859] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  816.004510][T11859] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  816.431501][ T5816] Bluetooth: hci4: command tx timeout
[  817.073558][T11970] loop3: detected capacity change from 0 to 256
[  817.232921][T11859] 8021q: adding VLAN 0 to HW filter on device bond0
[  817.462889][T11859] 8021q: adding VLAN 0 to HW filter on device team0
[  817.568467][ T3857] bridge0: port 1(bridge_slave_0) entered blocking state
[  817.576238][ T3857] bridge0: port 1(bridge_slave_0) entered forwarding state
[  817.686527][ T3857] bridge0: port 2(bridge_slave_1) entered blocking state
[  817.694375][ T3857] bridge0: port 2(bridge_slave_1) entered forwarding state
[  818.127360][T11980] loop0: detected capacity change from 0 to 128
[  818.291822][T11980] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  818.301024][T11980] FAT-fs (loop0): Filesystem has been set read-only
[  818.354388][T11984] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  819.036956][T11991] loop7: detected capacity change from 0 to 512
[  819.151525][T11991] EXT4-fs: Ignoring removed i_version option
[  819.200554][T11991] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  819.313117][T11991] EXT4-fs (loop7): 1 truncate cleaned up
[  819.322254][T11991] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  819.588688][T11067] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  819.904047][T12000] bridge0: port 2(bridge_slave_1) entered disabled state
[  820.177879][T11859] 8021q: adding VLAN 0 to HW filter on device batadv0
[  821.935771][T12032] loop7: detected capacity change from 0 to 512
[  822.004883][T12032] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  822.601238][T11243] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  822.832253][T11243] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  822.843098][T11243] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  822.857209][T11243] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  822.869264][T11243] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  822.879932][T11243] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  822.967665][T11859] veth0_vlan: entered promiscuous mode
[  823.045188][T11243] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  823.045367][T11243] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  823.045524][T11243] usb 4-1: Product: syz
[  823.045641][T11243] usb 4-1: Manufacturer: syz
[  823.045756][T11243] usb 4-1: SerialNumber: syz
[  823.057160][T11243] usb 4-1: config 0 descriptor??
[  823.304127][T11859] veth1_vlan: entered promiscuous mode
[  823.340260][T11243] radio-si470x 4-1:0.0: DeviceID=0x6465 ChipID=0x7669
[  823.537275][T11243] radio-si470x 4-1:0.0: software version 100, hardware version 101
[  823.754969][T11859] veth0_macvtap: entered promiscuous mode
[  823.760556][T11243] radio-si470x 4-1:0.0: submitting int urb failed (-90)
[  823.845991][T11859] veth1_macvtap: entered promiscuous mode
[  824.121461][T11243] radio-si470x 4-1:0.0: si470x_set_report: usb_control_msg returned -71
[  824.123053][T11243] radio-si470x 4-1:0.0: probe with driver radio-si470x failed with error -22
[  824.137066][T11243] usb 4-1: USB disconnect, device number 11
[  824.160703][T11859] batman_adv: batadv0: Interface activated: batadv_slave_0
[  824.196790][T12050] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2474'.
[  824.268056][T11859] batman_adv: batadv0: Interface activated: batadv_slave_1
[  824.315351][ T4041] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  824.317141][ T4041] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  824.318952][ T4041] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  824.321598][ T3555] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  824.440086][T10140] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  824.602153][T10140] usb 8-1: Using ep0 maxpacket: 32
[  824.627088][T10140] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  824.627258][T10140] usb 8-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  824.627421][T10140] usb 8-1: config 0 interface 0 has no altsetting 0
[  824.647162][T10140] usb 8-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  824.647340][T10140] usb 8-1: New USB device strings: Mfr=229, Product=1, SerialNumber=3
[  824.647486][T10140] usb 8-1: Product: syz
[  824.647610][T10140] usb 8-1: Manufacturer: syz
[  824.647724][T10140] usb 8-1: SerialNumber: syz
[  824.657167][T10140] usb 8-1: config 0 descriptor??
[  824.752309][T12056] netlink: 84 bytes leftover after parsing attributes in process `syz.8.2475'.
[  825.155940][T10140] gs_usb 8-1:0.0: Configuring for 1 interfaces
[  825.589913][T10140] gs_usb 8-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO)
[  825.602396][T10140] gs_usb 8-1:0.0: probe with driver gs_usb failed with error -71
[  825.732668][T10140] usb 8-1: USB disconnect, device number 5
[  825.902624][T12066] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2478'.
[  826.130947][   T30] audit: type=1326 audit(2000000470.860:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12058 comm="syz.3.2476" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7fc00000
[  827.085352][T12082] loop0: detected capacity change from 0 to 128
[  827.164519][T12082] FAT-fs (loop0): Directory bread(block 524322) failed
[  827.173448][T12082] FAT-fs (loop0): Directory bread(block 524323) failed
[  827.181004][T12082] FAT-fs (loop0): Directory bread(block 524324) failed
[  827.188115][T12082] FAT-fs (loop0): Directory bread(block 524325) failed
[  827.195434][T12082] FAT-fs (loop0): Directory bread(block 524326) failed
[  827.202804][T12082] FAT-fs (loop0): Directory bread(block 524327) failed
[  827.210138][T12082] FAT-fs (loop0): Directory bread(block 524328) failed
[  827.218689][T12082] FAT-fs (loop0): Directory bread(block 524329) failed
[  827.360991][T12082] FAT-fs (loop0): Directory bread(block 524322) failed
[  827.368156][T12082] FAT-fs (loop0): Directory bread(block 524323) failed
[  827.412823][T12086] loop8: detected capacity change from 0 to 256
[  827.440906][T12085] netlink: 'syz.7.2485': attribute type 4 has an invalid length.
[  827.485696][T12086] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  827.497904][T12086] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[  827.679908][T12086] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x640de592, utbl_chksum : 0xe619d30d)
[  827.884138][   T30] audit: type=1800 audit(2000000472.600:100): pid=12086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.2486" name="file1" dev="loop8" ino=1048666 res=0 errno=0
[  829.483104][T12116] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2497'.
[  829.614320][T12116] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  829.732398][T12116] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  829.792312][T12116] bond0 (unregistering): Released all slaves
[  830.113863][T12126] loop3: detected capacity change from 0 to 128
[  830.666630][T12131] netlink: 232 bytes leftover after parsing attributes in process `syz.8.2503'.
[  831.345562][ T3555] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  831.356159][ T3555] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  831.521555][T12143] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2508'.
[  831.583039][T12145] loop3: detected capacity change from 0 to 128
[  831.590583][ T3857] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  831.598989][ T3857] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  831.637089][T12143] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2508'.
[  832.099286][T12147] vcan0: tx drop: invalid da for name 0x00000000000000c7
[  832.251861][T12152] netlink: 14 bytes leftover after parsing attributes in process `syz.7.2512'.
[  832.386355][T12152] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  832.456016][T12152] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  832.516931][T12152] bond0 (unregistering): Released all slaves
[  833.550163][ T1839] wlan1: Trigger new scan to find an IBSS to join
[  834.954655][T11243] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  835.182600][T11243] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  835.194740][T11243] usb 10-1: New USB device found, idVendor=046d, idProduct=ca03, bcdDevice= 0.00
[  835.207723][T11243] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  835.272324][T11243] usb 10-1: config 0 descriptor??
[  835.462303][T12186] loop0: detected capacity change from 0 to 8192
[  835.781437][T11243] logitech 0003:046D:CA03.0015: bogus close delimiter
[  835.788483][T11243] logitech 0003:046D:CA03.0015: item 0 4 2 10 parsing failed
[  835.859329][T11243] logitech 0003:046D:CA03.0015: parse failed
[  835.866384][T11243] logitech 0003:046D:CA03.0015: probe with driver logitech failed with error -22
[  835.941266][T12199] loop7: detected capacity change from 0 to 1024
[  835.976351][ T5865] usb 10-1: USB disconnect, device number 5
[  836.063241][T12199] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  836.591631][ T1829] wlan1: Trigger new scan to find an IBSS to join
[  836.636270][T11067] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  837.672087][T12221] netlink: 40 bytes leftover after parsing attributes in process `syz.8.2545'.
[  838.923893][T12229] loop3: detected capacity change from 0 to 512
[  839.003123][T12229] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  839.171749][T12229] EXT4-fs (loop3): 1 truncate cleaned up
[  839.180639][T12229] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  839.550044][ T1839] wlan1: Creating new IBSS network, BSSID 9e:29:b9:74:bf:1d
[  839.607371][T10421] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  839.617705][T10421] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  839.628210][T10421] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  839.655992][T10421] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  839.670642][T10421] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  839.713726][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  840.507385][T12249] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2554'.
[  840.517305][T12249] netem: unknown loss type 12
[  840.522374][T12249] netem: change failed
[  840.922140][T12255] sctp: [Deprecated]: syz.9.2557 (pid 12255) Use of int in max_burst socket option deprecated.
[  840.922140][T12255] Use struct sctp_assoc_value instead
[  840.956221][T12238] chnl_net:caif_netlink_parms(): no params data found
[  841.710074][T10421] Bluetooth: hci1: command tx timeout
[  841.729867][T12265] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2562'.
[  842.688487][T12279] loop0: detected capacity change from 0 to 512
[  842.944261][T12279] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  842.957605][T12279] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  843.029674][T12238] bridge0: port 1(bridge_slave_0) entered blocking state
[  843.037403][T12238] bridge0: port 1(bridge_slave_0) entered disabled state
[  843.045581][T12238] bridge_slave_0: entered allmulticast mode
[  843.056188][T12238] bridge_slave_0: entered promiscuous mode
[  843.252843][T12238] bridge0: port 2(bridge_slave_1) entered blocking state
[  843.261120][T12238] bridge0: port 2(bridge_slave_1) entered disabled state
[  843.269097][T12238] bridge_slave_1: entered allmulticast mode
[  843.279720][T12238] bridge_slave_1: entered promiscuous mode
[  843.408242][T11570] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  843.522646][T12286] loop3: detected capacity change from 0 to 1024
[  843.535750][T12286] EXT4-fs: Ignoring removed orlov option
[  843.673387][T12238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  843.698645][T12238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  843.800483][T10421] Bluetooth: hci1: command tx timeout
[  843.836436][T12286] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  844.240339][T12292] loop8: detected capacity change from 0 to 128
[  844.253567][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  844.260610][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  844.376094][T12292] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  844.429988][T11243] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  844.453632][T12238] team0: Port device team_slave_0 added
[  844.580967][T12292] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  844.686152][T11243] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  844.697038][T11243] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  844.801542][T11243] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  844.811333][T11243] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  844.820701][T11243] usb 1-1: Product: syz
[  844.825135][T11243] usb 1-1: Manufacturer: syz
[  844.835596][T11243] usb 1-1: SerialNumber: syz
[  844.897743][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  845.174377][T11243] usb 1-1: 0:2 : does not exist
[  845.196605][T12238] team0: Port device team_slave_1 added
[  845.231370][T11243] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  845.870363][T10421] Bluetooth: hci1: command tx timeout
[  846.062939][T11243] usb 1-1: USB disconnect, device number 2
[  846.383778][T12294] geneve2: entered promiscuous mode
[  846.389244][T12294] geneve2: entered allmulticast mode
[  846.746719][T12299] loop0: detected capacity change from 0 to 512
[  846.863621][T12297] sctp: [Deprecated]: syz.8.2574 (pid 12297) Use of int in max_burst socket option deprecated.
[  846.863621][T12297] Use struct sctp_assoc_value instead
[  846.920421][T12299] EXT4-fs: Ignoring removed bh option
[  846.963013][T12238] batman_adv: batadv0: Adding interface: batadv_slave_0
[  846.970437][T12238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  847.000461][T12238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  847.047891][T12299] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  847.057910][T12299] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  847.158700][T12299] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  847.205346][T12238] batman_adv: batadv0: Adding interface: batadv_slave_1
[  847.212786][T12238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  847.242298][T12238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  847.363624][T12299] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  847.413877][T12299] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  847.826860][T12301] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.2575: path /37/file0: bad entry in directory: inode out of bounds - offset=24, inode=134217739, rec_len=20, size=2048 fake=0
[  848.033938][T10421] Bluetooth: hci1: command tx timeout
[  848.504075][T12305] loop8: detected capacity change from 0 to 512
[  848.639269][T12305] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  848.655747][T12305] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  848.787076][T12299] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  849.200111][T12238] hsr_slave_0: entered promiscuous mode
[  849.212166][T12238] hsr_slave_1: entered promiscuous mode
[  849.221563][T12238] debugfs: 'hsr0' already exists in 'hsr'
[  849.227751][T12238] Cannot create hsr debugfs directory
[  849.598734][T11570] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  851.063185][T11237] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  851.495159][T12275] Set syz1 is full, maxelem 65536 reached
[  852.372361][T12238] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  852.409122][T12238] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  852.616216][T12238] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  852.723357][T12238] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  854.209693][T12238] 8021q: adding VLAN 0 to HW filter on device bond0
[  854.375535][T12238] 8021q: adding VLAN 0 to HW filter on device team0
[  854.482805][ T3857] bridge0: port 1(bridge_slave_0) entered blocking state
[  854.490637][ T3857] bridge0: port 1(bridge_slave_0) entered forwarding state
[  854.514010][T12341] tc_dump_action: action bad kind
[  854.633423][ T3857] bridge0: port 2(bridge_slave_1) entered blocking state
[  854.641356][ T3857] bridge0: port 2(bridge_slave_1) entered forwarding state
[  856.204390][T12357] netlink: 88 bytes leftover after parsing attributes in process `syz.0.2597'.
[  856.214261][T12357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2597'.
[  857.570963][T12238] 8021q: adding VLAN 0 to HW filter on device batadv0
[  858.297418][T12372] netlink: 'syz.0.2604': attribute type 25 has an invalid length.
[  858.307345][T12372] netlink: 184 bytes leftover after parsing attributes in process `syz.0.2604'.
[  858.849543][T12238] veth0_vlan: entered promiscuous mode
[  859.293478][T12238] veth1_vlan: entered promiscuous mode
[  860.254089][T12238] veth0_macvtap: entered promiscuous mode
[  860.354362][T12238] veth1_macvtap: entered promiscuous mode
[  860.614628][T12238] batman_adv: batadv0: Interface activated: batadv_slave_0
[  860.846619][T12238] batman_adv: batadv0: Interface activated: batadv_slave_1
[  861.064654][ T1839] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  861.127742][ T1839] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  861.405159][ T3818] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  861.511429][ T3818] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  861.711511][ T5112] Bluetooth: hci2: command 0x0406 tx timeout
[  864.408131][T12405] loop9: detected capacity change from 0 to 1024
[  864.451617][T12405] EXT4-fs: Ignoring removed orlov option
[  864.727941][T12405] EXT4-fs (loop9): Test dummy encryption mode enabled
[  864.827844][T12405] EXT4-fs (loop9): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  865.061713][T12350] Set syz1 is full, maxelem 65536 reached
[  865.105216][T12410] loop3: detected capacity change from 0 to 512
[  865.161215][T12410] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  865.351310][T12405] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  865.669330][T12410] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  865.685000][T12410] ext4 filesystem being mounted at /589/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  866.113026][T12419] loop0: detected capacity change from 0 to 2048
[  866.236875][T12419] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  866.283745][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  866.442399][   T30] audit: type=1800 audit(2000000511.150:101): pid=12419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2618" name="file1" dev="loop0" ino=1346 res=0 errno=0
[  866.522239][T12405] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  866.910484][T11859] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  867.679017][ T3888] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  867.795276][T12440] loop9: detected capacity change from 0 to 256
[  867.941130][T12440] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  869.595417][T12465] loop8: detected capacity change from 0 to 512
[  869.663974][T12465] FAT-fs (loop8): unable to read block(75161927680) for building NFS inode
[  869.999771][ T3857] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  870.007844][ T3857] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  870.126483][T12461] loop0: detected capacity change from 0 to 4096
[  870.149660][T12461] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  870.316926][ T1839] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  870.330489][ T1839] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  870.621466][T10140] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[  870.849118][T10140] usb 9-1: config 0 has an invalid interface number: 128 but max is 0
[  870.857954][T10140] usb 9-1: config 0 has no interface number 0
[  870.962876][T10140] usb 9-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  870.972553][T10140] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  870.984749][T10140] usb 9-1: Product: syz
[  870.989224][T10140] usb 9-1: Manufacturer: syz
[  870.995396][T10140] usb 9-1: SerialNumber: syz
[  871.152472][T10140] usb 9-1: config 0 descriptor??
[  871.621446][T10140] usb 9-1: Firmware: major: 109, minor: 210, hardware type: UNKNOWN (205)
[  871.838683][T12483] netlink: 96 bytes leftover after parsing attributes in process `syz.9.2642'.
[  871.849245][T10140] usb 9-1: failed to fetch extended address, random address set
[  871.857777][T10140] usb 9-1: atusb_probe: initialization failed, error = -524
[  871.870966][T10140] atusb 9-1:0.128: probe with driver atusb failed with error -524
[  871.926400][T10140] usb 9-1: USB disconnect, device number 3
[  873.003731][T12494] loop2: detected capacity change from 0 to 1764
[  873.571965][T12499] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  874.124645][T12503] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  875.258420][T12528] loop0: detected capacity change from 0 to 512
[  875.326752][T12528] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  875.388402][T12533] af_packet: tpacket_rcv: packet too big, clamped from 16 to 4294967272. macoff=96
[  875.460525][T12528] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.2659: bad orphan inode 15
[  875.566048][T12528] ext4_test_bit(bit=14, block=18) = 1
[  875.571930][T12528] is_bad_inode(inode)=0
[  875.576586][T12528] NEXT_ORPHAN(inode)=1023
[  875.582289][T12528] max_ino=32
[  875.587996][T12528] i_nlink=0
[  875.594991][T12528] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  875.700493][T12528] ext2 filesystem being mounted at /60/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  875.780879][T12539] TCP: TCP_TX_DELAY enabled
[  876.347805][T11570] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  876.855994][T12551] loop3: detected capacity change from 0 to 16
[  877.034725][T12553] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2669'.
[  878.901269][T12577] overlayfs: workdir and upperdir must reside under the same mount
[  881.010437][T12594] Failed to get privilege flags for destination (handle=0x2:0x4)
[  882.743687][T12606] loop3: detected capacity change from 0 to 1024
[  882.946034][ T3818] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  883.076656][T12606] hfsplus: xattr searching failed
[  883.119149][ T3818] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  883.120381][T12606] hfsplus: catalog searching failed
[  883.440880][ T3818] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  883.667893][ T3818] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  883.763410][ T3888] hfsplus: b-tree write err: -5, ino 3
[  884.254186][ T3818] bridge_slave_1: left allmulticast mode
[  884.260664][ T3818] bridge_slave_1: left promiscuous mode
[  884.267389][ T3818] bridge0: port 2(bridge_slave_1) entered disabled state
[  884.348287][ T3818] bridge_slave_0: left allmulticast mode
[  884.358229][ T3818] bridge_slave_0: left promiscuous mode
[  884.365274][ T3818] bridge0: port 1(bridge_slave_0) entered disabled state
[  885.457940][ T3818] hsr_slave_0: left promiscuous mode
[  885.475025][ T3818] hsr_slave_1: left promiscuous mode
[  885.496737][ T3818] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  885.505959][ T3818] batman_adv: batadv0: Removing interface: batadv_slave_0
[  885.529764][ T3818] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  885.537395][ T3818] batman_adv: batadv0: Removing interface: batadv_slave_1
[  885.587817][ T3818] veth1_macvtap: left promiscuous mode
[  885.595829][ T3818] veth0_macvtap: left promiscuous mode
[  885.601974][ T3818] veth1_vlan: left promiscuous mode
[  885.607800][ T3818] veth0_vlan: left promiscuous mode
[  886.854580][ T3818] team0 (unregistering): Port device team_slave_1 removed
[  886.884387][ T3818] team0 (unregistering): Port device team_slave_0 removed
[  887.754208][ T5112] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  887.765042][ T5112] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  887.780256][ T5112] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  887.796313][ T5112] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  887.808943][ T5112] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  888.427617][T12645] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2709'.
[  888.778989][T12650] loop8: detected capacity change from 0 to 128
[  888.838874][T12650] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  888.958163][T12637] chnl_net:caif_netlink_parms(): no params data found
[  888.978758][T12650] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  889.198959][   T30] audit: type=1800 audit(2000000533.930:102): pid=12650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2710" name="bus" dev="loop8" ino=12 res=0 errno=0
[  889.356523][T12658] loop3: detected capacity change from 0 to 512
[  889.423383][T12658] EXT4-fs: Ignoring removed nomblk_io_submit option
[  889.470220][T12658] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  889.485258][T12658] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002]
[  889.546081][T12658] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[  889.556310][T12658] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  889.567999][T12658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  889.704753][T12658] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.2712: dx entry: limit 65535 != root limit 120
[  889.713440][T11237] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  889.720165][T12658] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.2712: Corrupt directory, running e2fsck is recommended
[  889.771673][T12658] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.2712: path /610/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  889.966871][ T5112] Bluetooth: hci0: command tx timeout
[  890.106376][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  890.570631][T12637] bridge0: port 1(bridge_slave_0) entered blocking state
[  890.578477][T12637] bridge0: port 1(bridge_slave_0) entered disabled state
[  890.586666][T12637] bridge_slave_0: entered allmulticast mode
[  890.600284][T12637] bridge_slave_0: entered promiscuous mode
[  890.692823][T12637] bridge0: port 2(bridge_slave_1) entered blocking state
[  890.702895][T12637] bridge0: port 2(bridge_slave_1) entered disabled state
[  890.710952][T12637] bridge_slave_1: entered allmulticast mode
[  890.721490][T12637] bridge_slave_1: entered promiscuous mode
[  890.825138][T12671] loop2: detected capacity change from 0 to 1024
[  891.016251][T12637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  891.100756][T12637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  891.499808][T12637] team0: Port device team_slave_0 added
[  891.541704][T12637] team0: Port device team_slave_1 added
[  891.913581][T12637] batman_adv: batadv0: Adding interface: batadv_slave_0
[  891.921211][T12637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  891.954872][T12637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  891.995686][T12684] loop2: detected capacity change from 0 to 1024
[  892.039095][T12684] EXT4-fs: Ignoring removed oldalloc option
[  892.046945][T12684] EXT4-fs: Ignoring removed bh option
[  892.047011][ T5112] Bluetooth: hci0: command tx timeout
[  892.053305][T12637] batman_adv: batadv0: Adding interface: batadv_slave_1
[  892.067018][T12637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  892.094954][T12637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  892.190601][T12684] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  892.303365][T12693] loop3: detected capacity change from 0 to 8
[  892.321621][T12693] SQUASHFS error: lzo decompression failed, data probably corrupt
[  892.330035][T12693] SQUASHFS error: Failed to read block 0x91: -5
[  892.336533][T12693] SQUASHFS error: Unable to read metadata cache entry [8f]
[  892.345302][T12693] SQUASHFS error: Unable to read inode 0x11f
[  892.618904][T12637] hsr_slave_0: entered promiscuous mode
[  892.630475][T12637] hsr_slave_1: entered promiscuous mode
[  892.640110][T12637] debugfs: 'hsr0' already exists in 'hsr'
[  892.653057][T12637] Cannot create hsr debugfs directory
[  892.878682][T12695] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2725'.
[  893.523553][T12693] loop3: detected capacity change from 0 to 32768
[  893.535500][T12693] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2724 (12693)
[  893.642214][T12693] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  893.652964][T12693] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  893.842642][T12693] BTRFS info (device loop3): enabling ssd optimizations
[  893.850409][T12693] BTRFS info (device loop3): enabling free space tree
[  894.005717][ T5820] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  894.020351][T12238] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  894.128727][ T5112] Bluetooth: hci0: command tx timeout
[  894.701914][T11243] kernel read not supported for file /dsp1 (pid: 11243 comm: kworker/1:4)
[  895.395524][T12637] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  895.430550][T12637] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  895.492600][T12637] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  895.555917][T12637] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  896.197297][ T5112] Bluetooth: hci0: command tx timeout
[  896.860425][T12637] 8021q: adding VLAN 0 to HW filter on device bond0
[  897.055225][T12637] 8021q: adding VLAN 0 to HW filter on device team0
[  897.169932][ T3571] bridge0: port 1(bridge_slave_0) entered blocking state
[  897.177645][ T3571] bridge0: port 1(bridge_slave_0) entered forwarding state
[  897.291406][ T3571] bridge0: port 2(bridge_slave_1) entered blocking state
[  897.299055][ T3571] bridge0: port 2(bridge_slave_1) entered forwarding state
[  897.434071][T12743] vxcan1: tx address claim with dest, not broadcast
[  898.152291][T12748] lo: Caught tx_queue_len zero misconfig
[  898.798919][   T57] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  900.009843][T12637] 8021q: adding VLAN 0 to HW filter on device batadv0
[  900.320800][T12775] hugetlbfs: syz.9.2753 (12775): Using mlock ulimits for SHM_HUGETLB is obsolete
[  900.660558][T12637] veth0_vlan: entered promiscuous mode
[  900.768476][T12637] veth1_vlan: entered promiscuous mode
[  901.182054][T12637] veth0_macvtap: entered promiscuous mode
[  901.233318][T12785] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  901.290912][T12637] veth1_macvtap: entered promiscuous mode
[  901.606338][T12637] batman_adv: batadv0: Interface activated: batadv_slave_0
[  901.708158][T12637] batman_adv: batadv0: Interface activated: batadv_slave_1
[  901.892484][ T3555] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  901.972937][ T3555] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  901.999884][ T3555] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  902.038190][ T3555] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  902.538060][T12800] Bluetooth: MGMT ver 1.23
[  902.930217][T12802] loop3: detected capacity change from 0 to 1764
[  904.441826][T12824] netlink: 'syz.2.2773': attribute type 10 has an invalid length.
[  904.450890][T12824] netlink: 'syz.2.2773': attribute type 28 has an invalid length.
[  904.458954][T12824] netlink: 'syz.2.2773': attribute type 5 has an invalid length.
[  904.469786][T12824] netlink: 'syz.2.2773': attribute type 8 has an invalid length.
[  904.477906][T12824] netlink: 'syz.2.2773': attribute type 31 has an invalid length.
[  905.535109][T12840] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2780'.
[  905.683370][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  905.692096][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  907.895512][T12874] dummy0: entered promiscuous mode
[  908.640049][T11243] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  908.844197][T11243] usb 4-1: Using ep0 maxpacket: 16
[  908.893677][T11243] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  908.907237][T11243] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  908.978325][T11243] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  908.988325][T11243] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  908.996974][T11243] usb 4-1: Product: syz
[  909.001557][T11243] usb 4-1: Manufacturer: syz
[  909.006390][T11243] usb 4-1: SerialNumber: syz
[  909.020516][T11243] usb 4-1: config 0 descriptor??
[  909.048063][T11243] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  909.064094][T11243] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  909.281504][   T30] audit: type=1326 audit(2000000554.000:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12888 comm="syz.9.2799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[  909.382136][   T30] audit: type=1326 audit(2000000554.080:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12888 comm="syz.9.2799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf705e539 code=0x7ffc0000
[  909.405551][   T30] audit: type=1326 audit(2000000554.080:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12888 comm="syz.9.2799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[  909.428976][   T30] audit: type=1326 audit(2000000554.080:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12888 comm="syz.9.2799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[  909.458345][   T30] audit: type=1326 audit(2000000554.110:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12888 comm="syz.9.2799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=181 compat=1 ip=0xf705e539 code=0x7ffc0000
[  909.487426][   T30] audit: type=1326 audit(2000000554.110:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12888 comm="syz.9.2799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[  909.710350][ T3857] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  909.718695][ T3857] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  909.846787][T11243] em28xx 4-1:0.0: chip ID is em2874
[  910.019917][ T1839] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  910.028434][ T1839] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  910.113756][T10140] usb 4-1: USB disconnect, device number 12
[  910.123775][T10140] em28xx 4-1:0.0: Disconnecting em28xx
[  910.165574][T10140] em28xx 4-1:0.0: Freeing device
[  910.828656][T12903] loop9: detected capacity change from 0 to 1024
[  910.887387][T12903] ext4: Unknown parameter 'nouser_xattr'
[  911.318109][T12908] loop3: detected capacity change from 0 to 512
[  911.555856][T12908] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  911.569839][T12908] ext4 filesystem being mounted at /630/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  912.067588][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  912.491719][T12927] netlink: 92 bytes leftover after parsing attributes in process `syz.3.2813'.
[  913.784846][T12947] vivid-000: disconnect
[  913.811258][T10140] usb 9-1: new low-speed USB device number 4 using dummy_hcd
[  913.822781][T12945] vivid-000: reconnect
[  913.836813][T12948] loop3: detected capacity change from 0 to 256
[  913.912118][T12950] loop0: detected capacity change from 0 to 256
[  913.930494][T12948] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  913.945065][T12948] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  914.068050][T10140] usb 9-1: config 1 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  914.079698][T10140] usb 9-1: config 1 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 1024, setting to 8
[  914.084790][T12950] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  914.093336][T10140] usb 9-1: config 1 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  914.093534][T10140] usb 9-1: config 1 interface 0 has no altsetting 0
[  914.168986][T10140] usb 9-1: string descriptor 0 read error: -22
[  914.180140][T10140] usb 9-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.40
[  914.193805][T10140] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  914.241652][T12953] exFAT-fs (loop3): valid_size(150994954) is greater than size(10)
[  914.270516][   T30] audit: type=1800 audit(2000000558.990:109): pid=12953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2823" name="file1" dev="loop3" ino=1048686 res=0 errno=0
[  914.382500][T12944] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  914.661297][T10140] usbhid 9-1:1.0: can't add hid device: -71
[  914.672362][T10140] usbhid 9-1:1.0: probe with driver usbhid failed with error -71
[  914.758293][T10140] usb 9-1: USB disconnect, device number 4
[  915.081170][T12957] loop0: detected capacity change from 0 to 1024
[  915.091687][T12957] EXT4-fs: Ignoring removed nobh option
[  915.215576][T12957] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  915.373078][   T30] audit: type=1800 audit(2000000560.080:110): pid=12957 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2827" name="file1" dev="loop0" ino=15 res=0 errno=0
[  915.905893][T12637] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  917.035848][T12984] loop2: detected capacity change from 0 to 4096
[  917.145326][T12984] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  917.191613][T12992] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[  917.332083][T12984] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  917.896785][T13000] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2843'.
[  917.993191][T12238] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  919.385390][T13017] netlink: 'syz.3.2851': attribute type 28 has an invalid length.
[  920.388380][T13032] loop8: detected capacity change from 0 to 512
[  920.627593][T13032] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #15: comm syz.8.2859: casefold flag without casefold feature
[  920.711421][T13040] loop2: detected capacity change from 0 to 1024
[  920.724056][T13032] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.2859: couldn't read orphan inode 15 (err -117)
[  920.761841][T13032] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  920.875812][T13032] fscrypt (loop8, inode 18): Mutually exclusive encryption flags (0x1b)
[  920.972966][T13040] hfsplus: xattr searching failed
[  921.093241][T13040] hfsplus: catalog searching failed
[  921.314193][T11237] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  921.452548][   T57] hfsplus: bad catalog file entry
[  921.458030][   T57] hfsplus: b-tree write err: -5, ino 3
[  921.558448][T13050] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2867'.
[  922.290962][T11243] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  922.454130][T13059] loop3: detected capacity change from 0 to 1764
[  922.489951][T11243] usb 1-1: Using ep0 maxpacket: 16
[  922.515320][T11243] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  922.527239][T11243] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  922.537471][T11243] usb 1-1: config 0 interface 0 has no altsetting 0
[  922.544754][T11243] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  922.559932][T11243] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  922.673286][T11243] usb 1-1: config 0 descriptor??
[  923.186288][T11243] nzxt-smart2 0003:1E71:2009.0016: unknown main item tag 0x0
[  923.194749][T11243] nzxt-smart2 0003:1E71:2009.0016: unknown main item tag 0x0
[  923.206043][T11243] nzxt-smart2 0003:1E71:2009.0016: unknown main item tag 0x0
[  923.354772][T11243] nzxt-smart2 0003:1E71:2009.0016: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.0-1/input0
[  923.491062][T11243] usb 1-1: USB disconnect, device number 3
[  924.207293][T13076] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  925.244232][T13086] raw_sendmsg: syz.3.2881 forgot to set AF_INET. Fix it!
[  925.936536][T13097] loop2: detected capacity change from 0 to 128
[  925.994820][T13094] loop3: detected capacity change from 0 to 512
[  926.049827][T13097] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  926.073473][T13094] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  926.199737][T13097] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  926.342096][   T30] audit: type=1800 audit(2000000571.060:111): pid=13097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2887" name="file1" dev="loop2" ino=12 res=0 errno=0
[  926.722722][T12238] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  928.212149][T13125] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.2899'.
[  928.703760][T13132] block nbd0: Dead connection, failed to find a fallback
[  928.711238][T13132] block nbd0: shutting down sockets
[  928.716837][T13132] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  928.726855][T13132] Buffer I/O error on dev nbd0, logical block 0, async page read
[  928.740600][T13132] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  928.753507][T13132] Buffer I/O error on dev nbd0, logical block 1, async page read
[  928.761893][T13132] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  928.771508][T13132] Buffer I/O error on dev nbd0, logical block 2, async page read
[  928.779901][T13132] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  928.789498][T13132] Buffer I/O error on dev nbd0, logical block 3, async page read
[  928.802632][T13132] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  928.820057][T13132] Buffer I/O error on dev nbd0, logical block 0, async page read
[  928.835886][T13132] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  928.845608][T13132] Buffer I/O error on dev nbd0, logical block 1, async page read
[  928.853966][T13132] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  928.863429][T13132] Buffer I/O error on dev nbd0, logical block 2, async page read
[  928.871688][T13132] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  928.881263][T13132] Buffer I/O error on dev nbd0, logical block 3, async page read
[  928.889654][T13132] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  928.903739][T13132] Buffer I/O error on dev nbd0, logical block 0, async page read
[  928.913615][T13132] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  928.923243][T13132] Buffer I/O error on dev nbd0, logical block 1, async page read
[  928.939998][T13132] ldm_validate_partition_table(): Disk read failed.
[  928.950147][T13132] Dev nbd0: unable to read RDB block 0
[  928.959122][T13132]  nbd0: unable to read partition table
[  929.180866][T13138] netlink: 216 bytes leftover after parsing attributes in process `syz.9.2906'.
[  929.190988][T13138] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2906'.
[  929.200684][T13138] netlink: 16 bytes leftover after parsing attributes in process `syz.9.2906'.
[  929.934035][ T3019] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  933.310296][T10421] Bluetooth: hci4: command 0x0406 tx timeout
[  939.837528][T13272] netlink: 144 bytes leftover after parsing attributes in process `syz.8.2962'.
[  940.295195][T13279] loop9: detected capacity change from 0 to 256
[  940.400572][T13279] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  942.280435][T12820] bridge0: port 3(syz_tun) entered disabled state
[  942.373396][T12820] syz_tun (unregistering): left allmulticast mode
[  942.380379][T12820] syz_tun (unregistering): left promiscuous mode
[  942.387326][T12820] bridge0: port 3(syz_tun) entered disabled state
[  942.658126][ T3857] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  942.906833][ T3857] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  943.073160][ T3857] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  943.307721][ T3857] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  943.568231][T13309] loop2: detected capacity change from 0 to 4096
[  943.707824][T13315] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  943.830171][ T3857] bridge_slave_1: left allmulticast mode
[  943.836254][ T3857] bridge_slave_1: left promiscuous mode
[  943.843395][ T3857] bridge0: port 2(bridge_slave_1) entered disabled state
[  943.888090][ T3857] bridge_slave_0: left allmulticast mode
[  943.894853][ T3857] bridge_slave_0: left promiscuous mode
[  943.901783][ T3857] bridge0: port 1(bridge_slave_0) entered disabled state
[  944.607716][ T3857] dvmrp1 (unregistering): left allmulticast mode
[  945.443827][T13319] loop9: detected capacity change from 0 to 64
[  945.537881][ T3857] hsr_slave_0: left promiscuous mode
[  945.568455][ T3857] hsr_slave_1: left promiscuous mode
[  945.577306][ T3857] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  945.585103][ T3857] batman_adv: batadv0: Removing interface: batadv_slave_0
[  945.698483][ T3857] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  945.706641][ T3857] batman_adv: batadv0: Removing interface: batadv_slave_1
[  945.859227][ T3857] team_slave_0: left promiscuous mode
[  945.865032][ T3857] team_slave_1: left promiscuous mode
[  945.871158][ T3857] veth1_macvtap: left promiscuous mode
[  945.876976][ T3857] veth0_macvtap: left promiscuous mode
[  945.883230][ T3857] veth1_vlan: left promiscuous mode
[  945.888914][ T3857] veth0_vlan: left promiscuous mode
[  946.665554][T13332] loop9: detected capacity change from 0 to 16
[  946.693672][ T3857] team0 (unregistering): Port device batadv1 removed
[  946.984730][T10421] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  946.996463][T10421] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  947.007104][T10421] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  947.030584][T10421] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  947.044617][T10421] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  947.148587][T13335] loop8: detected capacity change from 0 to 512
[  947.224520][T13335] EXT4-fs: Ignoring removed orlov option
[  947.262484][T13335] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  947.374828][T13335] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  947.414629][ T3857] team0 (unregistering): Port device team_slave_1 removed
[  947.481525][T13335] EXT4-fs error (device loop8): ext4_iget_extra_inode:5104: inode #15: comm syz.8.2992: corrupted in-inode xattr: e_value size too large
[  947.482284][ T3857] team0 (unregistering): Port device team_slave_0 removed
[  947.545777][T13335] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.2992: couldn't read orphan inode 15 (err -117)
[  947.620558][T13335] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  948.055537][T11237] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  948.819891][ T5865] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  948.852100][T13349] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2994'.
[  949.050814][ T5865] usb 1-1: Using ep0 maxpacket: 32
[  949.093284][ T5865] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  949.103152][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  949.166092][ T5112] Bluetooth: hci3: command tx timeout
[  949.203169][ T5865] usb 1-1: config 0 descriptor??
[  950.690170][ T5865] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  950.787526][ T5865] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  950.857482][ T5865] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  950.865195][ T5865] usb 1-1: media controller created
[  950.882564][T13343] =====================================================
[  950.890443][T13343] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120
[  950.897892][T13343]  _copy_to_user+0xcc/0x120
[  950.903005][T13343]  i2cdev_ioctl_smbus+0x586/0x660
[  950.908348][T13343]  compat_i2cdev_ioctl+0x48f/0xb40
[  950.917081][T13343]  __ia32_compat_sys_ioctl+0x7f6/0x1270
[  950.924717][T13343]  ia32_sys_call+0x2d5f/0x4310
[  950.929831][T13343]  __do_fast_syscall_32+0xb0/0x150
[  950.935325][T13343]  do_fast_syscall_32+0x38/0x80
[  950.940545][T13343]  do_SYSENTER_32+0x1f/0x30
[  950.945311][T13343]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  950.953125][T13343] 
[  950.955969][T13343] Uninit was stored to memory at:
[  950.961444][T13343]  __i2c_smbus_xfer+0x254d/0x2f60
[  950.966866][T13343]  i2c_smbus_xfer+0x31d/0x4d0
[  950.973601][T13343]  i2cdev_ioctl_smbus+0x4a1/0x660
[  950.978859][T13343]  compat_i2cdev_ioctl+0x48f/0xb40
[  950.984515][T13343]  __ia32_compat_sys_ioctl+0x7f6/0x1270
[  950.990529][T13343]  ia32_sys_call+0x2d5f/0x4310
[  950.995472][T13343]  __do_fast_syscall_32+0xb0/0x150
[  951.000945][T13343]  do_fast_syscall_32+0x38/0x80
[  951.006118][T13343]  do_SYSENTER_32+0x1f/0x30
[  951.010952][T13343]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  951.020889][T13343] 
[  951.023364][T13343] Local variable msgbuf1.i created at:
[  951.028920][T13343]  __i2c_smbus_xfer+0x86a/0x2f60
[  951.035305][T13343]  i2c_smbus_xfer+0x31d/0x4d0
[  951.040333][T13343] 
[  951.042740][T13343] Bytes 0-1 of 2 are uninitialized
[  951.048049][T13343] Memory access of size 2 starts at ffff88801de17c86
[  951.056182][T13343] Data copied to user address 0000000080000500
[  951.062870][T13343] 
[  951.065321][T13343] CPU: 0 UID: 0 PID: 13343 Comm: syz.0.2995 Not tainted syzkaller #0 PREEMPT(none) 
[  951.075111][T13343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  951.085453][T13343] =====================================================
[  951.092740][T13343] Disabling lock debugging due to kernel taint
[  951.099001][T13343] Kernel panic - not syncing: kmsan.panic set ...
[  951.105664][T13343] CPU: 0 UID: 0 PID: 13343 Comm: syz.0.2995 Tainted: G    B               syzkaller #0 PREEMPT(none) 
[  951.116918][T13343] Tainted: [B]=BAD_PAGE
[  951.121180][T13343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  951.131514][T13343] Call Trace:
[  951.134936][T13343]  <TASK>
[  951.138065][T13343]  __dump_stack+0x26/0x30
[  951.142647][T13343]  dump_stack_lvl+0x53/0x270
[  951.147484][T13343]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  951.153547][T13343]  dump_stack+0x1e/0x25
[  951.157924][T13343]  vpanic+0x361/0xc50
[  951.162148][T13343]  panic+0x15d/0x160
[  951.166402][T13343]  kmsan_report+0x31c/0x320
[  951.171381][T13343]  ? kmsan_internal_check_memory+0x1e1/0x230
[  951.177558][T13343]  ? kmsan_copy_to_user+0xf1/0x190
[  951.182882][T13343]  ? _copy_to_user+0xcc/0x120
[  951.187950][T13343]  ? i2cdev_ioctl_smbus+0x586/0x660
[  951.193656][T13343]  ? compat_i2cdev_ioctl+0x48f/0xb40
[  951.199182][T13343]  ? __ia32_compat_sys_ioctl+0x7f6/0x1270
[  951.205287][T13343]  ? ia32_sys_call+0x2d5f/0x4310
[  951.210493][T13343]  ? __do_fast_syscall_32+0xb0/0x150
[  951.216147][T13343]  ? do_fast_syscall_32+0x38/0x80
[  951.221360][T13343]  ? do_SYSENTER_32+0x1f/0x30
[  951.226215][T13343]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  951.233057][T13343]  ? __pfx_az6027_i2c_xfer+0x10/0x10
[  951.238552][T13343]  ? __i2c_transfer+0x11cd/0x3110
[  951.244003][T13343]  ? kmsan_get_metadata+0xfb/0x160
[  951.249339][T13343]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  951.255974][T13343]  ? kmsan_get_metadata+0xfb/0x160
[  951.261407][T13343]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  951.267557][T13343]  ? __i2c_smbus_xfer+0x1e93/0x2f60
[  951.273066][T13343]  ? kmsan_get_metadata+0xfb/0x160
[  951.278383][T13343]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  951.284500][T13343]  kmsan_internal_check_memory+0x1e1/0x230
[  951.290614][T13343]  kmsan_copy_to_user+0xf1/0x190
[  951.295780][T13343]  _copy_to_user+0xcc/0x120
[  951.300481][T13343]  i2cdev_ioctl_smbus+0x586/0x660
[  951.305778][T13343]  compat_i2cdev_ioctl+0x48f/0xb40
[  951.311149][T13343]  ? __pfx_compat_i2cdev_ioctl+0x10/0x10
[  951.317100][T13343]  __ia32_compat_sys_ioctl+0x7f6/0x1270
[  951.322877][T13343]  ? kmsan_get_metadata+0xfb/0x160
[  951.328284][T13343]  ? kmsan_get_metadata+0xfb/0x160
[  951.333616][T13343]  ia32_sys_call+0x2d5f/0x4310
[  951.338559][T13343]  __do_fast_syscall_32+0xb0/0x150
[  951.343890][T13343]  do_fast_syscall_32+0x38/0x80
[  951.348914][T13343]  do_SYSENTER_32+0x1f/0x30
[  951.353584][T13343]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  951.360138][T13343] RIP: 0023:0xf70fe539
[  951.364758][T13343] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  951.384557][T13343] RSP: 002b:00000000f54ee55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  951.393252][T13343] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000720
[  951.401429][T13343] RDX: 0000000080000540 RSI: 0000000000000000 RDI: 0000000000000000
[  951.409537][T13343] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  951.417761][T13343] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  951.426094][T13343] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  951.434350][T13343]  </TASK>
[  951.437801][T13343] Kernel Offset: disabled
[  951.442301][T13343] Rebooting in 86400 seconds..