last executing test programs:

59.016218744s ago: executing program 2:
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
syz_open_procfs(0x0, &(0x7f0000000bc0)='environ\x00')
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
open(&(0x7f0000000340)='./file0\x00', 0x109004, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x3820490, 0x0, 0x0, 0x0, &(0x7f0000000040))
pipe2$9p(&(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])

46.46769855s ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r1}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0))

45.374076498s ago: executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000007c00)={0x0, 0x0, &(0x7f0000007bc0)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14}, @NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x503, 0x0, 0x0, {}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x5c}}, 0x0)

45.031754384s ago: executing program 3:
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f00000028c0))

44.864987933s ago: executing program 2:
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
pselect6(0x40, &(0x7f0000000400)={0xfc}, 0x0, 0x0, 0x0, 0x0)

44.508051454s ago: executing program 3:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB='\n'], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
write$cgroup_type(r1, &(0x7f0000000140), 0x9)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000200)={'batadv_slave_0\x00', @remote})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00'}, 0x10)
write$cgroup_type(r4, &(0x7f0000000140), 0x9)

44.396967825s ago: executing program 2:
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000002540)='./file2\x00', 0x0, 0x0)
r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @remote}, 0x0, 0x800)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000100)={0x2, 0x3}, 0x4)
io_uring_setup(0x30d1, &(0x7f0000000000))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e580e", '\x00', "fffffffffffffffd"}, 0x38)
write$binfmt_script(r4, &(0x7f0000001300), 0x8f)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000740)=0x40)
writev(r4, &(0x7f0000000180)=[{&(0x7f0000000140)='1', 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r2, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)
r5 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
syz_mount_image$hfsplus(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80000c, &(0x7f00000003c0)=ANY=[@ANYBLOB='nobarrier,decompose,gid=', @ANYRESHEX=0x0, @ANYBLOB=',barrier,gid=', @ANYRESHEX=0x0, @ANYBLOB=',gid=', @ANYRESHEX, @ANYBLOB=',uid=', @ANYRESHEX=0x0, @ANYBLOB="2c6e6c733d64656661756c742c001bb4a4447bd69aa8532125707aa318f1e60d28086a88ef2208cc30839fc1be7ad88539fad2c027aca664454d7bf988a9fa9f5f0cab42326f5c70febc7902ce02b8ec0adb23bef1c917d0bd"], 0x1, 0x6e3, &(0x7f00000009c0)="$eJzs3c1rHOcZAPBnVqvVrgqOnPgjLYEsMaSlorZkobTqpW4pRYdQQnroebHlWHgtB0kpSii10vYP6CGnntKDbqGHkt4N7bkhUHLVMVDIJSfdVGZ2ZrWr/bS1luTk9zMz8868H/POMzszml3MG8C31up8lB9HEqvzb+6k6/t7S82pvaWZPLsZEZWIKEWUW4tINiLLvZVP8d10Y14+GbSfj9ZX3v7i6/0vW2vlfMrKl4bV66PSu2k3n6IeEVP5stf0gBY/Pb77rvZuD2xvXEn7CNOAXSsCF389UatwYoc9dtt5n/w3mw+r/iTXLXBOJa3nZo+5iNmIqEa0nvr53aF0ur2bvN2z7gAAAAA8qdqoAr2v6y8cxEHsxIVn1SUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4JsrH/0/yqVSk65EU4/9X8m2Rp59Ln8+0lo/PuiMAAAAAAAAAMAGvHsRB7MSFYv0wyX7zf63jN/7vxHuxFWuxGddjJxqxHduxGYsRMdfRUGWnsb29uZjVjLg0pObN+KxPzZuD+3hrwscMAAAAAAAAAOdcdUT+/enebX+M1aPf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DxIIqZai2y6VKTnolSOiGpEVNJyuxGfFennRNJv4+PT7wcAAACcSLV7NamOUeeFR3EQO3GhWD9Msnf+K9n7cjXei43YjvXYjmasxZ38HTp96y/t7y019/eWHqRTb7s//+qJup61GK3vHvrv+eWsRC3uxnq25XrcjiQOM6W8lZf395bS5YP9vaRPvz5M+5T8LDekN1Md6Tvp7OqnWfov3d8ilJ/oEJ9SaWDOXJY73Y7IQt63tMbF4sz0P0Mjz0556J4Wo9T+5ufS8D31j/mHw/c+e6xU329uzsTxSNyMUvsMXRkeiYjv//OT395rbty/d3dr/vwcUl+PRpY4Homljkhc/QZFYrSFLBKX2+ur8av4TczHVzNvxWasx++iEduxVi/yG/nnOZ3PDY/U57Oda2+N6kl6Tdbb969+fapHV5+iHr/MUo14LTunF2I9kngYMb0Wb2T/bsZi+25wdIYvj3HVl8a403a49oNs0Q5T1AaX/ft4TU5KGteLHXHtvOfOZXmdW46i9GLfKBXPuvGfRx3K38sTaQt/Gvp8OG3HI7HYEYmXBn1eWiH922E632pu3N+813h3zP29ni+LT+f5uZGkZ/jFqOYHdzGbp71LPx1p3kvtXnfHq5L/4tJS6sm73K7XulJ/HQ/jTnReqT+O5ViOlaz0laz0dM8TK8272m6p+x6e5qV/aZXbP+x0/r31MJqtv4cAON9mfzhbqf2v9p/ax7U/1+7V3qz+YuYnM69UYvrf0z8tL0y9Xnol+Ud8HH84ev8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACe3tb7H9xvNJtrm/0Tpf5ZyfBajeZhPpDYsDJdiSQfKmeMwslYDQ5PzOSHf9J2uhL1p2qwGK1xdOH65Lrak0h28xPW3lIdfS6yUZ4ejXWWk56Ap5Wfus/F+FLPKBoTStQn12DxgR1WZuRVWYys1pU1FRH9Co+4cUxN6g4EnJUb2w/evbH1/gc/Wn/QeGftnbWN6eXllYWV5TeWbtxdb64ttOYdFU5l8FvgNBw99Du3liJeHV13yECtAAAAAAAAAAAAwDN0Gv8X4qyPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHi+rc5H+XEksbhwfSFd399baqZTkT4qWY6IUkQkv49I/hVxK1pTzHU0lwzaz0frK29/8fX+l0dtlYvypYjdgfXGs5tPUY+IqXw5qfZuj26vcpSc6ZOdtCOTBuxaETg4a/8PAAD//8uX63A=")
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x4)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000480))
ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000000300)=<r6=>0x0)
write$cgroup_pid(r1, &(0x7f0000000380)=r6, 0x12)

43.713590108s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x0, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000ffdd18110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)

14.627138719s ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'geneve1\x00', 0x112})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400})
close(r1)

14.076418784s ago: executing program 3:
r0 = gettid()
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{}, &(0x7f00000002c0), 0x0}, 0x20)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000080)="a1", 0x20000081}], 0x2, 0x0)
vmsplice(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)='c', 0x1}], 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg1\x00'})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0)

13.76083334s ago: executing program 2:
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYRES8=0x0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x90)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
capset(0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x4}, @IFLA_MACVLAN_FLAGS={0x6}]}}}]}, 0x44}}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x4080)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x2f)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @empty}, r2}}, 0x48)
write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000080)={0x13, 0x10, 0xfa00, {&(0x7f00000004c0), r2}}, 0x18)

10.79462662s ago: executing program 3:
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000002540)='./file2\x00', 0x0, 0x0)
r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @remote}, 0x0, 0x800)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000100)={0x2, 0x3}, 0x4)
io_uring_setup(0x30d1, &(0x7f0000000000))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e580e", '\x00', "fffffffffffffffd"}, 0x38)
write$binfmt_script(r4, &(0x7f0000001300), 0x8f)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000740)=0x40)
writev(r4, &(0x7f0000000180)=[{&(0x7f0000000140)='1', 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r2, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)
r5 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, 0x0)
ioctl$TCFLSH(r6, 0x400455c8, 0x4)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000480))
ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000000300)=<r7=>0x0)
write$cgroup_pid(r1, &(0x7f0000000380)=r7, 0x12)

7.431791675s ago: executing program 1:
r0 = gettid()
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{}, &(0x7f00000002c0), 0x0}, 0x20)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000080)="a1", 0x20000081}], 0x2, 0x0)
vmsplice(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)='c', 0x1}], 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg1\x00'})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000da5ef9080304106000011001010109021200010000000009047f659212c4a8ee96f37848db946d30eddbea169646c4ef6fe1214d"], 0x0)

6.127181333s ago: executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0})
r2 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000100)={0xe, 0x2, 0x0, "4b9c39f88e56d5d98deee9080b0de7611ebfeef3cef83f51fdb40f0aeab9e862"})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x1f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}]})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

5.615750066s ago: executing program 0:
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x50}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x35, 0x4, 0x0, 0x0, 0xd4, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2, 0x7}, {@private}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

5.217111118s ago: executing program 1:
socket$inet_udp(0x2, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
pselect6(0x40, &(0x7f0000000400)={0xfc}, 0x0, 0x0, 0x0, 0x0)

4.721756881s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000040), &(0x7f0000000180)}, 0x20)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00')
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='oom_score_adj\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, 0x0)
pread64(r8, 0x0, 0x0, 0x0)
getdents(r7, &(0x7f0000000380)=""/24, 0x18)
getdents64(r7, 0xffffffffffffffff, 0x43)
socket$nl_rdma(0x10, 0x3, 0x14)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r9, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000001500000020002b8008000100030000000c0005000000000000000000050002000000000008000300", @ANYRES32], 0x44}}, 0x0)

4.670844317s ago: executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
listen(r0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)

4.160481537s ago: executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x3, 0x8000}, 0x48)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000400)={'#! ', './file0'}, 0xb)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e24, @loopback}, {0x0, @random="0000000000ea"}, 0x8, {0x2, 0x0, @empty}, 'veth0\x00'})
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000200)=""/233, 0xe9}], 0x1, 0xfff, 0x0)

4.049666745s ago: executing program 0:
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000000c0), &(0x7f00000001c0)=0x4)
write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
getsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x8, 0x0, &(0x7f0000000000))

3.637493199s ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4e32dd2b6967335", 0x8}], 0x1, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a0000000018000000000000001701000004000000060200000040000018"], 0x60}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000300)=""/92, 0x5c}], 0x1}}], 0x1, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

3.364163619s ago: executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e580e", '\x00', "fffffffffffffffd"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000140)="b5", 0x1}, {0x0}], 0x2)

3.325520161s ago: executing program 1:
r0 = gettid()
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{}, &(0x7f00000002c0), 0x0}, 0x20)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000080)="a1", 0x20000081}], 0x2, 0x0)
vmsplice(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)='c', 0x1}], 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg1\x00'})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000da5ef9080304106000011001010109021200010000000009047f659212c4a8ee96f37848db946d30eddbea169646c4ef6fe1214d"], 0x0)

2.765032024s ago: executing program 0:
r0 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000080)=0x1c)
fsetxattr$trusted_overlay_upper(r0, &(0x7f00000000c0), &(0x7f0000000180)={0x0, 0xfb, 0x84, 0x0, 0x0, "243fe715c6236634beb551e0f585b327", "95c3df7e45e227883c828b04c7fc0e385e4b7a4a85aa44e6792b900d5826ff1bf43fbb635f85aebae18ce7c178219be9a6e9c75158bf9a457f345e9d3de725d1cd8fabe5fa59f857fb8a3307247c9b9217fbada35e35946afe1e3312d73324a3c235cc25ed60ac38855db3e5344169"}, 0x84, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="28000000030601010000000000000000000000000500010007"], 0x28}}, 0x0)

2.222863864s ago: executing program 0:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4e32dd2b696733552eca3e954943a18709f72fbd259a936c67ebe806ab21823f4a0c47bff45323c2b30982dfc67b46cc9a5a07c33fc", 0x36}, {0x0}], 0x2, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a00000000180000000000000017010000040000000602000000400000180000000000000017010000030000000100000000000079240809000000ac87448793609bd8299d6dfc465829b711ce28eb8f568438917ebd0699be96bd1485f6aaa8486e00000000e301f2e09aebda6eeb1c61f96b6d3f91c0f8c1ffbb85cfdd5b8b437a3720ba4cdfb681516c3a240207b6bbdfb37747cc7411886fdba55bcbfa68226644556e8117f9f9fc5be3b7095b2ab7c19b0c6fada03a7f9b9172f0cc960ee263e82e3232edea82b9736d65309e0ad2922ecbb7cde9ce78555fabb941d114e83b37255d6b43b2927696e4f4cf3b23086021fe4e33d049de5318ef3803ceacddc02734c96a9765486a9bf8d65791b000000000000000000000000000000000000000009d97cea3f950d55b265e480ff02c27bda4848c64ca7dcbcd060b9c0dea483c6069d2cdc473cfacc9052cc2c9e3ee037042fd329173c5e7c9ef8800a51332df5a08602a72a553035711cb9159757303a5e7d389786df44441dc82a9d32c56db8a8b3578cd0faabfa23fb46e22b45a464e35315d8c2dd3fae8b530cf8eb0d8dcb682772bed766be5208e61eab965c6c9a217a4e13f0085626c0408f381205251c18a8f6a44"], 0x60}], 0x1, 0x8001)
recvmmsg(r1, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000300)=""/92, 0x5c}], 0x1}}], 0x1, 0x0, 0x0)

2.121727686s ago: executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0})
syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x1f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

827.258193ms ago: executing program 0:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
unshare(0x22020400)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000710000ff7f00000000000000"], &(0x7f0000000200)='GPL\x00', 0xb9d9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)={@map, 0xffffffffffffffff, 0x18, 0x8}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=@base={0x16, 0x0, 0xb161, 0x2, 0x6, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x7ffffffe}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2, <r3=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r3, 0x0, 0xfffffffffffffffd}, 0x20)
syz_genetlink_get_family_id$mptcp(&(0x7f00000005c0), 0xffffffffffffffff)
socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1b96, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{}, [{}]}}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00'})
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io(r4, &(0x7f0000000d40)={0x2c, &(0x7f0000000780)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

759.235149ms ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="2598ccde00000000b70800004e9d00007b8af8ff00000000bfa20000fbff000007020000f8fffffdb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000187b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e85000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000180), 0xb)
copy_file_range(r6, &(0x7f0000000080), r5, 0x0, 0xfffffffffffffff8, 0x0)

550.451153ms ago: executing program 4:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x3fe, &(0x7f0000000000)={@multicast, @random="777de85bf4dd", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x3c8, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x1, 0xa, "a78ce54006598080a8030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000050000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46c56aa00148c356de6b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x18, 0x7, "b8a3e10000a3e1100000006f00ff12164039d0ebab140888c235c0fffe00000000600000ff0bc0fe0000000000000000fe20e23f6541c3"}, {0x0, 0x22, "5e14f0e74d2d36cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18061c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3be0800c5fd97622c676d8800871a6aa54155de489abaa522c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c872d3126a3913336064fd440198947cb61124c665548344da863da2dfcd578ed9b048c76415994fc6c83db3be26b6328cb52bf265ae2f1e3da6fe8f39a1ca6d9d4e6ddc17dca63ccb904a23f32ea0a16dbfd2c84d9253d3cfc6400297b0f596bd4cd93f292043fff5a50aad2c4a9871bb6f215421d960fbf5f12"}]}}}}}}, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_LINK_TOL(r1, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 4:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_mreqsrc(r2, 0x0, 0x53, 0x0, &(0x7f00000000c0))
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000800)={'hsr0\x00', <r8=>0x0})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newlink={0x54, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_PMTUDISC={0x5}, @IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0xaf207}, @IFLA_GRE_LINK={0x8, 0x1, r8}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x54}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYRES32=0x0, @ANYRESDEC=r6], 0x3c}}, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r10, 0x89f1, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000100)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x5e55b37311de6d89, 0x0, @multicast1, @empty}}}})
close(r9)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r9, 0x0, 0x4ffe2, 0x0)

kernel console output (not intermixed with test programs):

dor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1390.796104][T10253] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1390.854957][ T3086] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1390.926789][T10253] usb 4-1: config 0 descriptor??
[ 1391.065633][ T5131] usb 5-1: USB disconnect, device number 30
[ 1391.288208][T14578] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1391.296123][T14578] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1391.308048][T14578] bridge_slave_0: entered allmulticast mode
[ 1391.317187][T14578] bridge_slave_0: entered promiscuous mode
[ 1391.369469][T10253] usb 4-1: can't set config #0, error -71
[ 1391.420089][T10253] usb 4-1: USB disconnect, device number 20
[ 1391.460921][ T5131] usb 5-1: ath9k_htc: USB layer deinitialized
[ 1391.739635][T14578] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1391.747677][T14578] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1391.757171][T14578] bridge_slave_1: entered allmulticast mode
[ 1391.766479][T14578] bridge_slave_1: entered promiscuous mode
[ 1392.126078][ T3086] bridge_slave_1: left allmulticast mode
[ 1392.131992][ T3086] bridge_slave_1: left promiscuous mode
[ 1392.138712][ T3086] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1392.179652][ T3086] bridge_slave_0: left allmulticast mode
[ 1392.186723][ T3086] bridge_slave_0: left promiscuous mode
[ 1392.193278][ T3086] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1392.544589][T13689] Bluetooth: hci1: command tx timeout
[ 1392.786304][ T3086] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1392.821133][ T3086] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1392.849748][ T3086] bond0 (unregistering): Released all slaves
[ 1392.907876][T14578] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1392.953167][T14578] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1393.062374][T14634] loop4: detected capacity change from 0 to 1024
[ 1393.071803][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88804674c000: rx timeout, send abort
[ 1393.112442][T14634] hfsplus: unable to parse mount options
[ 1393.198638][T14578] team0: Port device team_slave_0 added
[ 1393.240141][ T3086] IPVS: stopping master sync thread 10772 ...
[ 1393.387201][T14578] team0: Port device team_slave_1 added
[ 1393.527272][T14578] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1393.535870][T14578] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1393.565574][T14578] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1393.580446][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88804674c000: abort rx timeout. Force session deactivation
[ 1393.584040][    T8] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1393.677772][T14641] loop4: detected capacity change from 0 to 128
[ 1393.711581][T14641] FAT-fs (loop4): Unrecognized mount option "/dev/kvm" or missing value
[ 1393.748980][T14578] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1393.756369][T14578] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1393.787524][T14578] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1393.986452][T14644] loop4: detected capacity change from 0 to 1024
[ 1394.077137][    T8] usb 3-1: config index 0 descriptor too short (expected 49048, got 72)
[ 1394.206380][ T3086] hsr_slave_0: left promiscuous mode
[ 1394.242234][ T3086] hsr_slave_1: left promiscuous mode
[ 1394.245497][T14643] loop0: detected capacity change from 0 to 4096
[ 1394.251826][T14644] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1394.267559][T14644] ext4 filesystem being mounted at /root/syzkaller-testdir1692678591/syzkaller.nGMfq6/35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1394.289666][    T8] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1394.299127][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1394.307536][    T8] usb 3-1: Product: syz
[ 1394.311913][    T8] usb 3-1: Manufacturer: syz
[ 1394.316795][    T8] usb 3-1: SerialNumber: syz
[ 1394.347219][ T3086] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1394.355198][ T3086] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1394.369125][T14643] ntfs3: Unknown parameter 'audit'
[ 1394.403250][ T3086] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1394.411375][ T3086] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1394.459920][    T8] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1394.516200][   T29] audit: type=1326 audit(1718197117.495:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14640 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x7ffc0000
[ 1394.540544][   T29] audit: type=1326 audit(1718197117.515:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14640 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x7ffc0000
[ 1394.549631][ T3086] veth1_macvtap: left promiscuous mode
[ 1394.565732][   T29] audit: type=1326 audit(1718197117.555:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14640 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feaef87cea9 code=0x7ffc0000
[ 1394.570110][ T3086] veth0_macvtap: left promiscuous mode
[ 1394.595056][   T29] audit: type=1326 audit(1718197117.555:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14640 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x7ffc0000
[ 1394.603150][ T3086] veth1_vlan: left promiscuous mode
[ 1394.621751][   T29] audit: type=1326 audit(1718197117.555:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14640 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x7ffc0000
[ 1394.628190][ T3086] veth0_vlan: left promiscuous mode
[ 1394.649641][   T29] audit: type=1326 audit(1718197117.575:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14640 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feaef87cea9 code=0x7ffc0000
[ 1394.681673][   T29] audit: type=1326 audit(1718197117.575:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14640 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x7ffc0000
[ 1394.685847][T13689] Bluetooth: hci1: command tx timeout
[ 1394.706205][   T29] audit: type=1326 audit(1718197117.575:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14640 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x7ffc0000
[ 1394.734791][   T29] audit: type=1326 audit(1718197117.575:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14640 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7feaef87cea9 code=0x7ffc0000
[ 1394.758305][   T29] audit: type=1326 audit(1718197117.575:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14640 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x7ffc0000
[ 1395.579964][T13740] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1395.617251][ T3086] team0 (unregistering): Port device team_slave_1 removed
[ 1395.629555][T11861] smc: removing ib device syz2
[ 1395.728947][ T3086] team0 (unregistering): Port device team_slave_0 removed
[ 1396.125300][   T10] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1396.681229][ T3086] team0 (unregistering): Port device dummy0 removed
[ 1397.937889][T13699] usb 3-1: USB disconnect, device number 26
[ 1398.461079][   T10] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[ 1398.473326][   T10] ath9k_htc: Failed to initialize the device
[ 1398.751267][T13699] usb 3-1: ath9k_htc: USB layer deinitialized
[ 1398.891565][T14578] hsr_slave_0: entered promiscuous mode
[ 1398.961087][T14578] hsr_slave_1: entered promiscuous mode
[ 1398.999543][T14578] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1399.007587][T14578] Cannot create hsr debugfs directory
[ 1399.451717][T14674] loop0: detected capacity change from 0 to 1024
[ 1399.507182][T14674] hfsplus: unable to parse mount options
[ 1399.723002][T14678] loop3: detected capacity change from 0 to 64
[ 1400.488921][T14578] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1400.607216][T14578] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1400.715671][T14578] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1400.799839][T14578] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1401.725456][T14696] loop4: detected capacity change from 0 to 4096
[ 1401.753169][T14696] ntfs3: Unknown parameter 'audit'
[ 1404.390244][T14713] loop2: detected capacity change from 0 to 1024
[ 1404.483787][T14578] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1404.530563][T14713] hfsplus: unable to parse mount options
[ 1404.823650][T14578] 8021q: adding VLAN 0 to HW filter on device team0
[ 1404.973673][ T5124] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1404.981494][ T5124] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1405.200360][ T5124] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1405.208137][ T5124] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1405.996972][T14730] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1406.009134][T14730] bridge_slave_1: left allmulticast mode
[ 1406.015611][T14730] bridge_slave_1: left promiscuous mode
[ 1406.022384][T14730] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1406.214230][T14730] bridge_slave_0: left allmulticast mode
[ 1406.220329][T14730] bridge_slave_0: left promiscuous mode
[ 1406.229950][T14730] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1407.445626][T14734] Cannot find add_set index 0 as target
[ 1407.502543][T14744] loop0: detected capacity change from 0 to 16
[ 1407.962884][T14578] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1408.346397][T14754] loop2: detected capacity change from 0 to 1024
[ 1408.411265][T14578] veth0_vlan: entered promiscuous mode
[ 1408.413504][T14754] hfsplus: unable to parse mount options
[ 1408.477865][T14578] veth1_vlan: entered promiscuous mode
[ 1408.759139][T14578] veth0_macvtap: entered promiscuous mode
[ 1408.838281][T14578] veth1_macvtap: entered promiscuous mode
[ 1408.916764][T14756] loop4: detected capacity change from 0 to 4096
[ 1408.977646][T14756] ntfs3: Unknown parameter 'audit'
[ 1409.022985][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1409.035052][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1409.045241][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1409.056030][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1409.066191][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1409.076998][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1409.087314][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1409.098418][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1409.113732][T14578] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1409.123833][ T8445] Bluetooth: hci4: command 0x0406 tx timeout
[ 1409.182298][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1409.194784][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1409.206023][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1409.218174][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1409.231337][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1409.242976][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1409.253650][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1409.264598][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1409.279310][T14578] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1409.346620][T14578] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.355893][T14578] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.365103][T14578] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.374310][T14578] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1409.410489][T14764] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1409.420276][T14764] bridge_slave_1: left allmulticast mode
[ 1409.423988][T14762] loop2: detected capacity change from 0 to 2048
[ 1409.439434][T14764] bridge_slave_1: left promiscuous mode
[ 1409.446229][T14764] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1409.470893][T14762]  loop2: p1 p2 p3
[ 1409.475452][T14762] loop2: p1 size 458752 extends beyond EOD, truncated
[ 1409.518774][T14762] loop2: p2 start 4294902784 is beyond EOD, truncated
[ 1409.526036][T14762] loop2: p3 start 4278206208 is beyond EOD, truncated
[ 1409.537037][T14764] bridge_slave_0: left promiscuous mode
[ 1409.543929][T14764] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1413.137140][T14786] loop2: detected capacity change from 0 to 1024
[ 1413.157941][T14786] hfsplus: unable to parse mount options
[ 1413.413730][ T5120] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[ 1413.956163][ T5120] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[ 1413.966407][ T5120] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1413.974842][ T5120] usb 1-1: Product: syz
[ 1413.979245][ T5120] usb 1-1: Manufacturer: syz
[ 1413.984227][ T5120] usb 1-1: SerialNumber: syz
[ 1414.089924][ T5120] usb 1-1: config 0 descriptor??
[ 1414.172139][ T5120] ch341 1-1:0.0: ch341-uart converter detected
[ 1414.229098][ T8445] Bluetooth: hci0: command 0x0406 tx timeout
[ 1414.448205][ T5120] usb 1-1: failed to receive control message: -71
[ 1414.455202][ T5120] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[ 1414.542867][ T5120] usb 1-1: USB disconnect, device number 27
[ 1414.556750][ T5120] ch341 1-1:0.0: device disconnected
[ 1414.847184][T14816] loop2: detected capacity change from 0 to 40427
[ 1414.868588][T14816] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1414.876793][T14816] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1414.906913][ T3152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1414.915224][ T3152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1415.005974][T10253] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1415.014357][T10253] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1415.108506][T14816] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1415.392296][T14816] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1415.400344][T14816] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1415.499147][T14834] loop0: detected capacity change from 0 to 512
[ 1415.768294][T14834] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[ 1415.797551][T14834] EXT4-fs (loop0): 1 truncate cleaned up
[ 1415.804406][T14834] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1415.930108][T14834] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1416.573818][T13688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1416.796699][T14843] loop3: detected capacity change from 0 to 512
[ 1416.852401][T14843] EXT4-fs: Ignoring removed oldalloc option
[ 1416.966967][T14843] EXT4-fs (loop3): filesystem is read-only
[ 1416.979647][T14843] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[ 1416.991675][T14843] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal
[ 1417.323172][T14851] loop1: detected capacity change from 0 to 128
[ 1417.407699][T14851] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[ 1417.522548][T14851] fuse: Unknown parameter 'fd0xffffffffffffffff'
[ 1417.862818][T14855] loop4: detected capacity change from 0 to 2048
[ 1418.242927][T14859] loop4: detected capacity change from 0 to 2048
[ 1418.909558][T14868] loop0: detected capacity change from 0 to 4096
[ 1419.080425][T14877] loop2: detected capacity change from 0 to 256
[ 1419.163695][T14880] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1420.899551][T14883] loop1: detected capacity change from 0 to 32768
[ 1421.046431][   T29] kauditd_printk_skb: 10 callbacks suppressed
[ 1421.046505][   T29] audit: type=1800 audit(1718197144.095:417): pid=14883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=7 res=0 errno=0
[ 1422.999972][T14887] loop0: detected capacity change from 0 to 40427
[ 1423.019525][T14887] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1423.028820][T14887] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1423.273612][T14887] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1423.553014][T14887] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1423.564764][T14887] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1423.972170][T14898] syz-executor.0: attempt to access beyond end of device
[ 1423.972170][T14898] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1424.401961][T13688] syz-executor.0: attempt to access beyond end of device
[ 1424.401961][T13688] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[ 1425.245799][T14920] tun0: tun_chr_ioctl cmd 1074025675
[ 1425.251531][T14920] tun0: persist enabled
[ 1425.321228][T14920] tun0: tun_chr_ioctl cmd 1074025675
[ 1425.328088][T14920] tun0: persist enabled
[ 1425.383401][T14910] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1426.299172][T14926] loop2: detected capacity change from 0 to 32768
[ 1426.459719][   T29] audit: type=1800 audit(1718197149.465:418): pid=14931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1957 res=0 errno=0
[ 1426.481475][   T29] audit: type=1800 audit(1718197149.475:419): pid=14926 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=7 res=0 errno=0
[ 1426.502686][   T29] audit: type=1800 audit(1718197149.485:420): pid=14931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1957 res=0 errno=0
[ 1427.892895][T14939] loop0: detected capacity change from 0 to 4096
[ 1428.415774][T14950] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1428.491939][T14946] loop3: detected capacity change from 0 to 4096
[ 1428.607571][T14943] loop4: detected capacity change from 0 to 40427
[ 1428.633096][T14946] NILFS (loop3): invalid segment: Checksum error in segment payload
[ 1428.643280][T14946] NILFS (loop3): trying rollback from an earlier position
[ 1428.657366][T14943] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1428.665984][T14943] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1428.718442][T14946] NILFS (loop3): norecovery option specified, skipping roll-forward recovery
[ 1428.793628][T14943] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1429.089230][T14943] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1429.098408][T14943] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1429.241821][ T6954] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 1429.457325][T14956] syz-executor.4: attempt to access beyond end of device
[ 1429.457325][T14956] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1429.546822][ T6954] usb 4-1: device descriptor read/64, error -71
[ 1429.835841][T13740] syz-executor.4: attempt to access beyond end of device
[ 1429.835841][T13740] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[ 1430.176607][ T6954] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[ 1430.614609][ T6954] usb 4-1: device descriptor read/64, error -71
[ 1430.777561][ T6954] usb usb4-port1: attempt power cycle
[ 1430.803907][   T29] audit: type=1326 audit(1718197153.845:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b8467cea9 code=0x0
[ 1430.908333][T14969] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1431.682663][T14972] loop1: detected capacity change from 0 to 32768
[ 1431.905730][   T29] audit: type=1800 audit(1718197154.885:422): pid=14972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=7 res=0 errno=0
[ 1431.934278][T14974] loop0: detected capacity change from 0 to 256
[ 1432.021747][T14974] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d)
[ 1433.273350][T14982] loop3: detected capacity change from 0 to 40427
[ 1433.337424][T14982] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1433.345892][T14982] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1433.430455][T14982] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1433.705519][T14987] loop0: detected capacity change from 0 to 40427
[ 1433.723198][T14987] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1433.731370][T14987] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1433.748959][T14982] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1433.756305][T14982] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1433.865489][T14986] loop4: detected capacity change from 0 to 256
[ 1433.916713][T14987] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1434.170732][T14987] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1434.178095][T14987] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1436.046380][T15004] loop2: detected capacity change from 0 to 4096
[ 1436.138080][T15004] NILFS (loop2): invalid segment: Checksum error in segment payload
[ 1436.148835][T15004] NILFS (loop2): trying rollback from an earlier position
[ 1436.280965][T15004] NILFS (loop2): norecovery option specified, skipping roll-forward recovery
[ 1436.634844][ T6954] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1436.854257][ T6954] usb 3-1: device descriptor read/64, error -71
[ 1437.180073][ T6954] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1437.205893][   T29] audit: type=1326 audit(1718197160.205:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15015 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x0
[ 1437.244918][T15019] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1437.434758][ T6954] usb 3-1: device descriptor read/64, error -71
[ 1437.601654][ T6954] usb usb3-port1: attempt power cycle
[ 1437.659044][T15027] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 1, id = 0
[ 1438.035629][ T6954] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1438.164667][ T6954] usb 3-1: device descriptor read/8, error -71
[ 1438.190640][   T29] audit: type=1326 audit(1718197161.235:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x0
[ 1438.330057][T15036] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1439.303907][T15038] loop0: detected capacity change from 0 to 40427
[ 1439.317714][ T6954] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1439.329247][T15038] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1439.338504][T15038] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1439.388002][T15038] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1439.612224][ T6954] usb 3-1: device not accepting address 30, error -71
[ 1439.620115][ T6954] usb usb3-port1: unable to enumerate USB device
[ 1439.715150][T15038] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1439.722571][T15038] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1440.258199][T15048] loop4: detected capacity change from 0 to 40427
[ 1440.306928][T15048] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1440.315107][T15048] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1440.518743][T15048] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1441.076342][T15048] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1441.083892][T15048] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1441.466747][T15057] syz-executor.4: attempt to access beyond end of device
[ 1441.466747][T15057] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1441.873237][T15059] loop2: detected capacity change from 0 to 256
[ 1441.875082][T13740] syz-executor.4: attempt to access beyond end of device
[ 1441.875082][T13740] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[ 1444.482806][   T29] audit: type=1326 audit(1718197167.485:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15068 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa06dc7cea9 code=0x0
[ 1444.572189][T15073] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1444.910735][T15077] loop1: detected capacity change from 0 to 1764
[ 1445.291802][   T29] audit: type=1326 audit(1718197168.315:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15079 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb1c5a7cea9 code=0x0
[ 1445.302510][T15075] syzkaller0: entered promiscuous mode
[ 1445.314638][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1445.319945][T15075] syzkaller0: entered allmulticast mode
[ 1445.389386][   T29] audit: type=1800 audit(1718197168.385:427): pid=15087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1958 res=0 errno=0
[ 1445.730676][ T5158] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[ 1446.065160][T15091] loop2: detected capacity change from 0 to 4096
[ 1446.155535][ T5158] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1446.167026][ T5158] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1446.177449][ T5158] usb 1-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 0.00
[ 1446.192872][ T5158] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1446.270182][T15091] NILFS (loop2): invalid segment: Checksum error in segment payload
[ 1446.279915][T15091] NILFS (loop2): trying rollback from an earlier position
[ 1446.330672][ T5158] usb 1-1: config 0 descriptor??
[ 1446.439182][T15093] loop4: detected capacity change from 0 to 40427
[ 1446.469587][T15093] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1446.477878][T15093] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1446.535784][T15091] NILFS (loop2): norecovery option specified, skipping roll-forward recovery
[ 1446.570237][T15093] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1446.899574][T15093] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1446.914342][T15093] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1447.275848][T15102] loop1: detected capacity change from 0 to 40427
[ 1447.300683][T15102] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1447.309252][T15102] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1447.390459][T15102] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1447.776272][T15102] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1447.784019][T15102] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1447.913799][ T5120] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 1447.924887][ T5158] usbhid 1-1:0.0: can't add hid device: -71
[ 1447.938976][ T5158] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1448.000790][ T1219] ieee802154 phy0 wpan0: encryption failed: -22
[ 1448.007568][ T1219] ieee802154 phy1 wpan1: encryption failed: -22
[ 1448.082973][ T5158] usb 1-1: USB disconnect, device number 28
[ 1448.696734][ T5120] usb 3-1: device descriptor read/64, error -71
[ 1449.368389][ T5120] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1450.013054][T15121] input: syz0 as /devices/virtual/input/input52
[ 1451.236660][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1451.720811][T15135] loop3: detected capacity change from 0 to 164
[ 1451.763801][T15135] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1451.856680][T15135] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1451.873300][T15137] loop4: detected capacity change from 0 to 256
[ 1453.327234][T15143] loop2: detected capacity change from 0 to 40427
[ 1453.402242][T15143] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1453.402370][T15143] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1453.511801][T15143] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1453.863999][T15143] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1453.875171][T15143] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1456.104358][T15146] syzkaller0: entered promiscuous mode
[ 1456.110055][T15146] syzkaller0: entered allmulticast mode
[ 1456.991568][T15162] loop3: detected capacity change from 0 to 4096
[ 1457.077304][T15162] NILFS (loop3): invalid segment: Checksum error in segment payload
[ 1457.085925][T15162] NILFS (loop3): trying rollback from an earlier position
[ 1457.232455][T15162] NILFS (loop3): norecovery option specified, skipping roll-forward recovery
[ 1457.312850][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1457.574339][ T5123] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1457.765480][ T5123] usb 4-1: device descriptor read/64, error -71
[ 1458.054261][ T5123] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1458.221642][T15180] loop4: detected capacity change from 0 to 164
[ 1458.273928][ T5123] usb 4-1: device descriptor read/64, error -71
[ 1458.303367][T15180] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1458.420127][ T5123] usb usb4-port1: attempt power cycle
[ 1458.867293][ T5123] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1459.465555][ T5123] usb 4-1: device descriptor read/8, error -71
[ 1459.923712][ T5123] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 1461.152571][T15193] loop1: detected capacity change from 0 to 256
[ 1461.315336][ T5123] usb 4-1: device descriptor read/8, error -71
[ 1461.447492][ T5123] usb usb4-port1: unable to enumerate USB device
[ 1462.020446][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1462.122388][   T29] audit: type=1326 audit(1718197185.165:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15200 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa06dc7cea9 code=0x0
[ 1462.250370][T15204] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1462.885160][T15218] loop4: detected capacity change from 0 to 164
[ 1462.984278][T15218] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1464.289490][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1464.595806][T15235] loop3: detected capacity change from 0 to 4096
[ 1465.008095][T15235] NILFS (loop3): invalid segment: Checksum error in segment payload
[ 1465.017031][T15235] NILFS (loop3): trying rollback from an earlier position
[ 1465.409665][T15235] NILFS (loop3): norecovery option specified, skipping roll-forward recovery
[ 1466.535401][T10253] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[ 1467.261376][T15245] loop1: detected capacity change from 0 to 40427
[ 1467.278043][T15245] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1467.278133][T15245] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1467.302691][T15243] loop4: detected capacity change from 0 to 256
[ 1467.355247][T10253] usb 4-1: device descriptor read/64, error -71
[ 1467.370998][T15245] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1467.664403][T15245] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1467.664532][T15245] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1468.251294][   T29] audit: type=1326 audit(1718197191.285:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15247 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b8467cea9 code=0x0
[ 1468.366107][T15251] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1469.997467][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1470.643030][T15280] loop1: detected capacity change from 0 to 164
[ 1470.754031][T15280] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1470.981254][T15286] loop3: detected capacity change from 0 to 512
[ 1471.019577][T15286] EXT4-fs (loop3): blocks per group (255) and clusters per group (8192) inconsistent
[ 1471.220663][T15285] loop0: detected capacity change from 0 to 4096
[ 1471.307671][T15285] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 1471.316345][T15285] NILFS (loop0): trying rollback from an earlier position
[ 1471.456384][T15285] NILFS (loop0): norecovery option specified, skipping roll-forward recovery
[ 1471.571235][   T29] audit: type=1326 audit(1718197194.615:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15287 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbc55e7cea9 code=0x0
[ 1471.745397][T15289] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1472.036970][T15295] loop3: detected capacity change from 0 to 256
[ 1472.141271][T15296] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1472.354116][ T5158] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[ 1472.575709][ T5158] usb 1-1: device descriptor read/64, error -71
[ 1473.124008][ T5158] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[ 1473.145610][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1473.335203][ T5158] usb 1-1: device descriptor read/64, error -71
[ 1473.500673][ T5158] usb usb1-port1: attempt power cycle
[ 1474.017627][ T5158] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[ 1474.257422][T15316] loop3: detected capacity change from 0 to 164
[ 1474.305641][ T5158] usb 1-1: device not accepting address 31, error -71
[ 1474.338658][T15316] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1474.950479][T15322] loop3: detected capacity change from 0 to 512
[ 1475.018119][T15322] EXT4-fs (loop3): blocks per group (255) and clusters per group (8192) inconsistent
[ 1475.456985][   T29] audit: type=1326 audit(1718197198.485:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15323 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x0
[ 1475.585626][T15327] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1475.645047][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1476.715847][T15346] loop1: detected capacity change from 0 to 256
[ 1476.759842][T15348] loop4: detected capacity change from 0 to 164
[ 1476.922517][T15348] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1477.051335][T15345] loop2: detected capacity change from 0 to 4096
[ 1477.133019][T15345] NILFS (loop2): invalid segment: Checksum error in segment payload
[ 1477.133176][T15345] NILFS (loop2): trying rollback from an earlier position
[ 1477.228590][T15345] NILFS (loop2): norecovery option specified, skipping roll-forward recovery
[ 1477.783878][ T5123] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1478.004074][ T5123] usb 3-1: device descriptor read/64, error -71
[ 1478.314049][ T5123] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1478.346529][T15362] loop1: detected capacity change from 0 to 512
[ 1478.371338][T15362] EXT4-fs (loop1): blocks per group (255) and clusters per group (8192) inconsistent
[ 1478.524649][ T5123] usb 3-1: device descriptor read/64, error -71
[ 1478.673928][ T5123] usb usb3-port1: attempt power cycle
[ 1478.911475][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1479.118219][ T5123] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1479.394671][ T5123] usb 3-1: device descriptor read/8, error -71
[ 1479.810859][   T29] audit: type=1326 audit(1718197202.805:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15375 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbc55e7cea9 code=0x0
[ 1479.914854][T15379] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1479.974365][T15381] loop3: detected capacity change from 0 to 164
[ 1480.039999][T15381] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1480.151064][T15358] loop4: detected capacity change from 0 to 32768
[ 1480.322229][   T29] audit: type=1800 audit(1718197203.335:433): pid=15358 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=7 res=0 errno=0
[ 1480.813683][T15395] loop2: detected capacity change from 0 to 256
[ 1481.677620][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1481.744176][ T5123] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1482.025322][ T5123] usb 2-1: Using ep0 maxpacket: 16
[ 1482.186408][ T5123] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1482.197845][ T5123] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1482.198000][ T5123] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1482.221150][ T5123] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1482.234287][ T5123] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1482.319097][ T5123] usb 2-1: config 0 descriptor??
[ 1482.558462][T15414] loop4: detected capacity change from 0 to 512
[ 1482.612186][T15412] loop2: detected capacity change from 0 to 4096
[ 1482.623994][T15414] EXT4-fs (loop4): blocks per group (255) and clusters per group (8192) inconsistent
[ 1482.692953][T15412] NILFS (loop2): invalid segment: Checksum error in segment payload
[ 1482.701926][T15412] NILFS (loop2): trying rollback from an earlier position
[ 1482.809488][T15412] NILFS (loop2): norecovery option specified, skipping roll-forward recovery
[ 1482.889439][ T5123] microsoft 0003:045E:07DA.000C: No inputs registered, leaving
[ 1482.924601][ T5123] microsoft 0003:045E:07DA.000C: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[ 1482.936925][ T5123] microsoft 0003:045E:07DA.000C: no inputs found
[ 1482.944102][ T5123] microsoft 0003:045E:07DA.000C: could not initialize ff, continuing anyway
[ 1483.046300][T15418] loop3: detected capacity change from 0 to 164
[ 1483.092753][T15418] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1483.135789][ T5120] usb 2-1: USB disconnect, device number 24
[ 1483.173919][T10253] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 1483.396491][T10253] usb 3-1: device descriptor read/64, error -71
[ 1483.479566][   T29] audit: type=1326 audit(1718197206.515:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b8467cea9 code=0x0
[ 1483.612528][T15425] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1483.689036][T10253] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[ 1483.901658][T10253] usb 3-1: device descriptor read/64, error -71
[ 1484.040927][T10253] usb usb3-port1: attempt power cycle
[ 1484.423167][T15435] loop1: detected capacity change from 0 to 256
[ 1484.507509][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1484.643745][T10253] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1484.736987][T10253] usb 3-1: device descriptor read/8, error -71
[ 1485.003810][T10253] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 1485.104326][T10253] usb 3-1: device descriptor read/8, error -71
[ 1485.242336][T10253] usb usb3-port1: unable to enumerate USB device
[ 1485.700972][T15422] loop4: detected capacity change from 0 to 32768
[ 1485.872917][   T29] audit: type=1800 audit(1718197208.865:435): pid=15422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=7 res=0 errno=0
[ 1486.050038][T15451] loop3: detected capacity change from 0 to 512
[ 1486.104235][T15451] EXT4-fs (loop3): blocks per group (255) and clusters per group (8192) inconsistent
[ 1486.203857][T15455] loop2: detected capacity change from 0 to 164
[ 1486.243887][T15455] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1486.611066][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1486.793988][    T8] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[ 1487.096124][    T8] usb 1-1: Using ep0 maxpacket: 16
[ 1487.405369][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1487.405558][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1487.405707][    T8] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1487.405936][    T8] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1487.406095][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1487.419248][    T8] usb 1-1: config 0 descriptor??
[ 1487.582476][T15471] loop3: detected capacity change from 0 to 256
[ 1488.104750][    T8] microsoft 0003:045E:07DA.000D: No inputs registered, leaving
[ 1488.125782][    T8] microsoft 0003:045E:07DA.000D: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[ 1488.125979][    T8] microsoft 0003:045E:07DA.000D: no inputs found
[ 1488.126085][    T8] microsoft 0003:045E:07DA.000D: could not initialize ff, continuing anyway
[ 1488.385202][T10253] usb 1-1: USB disconnect, device number 33
[ 1488.929153][T15490] loop1: detected capacity change from 0 to 164
[ 1489.003771][T15490] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1489.379224][T15492] loop3: detected capacity change from 0 to 512
[ 1489.416632][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1489.434068][T15492] EXT4-fs (loop3): blocks per group (255) and clusters per group (8192) inconsistent
[ 1491.174949][ T5120] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 1491.215366][T15513] loop4: detected capacity change from 0 to 256
[ 1491.697097][T15485] loop2: detected capacity change from 0 to 32768
[ 1491.714596][ T5120] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1491.714723][ T5120] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1491.714875][ T5120] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1491.714978][ T5120] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1491.738544][ T5120] usb 2-1: config 0 descriptor??
[ 1491.772481][T15485] read_mapping_page failed!
[ 1491.772571][T15485] jfs_mount: Failed to read AGGREGATE_I
[ 1491.772618][T15485] Mount JFS Failure: -5
[ 1491.987571][T15510] x_tables: duplicate underflow at hook 1
[ 1492.249391][ T5120] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[ 1492.253956][T10253] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[ 1492.323369][ T5120] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 1492.346505][T15523] loop3: detected capacity change from 0 to 512
[ 1492.387578][T15523] EXT4-fs (loop3): blocks per group (255) and clusters per group (8192) inconsistent
[ 1492.542557][T10253] usb 1-1: Using ep0 maxpacket: 16
[ 1492.682606][T10253] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1492.694200][T10253] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1492.704462][T10253] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1492.717806][T10253] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1492.727233][T10253] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1492.771714][T10253] usb 1-1: config 0 descriptor??
[ 1493.045476][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1493.344661][T10253] microsoft 0003:045E:07DA.000F: No inputs registered, leaving
[ 1493.369353][T10253] microsoft 0003:045E:07DA.000F: hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[ 1493.381535][T10253] microsoft 0003:045E:07DA.000F: no inputs found
[ 1493.388242][T10253] microsoft 0003:045E:07DA.000F: could not initialize ff, continuing anyway
[ 1493.554411][T10253] usb 1-1: USB disconnect, device number 34
[ 1494.908871][T15552] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1495.189546][T15555] loop4: detected capacity change from 0 to 512
[ 1495.214304][T15555] EXT4-fs (loop4): blocks per group (255) and clusters per group (8192) inconsistent
[ 1495.220816][T15556] loop2: detected capacity change from 0 to 256
[ 1495.556661][T15552] loop3: detected capacity change from 0 to 4096
[ 1495.564939][T15552] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[ 1497.325819][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1498.478015][T15566] loop3: detected capacity change from 0 to 40427
[ 1498.505787][T15566] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1498.521187][T15566] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1498.568340][T15566] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1498.868318][T15566] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1498.875933][T15566] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1499.087169][T15584] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1501.052428][T15598] loop0: detected capacity change from 0 to 512
[ 1501.113967][T15598] EXT4-fs (loop0): blocks per group (255) and clusters per group (8192) inconsistent
[ 1501.799484][T15602] loop0: detected capacity change from 0 to 512
[ 1501.851863][T15602] EXT4-fs: Ignoring removed oldalloc option
[ 1502.023312][T15602] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz-executor.0: Parent and EA inode have the same ino 15
[ 1502.111843][T15602] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz-executor.0: Parent and EA inode have the same ino 15
[ 1502.196578][T15602] EXT4-fs (loop0): 1 orphan inode deleted
[ 1502.206948][T15602] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1503.083946][T15510] plantronics 0003:047F:FFFF.000E: timeout initializing reports
[ 1503.132347][T15621] loop3: detected capacity change from 0 to 256
[ 1503.375908][ T5123] usb 2-1: USB disconnect, device number 25
[ 1503.717886][T13688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1504.991451][T15629] loop2: detected capacity change from 0 to 40427
[ 1505.005175][T15629] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1505.013380][T15629] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1505.161469][T15629] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1505.447037][T15629] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1505.454529][T15629] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1505.670090][T15647] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1505.857673][T15644] loop1: detected capacity change from 0 to 512
[ 1506.104371][T15644] EXT4-fs (loop1): blocks per group (255) and clusters per group (8192) inconsistent
[ 1507.536374][ T5123] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1507.573682][T15661] loop1: detected capacity change from 0 to 512
[ 1507.662200][T15661] EXT4-fs: Ignoring removed oldalloc option
[ 1507.772897][T15661] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz-executor.1: Parent and EA inode have the same ino 15
[ 1507.869675][T15661] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz-executor.1: Parent and EA inode have the same ino 15
[ 1507.871581][T15661] EXT4-fs (loop1): 1 orphan inode deleted
[ 1507.871708][T15661] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1508.081164][T15669] loop4: detected capacity change from 0 to 256
[ 1508.118520][ T5123] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1508.118709][ T5123] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1508.119028][ T5123] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1508.119190][ T5123] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1508.129867][ T5123] usb 4-1: config 0 descriptor??
[ 1508.369783][T15658] x_tables: duplicate underflow at hook 1
[ 1508.689867][ T5123] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving
[ 1508.740064][ T5123] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1509.002080][T14578] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1509.210947][T15676] loop0: detected capacity change from 0 to 16
[ 1509.445675][ T1219] ieee802154 phy0 wpan0: encryption failed: -22
[ 1509.452478][ T1219] ieee802154 phy1 wpan1: encryption failed: -22
[ 1510.328186][T15685] loop4: detected capacity change from 0 to 40427
[ 1510.371724][T15685] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1510.380111][T15685] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1510.430951][T15685] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1510.644597][T15685] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1510.652037][T15685] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1510.812234][T15697] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1511.017898][T15691] loop1: detected capacity change from 0 to 512
[ 1511.379227][T15691] EXT4-fs (loop1): blocks per group (255) and clusters per group (8192) inconsistent
[ 1511.504831][ T8445] Bluetooth: hci1: command 0x0406 tx timeout
[ 1514.476326][T15720] loop2: detected capacity change from 0 to 256
[ 1515.140336][T15709] loop0: detected capacity change from 0 to 32768
[ 1515.321498][   T29] audit: type=1800 audit(1718197238.345:436): pid=15709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=7 res=0 errno=0
[ 1515.370694][T15726] loop4: detected capacity change from 0 to 256
[ 1516.465154][T15735] loop4: detected capacity change from 0 to 512
[ 1516.480898][T15735] EXT4-fs (loop4): blocks per group (255) and clusters per group (8192) inconsistent
[ 1517.321185][   T29] audit: type=1326 audit(1718197240.355:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15742 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7feaef87cea9 code=0x0
[ 1517.369145][T15746] pimreg: entered allmulticast mode
[ 1518.268192][T15762] loop2: detected capacity change from 0 to 256
[ 1519.045034][T15658] plantronics 0003:047F:FFFF.0010: timeout initializing reports
[ 1519.222831][ T5120] usb 4-1: USB disconnect, device number 30
[ 1519.390220][T15769] loop0: detected capacity change from 0 to 256
[ 1519.621696][T15772] loop2: detected capacity change from 0 to 512
[ 1519.689862][T15772] EXT4-fs (loop2): blocks per group (255) and clusters per group (8192) inconsistent
[ 1520.472785][T15777] loop1: detected capacity change from 0 to 40427
[ 1520.519711][T15777] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1520.527873][T15777] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1520.587086][T15777] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1520.855626][T15777] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1520.863040][T15777] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1521.150233][T15784] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1523.552120][T15809] loop3: detected capacity change from 0 to 256
[ 1524.269617][T15813] loop0: detected capacity change from 0 to 128
[ 1524.643674][ T5120] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 1525.024472][ T5120] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1525.040645][ T5120] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1525.055591][ T5120] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1525.065338][ T5120] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1525.143333][ T5120] usb 3-1: config 0 descriptor??
[ 1525.152904][T15817] loop0: detected capacity change from 0 to 512
[ 1525.225025][T15817] EXT4-fs (loop0): blocks per group (255) and clusters per group (8192) inconsistent
[ 1525.389160][T15811] x_tables: duplicate underflow at hook 1
[ 1525.808317][ T5120] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving
[ 1525.927990][ T5120] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1525.961858][T15826] syz-executor.1[15826] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1526.051847][T15826] overlay: Unknown parameter 'smackfsdef'
[ 1526.100161][ T5120] usb 3-1: USB disconnect, device number 41
[ 1526.259106][T15822] loop3: detected capacity change from 0 to 40427
[ 1526.288369][T15822] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1526.296582][T15822] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1526.398583][T15822] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1526.694867][T15822] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1526.702251][T15822] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1527.386031][T15838] loop4: detected capacity change from 0 to 40427
[ 1527.464361][T15838] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1527.472468][T15838] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1527.583755][T15838] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1528.331630][T15838] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1528.339621][T15838] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1528.419978][T15842] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1528.814860][T15847] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1530.176817][T15853] loop0: detected capacity change from 0 to 512
[ 1530.504737][T15853] EXT4-fs: Ignoring removed nobh option
[ 1530.510720][T15853] EXT4-fs: Ignoring removed i_version option
[ 1530.517119][T15853] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1530.807315][T15853] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-00003f000000 r/w without journal. Quota mode: writeback.
[ 1530.847360][T15853] ext4 filesystem being mounted at /root/syzkaller-testdir1858646161/syzkaller.mGLslw/108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1531.392787][T15862] loop2: detected capacity change from 0 to 256
[ 1531.401681][T13688] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-00003f000000.
[ 1532.520028][T15866] loop0: detected capacity change from 0 to 512
[ 1532.563747][T15866] EXT4-fs (loop0): blocks per group (255) and clusters per group (8192) inconsistent
[ 1533.270604][T15872] syz-executor.0[15872] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1533.299520][T15872] overlay: Unknown parameter 'smackfsdef'
[ 1533.669720][ T5123] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 1534.302777][T15885] loop4: detected capacity change from 0 to 4096
[ 1534.476045][T15886] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1536.171194][T15888] loop3: detected capacity change from 0 to 40427
[ 1536.307144][T15888] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1536.315302][T15888] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1536.344443][ T5123] usb 3-1: device descriptor read/all, error -71
[ 1536.364512][T15888] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1536.728980][T15888] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1536.736648][T15888] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1537.135325][T15892] loop0: detected capacity change from 0 to 40427
[ 1537.149441][T15892] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1537.157559][T15892] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1537.292117][T15892] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1537.778461][T15892] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1537.788011][T15892] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1538.075929][T15903] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1538.659852][T15906] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1539.110238][T15908] ALSA: seq fatal error: cannot create timer (-22)
[ 1539.602022][T15915] loop1: detected capacity change from 0 to 512
[ 1539.691656][T15915] EXT4-fs (loop1): blocks per group (255) and clusters per group (8192) inconsistent
[ 1539.948019][T15917] syz-executor.4[15917] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1539.961718][T15917] overlay: Unknown parameter 'smackfsdef'
[ 1541.442930][T15927] loop1: detected capacity change from 0 to 2048
[ 1541.498839][T15927] NILFS (loop1): invalid segment: Sequence number mismatch
[ 1541.506965][T15927] NILFS (loop1): trying rollback from an earlier position
[ 1541.602838][T15927] NILFS (loop1): recovery complete
[ 1541.632005][T15928] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1541.695578][T15927] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1541.705540][T15927] netlink: 'syz-executor.1': attribute type 13 has an invalid length.
[ 1541.714076][T15927] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[ 1541.742513][T15927] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1541.751986][T15927] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1541.761162][T15927] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1541.770389][T15927] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1541.779674][T15927] vxlan0: entered promiscuous mode
[ 1541.945401][T15927] overlayfs: upper fs does not support tmpfile.
[ 1541.952669][T15927] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1541.960945][T15927] overlayfs: failed to set xattr on upper
[ 1541.967219][T15927] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1541.974491][T15927] overlayfs: ...falling back to metacopy=off.
[ 1541.980729][T15927] overlayfs: ...falling back to index=off.
[ 1541.986899][T15927] overlayfs: ...falling back to uuid=null.
[ 1542.784328][ T5120] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[ 1543.234554][ T5120] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1543.246416][ T5120] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1543.259753][ T5120] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1543.274062][ T5120] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1543.413050][ T5120] usb 5-1: config 0 descriptor??
[ 1543.667810][T15941] x_tables: duplicate underflow at hook 1
[ 1544.021187][T15954] syz-executor.0[15954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1544.021404][T15949] loop1: detected capacity change from 0 to 40427
[ 1544.051310][T15949] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1544.059477][T15949] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1544.067421][ T5120] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[ 1544.106199][T15954] overlay: Unknown parameter 'smackfsdef'
[ 1544.154091][ T5120] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1544.155300][T15949] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1544.454320][T15949] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1544.461642][T15949] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1544.482824][T15960] loop2: detected capacity change from 0 to 512
[ 1544.517401][T15960] EXT4-fs (loop2): blocks per group (255) and clusters per group (8192) inconsistent
[ 1544.532878][T15955] loop3: detected capacity change from 0 to 4096
[ 1544.642359][T15955] NILFS (loop3): couldn't find nilfs on the device
[ 1544.744991][T15962] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1546.488899][   T29] audit: type=1800 audit(1718197269.485:438): pid=15972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1934 res=0 errno=0
[ 1547.205809][   T29] audit: type=1800 audit(1718197270.235:439): pid=15984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1965 res=0 errno=0
[ 1547.227675][   T29] audit: type=1804 audit(1718197270.245:440): pid=15984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1858646161/syzkaller.mGLslw/120/bus" dev="sda1" ino=1965 res=1 errno=0
[ 1548.397323][T15988] syz-executor.2[15988] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1548.434100][T15988] overlay: Unknown parameter 'smackfsdef'
[ 1549.684700][T15986] loop0: detected capacity change from 0 to 32768
[ 1549.928639][T16005] loop1: detected capacity change from 0 to 764
[ 1550.001555][T16005] rock: directory entry would overflow storage
[ 1550.008278][T16005] rock: sig=0x4654, size=5, remaining=4
[ 1551.517923][T16013] loop1: detected capacity change from 0 to 32768
[ 1552.213048][T16020] syz-executor.0[16020] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1552.259823][T16020] overlay: Unknown parameter 'smackfsdef'
[ 1552.901567][T16036] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1552.911463][T16036] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1552.921215][T16036] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1552.949168][T16037] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1552.959562][T16037] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1552.969188][T16037] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1553.079225][T16039] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1554.374433][T16053] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1554.713697][T16055] loop0: detected capacity change from 0 to 1764
[ 1554.931812][T15941] plantronics 0003:047F:FFFF.0012: timeout initializing reports
[ 1555.437226][T16061] loop3: detected capacity change from 0 to 40427
[ 1555.493784][T16061] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1555.501816][T16061] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1555.602592][T16061] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1555.838785][ T5123] usb 5-1: USB disconnect, device number 31
[ 1555.865715][T16061] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1555.873007][T16061] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1556.359895][T16071] syz-executor.2[16071] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1556.587854][T16072] overlayfs: failed to resolve './file2': -2
[ 1557.769707][T16093] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1559.067495][T16103] loop1: detected capacity change from 0 to 1764
[ 1559.214638][T16101] loop4: detected capacity change from 0 to 40427
[ 1559.232207][T16101] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1559.244026][T16101] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1559.316939][T16101] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1559.536027][T16111] syz-executor.0[16111] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1559.607516][T16111] overlay: Unknown parameter 'smackfsdef'
[ 1559.641685][T16101] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1559.653964][T16101] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1559.670977][ T5123] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 1560.304824][ T5123] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1560.316313][ T5123] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1560.329997][ T5123] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1560.339405][ T5123] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1560.395011][ T5123] usb 3-1: config 0 descriptor??
[ 1560.636663][T16099] x_tables: duplicate underflow at hook 1
[ 1561.008721][ T5123] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving
[ 1561.043180][ T5123] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1562.804928][T16148] syz-executor.3[16148] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1562.858452][T16148] overlay: Unknown parameter 'smackfsdef'
[ 1563.549679][T16150] loop1: detected capacity change from 0 to 40427
[ 1563.572124][T16150] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1563.580353][T16150] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1563.638161][T16150] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1563.985929][T16150] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1563.993347][T16150] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1564.172098][T16165] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1564.609681][T16169] loop4: detected capacity change from 0 to 1764
[ 1566.205856][T16186] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 1, id = 0
[ 1566.807263][T16192] syz-executor.0[16192] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1566.860885][T16192] overlay: Unknown parameter 'smackfsdef'
[ 1567.888511][T16198] loop3: detected capacity change from 0 to 40427
[ 1567.926926][T16198] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1567.935203][T16198] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1568.033178][T16198] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1568.314252][T16198] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1568.321589][T16198] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1568.400953][T16198] syz-executor.3: attempt to access beyond end of device
[ 1568.400953][T16198] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1568.510604][T11806] syz-executor.3: attempt to access beyond end of device
[ 1568.510604][T11806] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[ 1568.530127][T16215] loop1: detected capacity change from 0 to 1764
[ 1570.120292][T16237] syz-executor.0[16237] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1570.159500][T16237] overlay: Unknown parameter 'smackfsdef'
[ 1570.987336][ T1219] ieee802154 phy0 wpan0: encryption failed: -22
[ 1570.994303][ T1219] ieee802154 phy1 wpan1: encryption failed: -22
[ 1571.209607][T16240] loop1: detected capacity change from 0 to 40427
[ 1571.234007][T16240] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1571.242021][T16240] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1571.461447][T16240] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1571.704324][T16099] plantronics 0003:047F:FFFF.0013: timeout initializing reports
[ 1571.805601][T16240] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1571.813205][T16240] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1572.028985][T16247] loop0: detected capacity change from 0 to 40427
[ 1572.066574][T16247] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1572.075522][T16247] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1572.219272][ T5123] usb 3-1: USB disconnect, device number 44
[ 1572.262873][T16247] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1572.993120][T16247] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1573.000604][T16247] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1573.113197][T16252] syz-executor.1: attempt to access beyond end of device
[ 1573.113197][T16252] loop1: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[ 1573.537917][   T29] audit: type=1804 audit(1718197296.195:441): pid=16252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2207374663/syzkaller.yav6jS/92/bus/bus" dev="loop1" ino=10 res=1 errno=0
[ 1575.475900][T16280] syz-executor.4[16280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1575.582599][T16280] overlay: Unknown parameter 'smackfsdef'
[ 1576.391049][T10253] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[ 1576.753773][T16296] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 1, id = 0
[ 1576.791964][T16294] loop0: detected capacity change from 0 to 1764
[ 1576.806341][T10253] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1576.818338][T10253] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1576.837804][T10253] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1576.847454][T10253] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1576.886079][T10253] usb 3-1: config 0 descriptor??
[ 1577.146748][T16288] x_tables: duplicate underflow at hook 1
[ 1577.651904][T16300] loop3: detected capacity change from 0 to 40427
[ 1577.697477][T16300] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1577.705571][T16300] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1578.323551][T16301] loop1: detected capacity change from 0 to 40427
[ 1578.366845][T16301] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1578.375754][T16301] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1578.409710][T16300] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1578.582784][T10253] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[ 1578.653760][T16301] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1578.861640][T16300] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1578.871563][T16300] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1578.878316][T10253] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1578.915696][T16301] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1578.923020][T16301] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1579.342256][ T5158] usb 3-1: USB disconnect, device number 45
[ 1579.384859][T16315] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1581.624882][T16331] syz-executor.2[16331] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1581.697337][T16331] overlay: Unknown parameter 'smackfsdef'
[ 1582.069493][T16337] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 1, id = 0
[ 1583.163066][T16346] loop4: detected capacity change from 0 to 1764
[ 1583.909357][T16350] loop0: detected capacity change from 0 to 40427
[ 1584.011548][T16350] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1584.025159][T16350] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1584.147616][T16350] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1584.406059][T16350] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1584.413381][T16350] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1584.449231][T10253] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[ 1584.507614][T16350] syz-executor.0: attempt to access beyond end of device
[ 1584.507614][T16350] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1584.730680][T13688] syz-executor.0: attempt to access beyond end of device
[ 1584.730680][T13688] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[ 1585.106403][T10253] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1585.117800][T10253] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1585.131239][T10253] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1585.140731][T10253] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1585.185809][T10253] usb 3-1: config 0 descriptor??
[ 1585.457616][T16359] x_tables: duplicate underflow at hook 1
[ 1585.714308][T10253] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving
[ 1585.748864][T10253] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1586.211373][T16379] loop4: detected capacity change from 0 to 1764
[ 1586.318372][T16379] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[ 1586.328387][T16379] ISOFS: unable to read i-node block
[ 1586.334063][T16379] isofs_fill_super: get root inode failed
[ 1594.540654][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[ 1596.474073][T16359] plantronics 0003:047F:FFFF.0015: timeout initializing reports
[ 1596.670800][T10253] usb 3-1: USB disconnect, device number 46
[ 1598.365176][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[ 1602.343110][T16570] loop3: detected capacity change from 0 to 1024
[ 1603.192574][T16582] loop1: detected capacity change from 0 to 32768
[ 1603.247188][T16582] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (16582)
[ 1603.290457][T16582] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1603.301163][T16582] BTRFS info (device loop1): using sha256 (sha256-generic) checksum algorithm
[ 1603.311734][T16582] BTRFS info (device loop1): using free-space-tree
[ 1604.436170][T16612] loop2: detected capacity change from 0 to 1024
[ 1604.490247][T16612] EXT4-fs: Ignoring removed nobh option
[ 1604.500787][T16612] ext4: Unknown parameter 'nouser_xattr'
[ 1604.571856][T14578] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1606.943040][T16635] loop0: detected capacity change from 0 to 40427
[ 1606.974604][T16635] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1606.982643][T16635] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1607.109656][T16635] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1607.414529][T16635] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1607.422756][T16635] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1607.621208][T16655] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1617.631165][T16667] loop1: detected capacity change from 0 to 1024
[ 1617.669657][T16667] EXT4-fs: Ignoring removed nobh option
[ 1617.679121][T16667] ext4: Unknown parameter 'nouser_xattr'
[ 1617.948765][T16678] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (65537)
[ 1617.960026][T16678] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[ 1618.624734][T16671] delete_channel: no stack
[ 1620.232588][T16705] loop0: detected capacity change from 0 to 512
[ 1620.660669][   T29] audit: type=1326 audit(1718197343.585:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16702 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b8467cea9 code=0x0
[ 1620.674151][T16695] loop4: detected capacity change from 0 to 40427
[ 1620.715393][T16695] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1620.723606][T16695] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1620.822524][T16695] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1621.152106][T16695] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1621.159730][T16695] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1621.604284][T16725] netlink: 204 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1623.049450][T16735] loop3: detected capacity change from 0 to 1024
[ 1623.107876][T16735] EXT4-fs: Ignoring removed nobh option
[ 1623.114524][T16735] ext4: Unknown parameter 'nouser_xattr'
[ 1623.536839][T16739] loop1: detected capacity change from 0 to 2048
[ 1623.937806][T16739] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1624.426465][T14578] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1625.110687][T16756] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1625.120615][T16756] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1626.379417][T16771] loop4: detected capacity change from 0 to 1024
[ 1626.401681][T16764] loop2: detected capacity change from 0 to 1024
[ 1626.452080][T16771] EXT4-fs: Ignoring removed orlov option
[ 1626.458282][T16771] EXT4-fs: Ignoring removed oldalloc option
[ 1626.483153][T16771] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1626.500804][T16771] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1626.517310][T16771] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[ 1626.519494][T16764] hfsplus: invalid gid specified
[ 1626.532323][T16764] hfsplus: unable to parse mount options
[ 1626.651458][T16771] EXT4-fs (loop4): invalid journal inode
[ 1626.657695][T16771] EXT4-fs (loop4): can't get journal size
[ 1626.744513][T16771] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1627.163937][T13740] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1628.182174][T16787] loop4: detected capacity change from 0 to 1024
[ 1628.209568][T16787] EXT4-fs: Ignoring removed nobh option
[ 1628.216404][T16787] ext4: Unknown parameter 'nouser_xattr'
[ 1629.859065][T16805] EXT4-fs warning (device sda1): ext4_group_extend:1869: need to use ext2online to resize further
[ 1629.864674][T16807] loop3: detected capacity change from 0 to 1024
[ 1630.064720][T16807] EXT4-fs: Ignoring removed orlov option
[ 1630.071607][T16807] EXT4-fs: Ignoring removed oldalloc option
[ 1630.140603][T16807] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1630.185812][T16807] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1630.198023][T16807] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[ 1630.228742][   T29] audit: type=1800 audit(1718197353.245:443): pid=16810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1965 res=0 errno=0
[ 1630.290156][T16807] EXT4-fs (loop3): invalid journal inode
[ 1630.296309][T16807] EXT4-fs (loop3): can't get journal size
[ 1630.374899][T16807] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1630.534844][T11806] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1632.324462][ T1219] ieee802154 phy0 wpan0: encryption failed: -22
[ 1632.331603][ T1219] ieee802154 phy1 wpan1: encryption failed: -22
[ 1633.617212][T16842] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1633.817641][T16844] loop4: detected capacity change from 0 to 1024
[ 1633.899307][T16844] EXT4-fs: Ignoring removed orlov option
[ 1633.905697][T16844] EXT4-fs: Ignoring removed oldalloc option
[ 1633.970547][T16844] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1634.033767][T16844] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1634.045302][T16844] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[ 1634.143223][T16844] EXT4-fs (loop4): invalid journal inode
[ 1634.150052][T16844] EXT4-fs (loop4): can't get journal size
[ 1634.338443][T16844] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1634.685813][T13740] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1646.611555][T16922] loop4: detected capacity change from 0 to 256
[ 1646.915702][T16925] fuse: Bad value for 'fd'
[ 1651.113756][ T6954] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 1651.374151][ T6954] usb 1-1: Using ep0 maxpacket: 16
[ 1651.506758][ T6954] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1651.517005][ T6954] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1651.527325][ T6954] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 1651.537395][ T6954] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1651.547959][ T6954] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 1651.558226][ T6954] usb 1-1: config 1 interface 0 has no altsetting 0
[ 1651.565791][ T6954] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1651.575259][ T6954] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1651.651848][ T6954] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[ 1651.952746][ T6954] scsi host1: usb-storage 1-1:1.0
[ 1652.182425][T16949] loop4: detected capacity change from 0 to 1024
[ 1652.233991][T16949] hfsplus: invalid gid specified
[ 1652.239149][T16949] hfsplus: unable to parse mount options
[ 1653.032866][ T3242] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[ 1653.117678][ T3242] sd 1:0:0:0: Attached scsi generic sg1 type 0
[ 1653.382799][ T6954] usb 1-1: USB disconnect, device number 35
[ 1653.394480][T16954] sddr09: could not read card info
[ 1653.411753][ T3152] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[ 1653.419997][ T3152] sd 1:0:0:0: [sdb] 0-byte physical blocks
[ 1653.428090][ T3152] sd 1:0:0:0: [sdb] Write Protect is off
[ 1653.435900][ T3152] sd 1:0:0:0: [sdb] Asking for cache data failed
[ 1653.442593][ T3152] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[ 1653.510366][ T3152] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[ 1658.481904][T17013] loop1: detected capacity change from 0 to 1024
[ 1658.529526][T17013] EXT4-fs: Ignoring removed orlov option
[ 1658.535787][T17013] EXT4-fs: Ignoring removed oldalloc option
[ 1658.560647][T17013] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1658.581479][T17013] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1658.593109][T17013] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[ 1658.627043][T17013] EXT4-fs (loop1): invalid journal inode
[ 1658.633088][T17013] EXT4-fs (loop1): can't get journal size
[ 1658.715787][T17013] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1658.984588][T14578] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1660.896021][T17057] loop3: detected capacity change from 0 to 1024
[ 1660.942851][T17057] EXT4-fs: Ignoring removed orlov option
[ 1660.949040][T17057] EXT4-fs: Ignoring removed oldalloc option
[ 1661.019939][T17057] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1661.073226][T17057] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1661.085175][T17057] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[ 1661.159492][T17057] EXT4-fs (loop3): invalid journal inode
[ 1661.165967][T17057] EXT4-fs (loop3): can't get journal size
[ 1661.201154][T17057] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1661.610467][T11806] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1663.436353][ T5123] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1663.725312][ T5123] usb 4-1: Using ep0 maxpacket: 8
[ 1663.898134][ T5123] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1663.909569][ T5123] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1663.919912][ T5123] usb 4-1: New USB device found, idVendor=046a, idProduct=0023, bcdDevice= 0.00
[ 1663.929366][ T5123] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1663.979849][ T5123] usb 4-1: config 0 descriptor??
[ 1664.837622][ T5123] cherry 0003:046A:0023.0016: hidraw0: USB HID v0.00 Device [HID 046a:0023] on usb-dummy_hcd.3-1/input0
[ 1665.295825][ T5123] usb 4-1: USB disconnect, device number 31
[ 1665.461163][T17099] loop2: detected capacity change from 0 to 512
[ 1665.722935][T17099] EXT4-fs (loop2): revision level too high, forcing read-only mode
[ 1665.737387][T17099] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[ 1665.789311][T17099] System zones: 0-1, 15-15, 18-18, 34-34
[ 1665.798228][T17099] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1665.805444][T17099] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[ 1665.815299][T17099] EXT4-fs warning (device loop2): ext4_enable_quotas:7100: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1665.838610][T17099] EXT4-fs (loop2): Cannot turn on quotas: error -22
[ 1665.865476][T17099] EXT4-fs error (device loop2): ext4_orphan_get:1420: comm syz-executor.2: bad orphan inode 16
[ 1665.924230][T17099] ext4_test_bit(bit=15, block=18) = 1
[ 1665.930279][T17099] is_bad_inode(inode)=0
[ 1665.934928][T17099] NEXT_ORPHAN(inode)=0
[ 1665.943868][T17099] max_ino=32
[ 1665.948719][T17099] i_nlink=2
[ 1665.951993][T17099] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1666.810574][T17113] loop3: detected capacity change from 0 to 1024
[ 1667.005271][T17113] EXT4-fs: Ignoring removed orlov option
[ 1667.041734][T17113] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1667.110392][T17113] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 1667.214967][T17113] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1667.601629][T17113] fscrypt (loop3): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[ 1667.961560][T11806] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1668.494617][T17139] tunl0: entered promiscuous mode
[ 1668.514561][T17139] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[ 1668.522887][T17139] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1668.636453][T17140] loop4: detected capacity change from 0 to 1024
[ 1668.685086][T17140] EXT4-fs: Ignoring removed orlov option
[ 1668.691007][T17140] EXT4-fs: Ignoring removed oldalloc option
[ 1668.752649][T17140] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1668.813911][T17140] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 1668.825586][T17140] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[ 1668.898221][T17140] EXT4-fs (loop4): invalid journal inode
[ 1668.904396][T17140] EXT4-fs (loop4): can't get journal size
[ 1668.960918][T17140] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1668.966504][T17145] loop3: detected capacity change from 0 to 16
[ 1669.022229][T17145] erofs: (device loop3): z_erofs_parse_cfgs: unidentified algorithms fff8, please upgrade kernel
[ 1669.222215][T13740] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1671.484845][   T29] audit: type=1326 audit(1718197394.495:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17151 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b8467cea9 code=0x0
[ 1672.054101][ T5158] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[ 1672.136994][T17166] xt_socket: unknown flags 0x8
[ 1672.313846][ T5158] usb 2-1: Using ep0 maxpacket: 8
[ 1672.433970][ T5123] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[ 1672.434543][ T5158] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1672.452077][ T5158] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1672.462085][ T5158] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1672.473829][ T5158] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1672.487503][ T5158] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1672.502385][ T5158] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1672.737100][ T5123] usb 5-1: Using ep0 maxpacket: 16
[ 1672.867620][ T5158] usb 2-1: GET_CAPABILITIES returned 2f
[ 1672.873950][ T5158] usbtmc 2-1:16.0: can't read capabilities
[ 1672.874618][ T5123] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1672.890293][ T5123] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1672.892559][T17171] loop3: detected capacity change from 0 to 1024
[ 1672.903725][ T5123] usb 5-1: config 1 has no interface number 1
[ 1672.903870][ T5123] usb 5-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[ 1672.904029][ T5123] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[ 1672.904207][ T5123] usb 5-1: config 1 interface 2 altsetting 1 has an invalid endpoint with address 0x69, skipping
[ 1672.944207][T17171] hfsplus: invalid gid specified
[ 1672.958179][T17171] hfsplus: unable to parse mount options
[ 1673.080503][ T5158] usb 2-1: USB disconnect, device number 26
[ 1673.155352][ T5123] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1673.165018][ T5123] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1673.173233][ T5123] usb 5-1: Product: syz
[ 1673.177690][ T5123] usb 5-1: Manufacturer: syz
[ 1673.182517][ T5123] usb 5-1: SerialNumber: syz
[ 1676.289512][T17191] CIFS: VFS: Malformed UNC in devname
[ 1676.653209][T12137] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1676.672963][T17188] loop4: detected capacity change from 0 to 2048
[ 1676.748699][T17188] udf: Unknown parameter ''
[ 1676.761304][ T5123] usb 5-1: USB disconnect, device number 32
[ 1679.451178][T17216] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1679.692098][T17194] loop1: detected capacity change from 0 to 32768
[ 1679.724790][T17194] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (17194)
[ 1684.950686][T17242] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1684.967694][T17242] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1684.977805][T17242] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1685.030655][T17242] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1685.046784][T17242] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1685.056737][T17242] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1685.536875][ T4240] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1685.659434][ T4240] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1685.757311][ T4240] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1685.903350][ T4240] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1686.580567][T17241] chnl_net:caif_netlink_parms(): no params data found
[ 1687.235041][T13689] Bluetooth: hci2: command tx timeout
[ 1687.295303][ T4240] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1687.423105][ T4240] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1687.518369][ T4240] bond0 (unregistering): Released all slaves
[ 1687.876501][ T4240] IPVS: stopping master sync thread 15027 ...
[ 1688.428200][ T4240] hsr_slave_0: left promiscuous mode
[ 1688.469501][ T4240] hsr_slave_1: left promiscuous mode
[ 1688.500661][ T4240] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1688.509422][ T4240] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1688.556515][ T4240] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1688.564594][ T4240] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1688.612568][ T4240] veth1_macvtap: left promiscuous mode
[ 1688.618479][ T4240] veth0_macvtap: left promiscuous mode
[ 1688.628196][ T4240] veth1_vlan: left promiscuous mode
[ 1688.633833][ T4240] veth0_vlan: left promiscuous mode
[ 1689.264331][T17242] Bluetooth: hci2: command tx timeout
[ 1689.676155][ T4240] team0 (unregistering): Port device team_slave_1 removed
[ 1689.773722][ T4240] team0 (unregistering): Port device team_slave_0 removed
[ 1689.855322][ T4240] bridge_slave_0 (unregistering): left allmulticast mode
[ 1690.915349][T17241] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1690.928441][T17241] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1690.936253][T17241] bridge_slave_0: entered allmulticast mode
[ 1690.944514][T17241] bridge_slave_0: entered promiscuous mode
[ 1691.111026][T17241] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1691.118972][T17241] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1691.133896][T17241] bridge_slave_1: entered allmulticast mode
[ 1691.142999][T17241] bridge_slave_1: entered promiscuous mode
[ 1691.343777][T13689] Bluetooth: hci2: command tx timeout
[ 1691.463125][T17241] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1691.535433][T17241] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1691.865231][T17241] team0: Port device team_slave_0 added
[ 1691.902138][T17241] team0: Port device team_slave_1 added
[ 1692.123656][T17241] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1692.130829][T17241] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1692.162214][T17241] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1692.262678][T17241] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1692.269998][T17241] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1692.296612][T17241] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1692.764465][T17241] hsr_slave_0: entered promiscuous mode
[ 1692.823690][T17241] hsr_slave_1: entered promiscuous mode
[ 1693.424055][T13689] Bluetooth: hci2: command tx timeout
[ 1693.787085][ T1219] ieee802154 phy0 wpan0: encryption failed: -22
[ 1693.797660][ T1219] ieee802154 phy1 wpan1: encryption failed: -22
[ 1693.811651][ T1219] eth4 selects TX queue 0, but real number of TX queues is 0
[ 1694.547947][T17241] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1694.578913][T17241] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1694.655051][T17241] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1694.768588][T17241] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1695.435854][T17262] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1695.893021][T17241] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1696.065142][T17241] 8021q: adding VLAN 0 to HW filter on device team0
[ 1696.126467][ T5123] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1696.134283][ T5123] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1696.271948][ T5123] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1696.279781][ T5123] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1697.110733][T17282] syzkaller0: entered promiscuous mode
[ 1697.118437][T17282] syzkaller0: entered allmulticast mode
[ 1697.612822][T17290] loop2: detected capacity change from 0 to 1024
[ 1697.698753][T17290] hfsplus: invalid gid specified
[ 1697.705416][T17290] hfsplus: unable to parse mount options
[ 1698.410929][T17296] sit0: entered allmulticast mode
[ 1698.647872][T17241] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1699.336880][T17241] veth0_vlan: entered promiscuous mode
[ 1699.436580][T17241] veth1_vlan: entered promiscuous mode
[ 1699.822822][T17241] veth0_macvtap: entered promiscuous mode
[ 1699.877903][T17241] veth1_macvtap: entered promiscuous mode
[ 1700.026631][T17241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1700.043141][T17241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1700.054794][T17241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1700.066681][T17241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1700.076939][T17241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1700.087820][T17241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1700.097934][T17241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1700.108680][T17241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1700.123931][T17241] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1700.227499][T17241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1700.238523][T17241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1700.253961][T17241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1700.266192][T17241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1700.276561][T17241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1700.287415][T17241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1700.297559][T17241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1700.311214][T17241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1700.326314][T17241] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1700.420340][T17241] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1700.432097][T17241] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1700.441318][T17241] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1700.455929][T17241] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1701.665485][ T4240] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1701.809288][ T4240] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1701.951128][ T4240] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1702.140688][ T4240] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1702.308846][T17242] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1702.332098][T17242] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1702.352546][T17242] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1702.405109][T17242] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1702.432199][T17242] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1702.520260][T17242] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1702.640374][ T4240] bridge_slave_1: left allmulticast mode
[ 1702.646883][ T4240] bridge_slave_1: left promiscuous mode
[ 1702.654294][ T4240] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1702.688566][ T4240] bridge_slave_0: left allmulticast mode
[ 1702.695728][ T4240] bridge_slave_0: left promiscuous mode
[ 1702.705366][ T4240] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1703.240635][T17338] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1703.249182][T17338] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[ 1703.317453][ T4240] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1703.402858][ T4240] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1703.433090][ T4240] bond0 (unregistering): Released all slaves
[ 1703.457830][ T4240] bond1 (unregistering): Released all slaves
[ 1703.865832][ T4240] IPVS: stopping master sync thread 16186 ...
[ 1704.457949][ T4240] hsr_slave_0: left promiscuous mode
[ 1704.479362][ T4240] hsr_slave_1: left promiscuous mode
[ 1704.506039][ T4240] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1704.513959][ T4240] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1704.559265][ T4240] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1704.567238][ T4240] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1704.629897][T17242] Bluetooth: hci4: command tx timeout
[ 1704.638451][ T4240] veth1_macvtap: left promiscuous mode
[ 1704.648324][ T4240] veth0_macvtap: left promiscuous mode
[ 1704.654690][ T4240] veth1_vlan: left promiscuous mode
[ 1704.660244][ T4240] veth0_vlan: left promiscuous mode
[ 1705.059251][ T4240] pimreg (unregistering): left allmulticast mode
[ 1705.447289][ T4240] team0 (unregistering): Port device team_slave_1 removed
[ 1705.491137][ T4240] team0 (unregistering): Port device team_slave_0 removed
[ 1705.973371][T17329] chnl_net:caif_netlink_parms(): no params data found
[ 1706.309683][T13699] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[ 1706.671286][ T3086] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1706.671381][ T3086] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1706.738036][T17242] Bluetooth: hci4: command tx timeout
[ 1706.888336][T13699] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1706.888446][T13699] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1706.888600][T13699] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1706.888708][T13699] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1706.906861][T13699] usb 2-1: config 0 descriptor??
[ 1706.918223][    T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1706.918317][    T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1706.968745][T13699] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1707.248082][T17372] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1707.248557][T17372] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1707.260183][T17372] loop1: detected capacity change from 0 to 64
[ 1707.322252][T17381] loop4: detected capacity change from 0 to 256
[ 1708.506376][T17329] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1708.514161][T17329] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1708.521724][T17329] bridge_slave_0: entered allmulticast mode
[ 1708.530878][T17329] bridge_slave_0: entered promiscuous mode
[ 1708.588693][T17329] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1708.596580][T17329] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1708.604554][T17329] bridge_slave_1: entered allmulticast mode
[ 1708.614231][T17329] bridge_slave_1: entered promiscuous mode
[ 1708.784202][T17242] Bluetooth: hci4: command tx timeout
[ 1708.923996][T17329] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1709.003706][T17329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1709.124977][T10253] usb 2-1: USB disconnect, device number 27
[ 1709.228922][T17329] team0: Port device team_slave_0 added
[ 1709.278668][T17329] team0: Port device team_slave_1 added
[ 1709.510731][T17329] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1709.519299][T17329] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1709.545389][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1709.552602][T17329] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1709.665474][T17329] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1709.672669][T17329] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1709.700467][T17329] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1710.150014][T17329] hsr_slave_0: entered promiscuous mode
[ 1710.205012][T17329] hsr_slave_1: entered promiscuous mode
[ 1710.264530][T17329] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1710.272438][T17329] Cannot create hsr debugfs directory
[ 1710.611499][T13699] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 1710.838989][T13699] usb 1-1: device descriptor read/64, error -71
[ 1710.867838][T17242] Bluetooth: hci4: command tx timeout
[ 1711.143882][T13699] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 1711.383819][T13699] usb 1-1: device descriptor read/64, error -71
[ 1711.549368][T13699] usb usb1-port1: attempt power cycle
[ 1711.733742][T17329] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1711.872233][T17329] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1711.904958][T17329] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1711.940964][T17329] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1712.105610][T13699] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 1712.234413][T13699] usb 1-1: device descriptor read/8, error -71
[ 1713.321502][T17414] loop1: detected capacity change from 0 to 65536
[ 1713.494340][T13699] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 1713.558238][T17414] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1713.614094][T13699] usb 1-1: device descriptor read/8, error -71
[ 1713.736229][T13699] usb usb1-port1: unable to enumerate USB device
[ 1713.783553][T17414] XFS (loop1): Ending clean mount
[ 1713.801643][T17414] XFS (loop1): Quotacheck needed: Please wait.
[ 1713.882314][T17329] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1713.982195][T17414] XFS (loop1): Quotacheck: Done.
[ 1714.790956][T17329] 8021q: adding VLAN 0 to HW filter on device team0
[ 1714.822683][T13699] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1714.830271][T13699] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1715.629913][ T6954] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1715.637717][ T6954] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1715.651468][T17424] CIFS: VFS: Malformed UNC in devname
[ 1715.668818][T14578] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1715.942892][T17424] loop4: detected capacity change from 0 to 2048
[ 1716.291890][T17424] loop4: detected capacity change from 0 to 128
[ 1716.496647][T17431] syz-executor.4: attempt to access beyond end of device
[ 1716.496647][T17431] loop4: rw=2051, sector=128, nr_sectors = 924 limit=128
[ 1717.703087][   T29] audit: type=1326 audit(1718197440.705:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17434 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x0
[ 1717.749976][T17329] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1717.787315][T17439] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1718.201037][T17329] veth0_vlan: entered promiscuous mode
[ 1718.247910][T17329] veth1_vlan: entered promiscuous mode
[ 1718.538102][T17329] veth0_macvtap: entered promiscuous mode
[ 1718.602687][T17329] veth1_macvtap: entered promiscuous mode
[ 1718.801120][T17329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1718.812023][T17329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1718.822174][T17329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1718.833098][T17329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1718.843287][T17329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1718.854292][T17329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1718.865378][T17329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1718.876169][T17329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1718.896993][T17329] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1718.952063][T17329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1718.963060][T17329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1718.973298][T17329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1718.988126][T17329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1718.999525][T17329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1719.012164][T17329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1719.022390][T17329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1719.033255][T17329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1719.048458][T17329] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1719.177166][T17329] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1719.189380][T17329] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1719.199234][T17329] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1719.208255][T17329] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1719.662817][T17456] bridge0: entered allmulticast mode
[ 1723.854731][T13699] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[ 1723.881055][T17471] CIFS: VFS: Malformed UNC in devname
[ 1724.076926][T17471] loop1: detected capacity change from 0 to 2048
[ 1724.089023][T13699] usb 5-1: device descriptor read/64, error -71
[ 1724.316798][T17471] loop1: detected capacity change from 0 to 128
[ 1724.386201][T13699] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[ 1724.497339][T17477] syz-executor.1: attempt to access beyond end of device
[ 1724.497339][T17477] loop1: rw=3, sector=132, nr_sectors = 4 limit=128
[ 1724.515702][T17477] syz-executor.1: attempt to access beyond end of device
[ 1724.515702][T17477] loop1: rw=2051, sector=136, nr_sectors = 916 limit=128
[ 1724.627597][T13699] usb 5-1: device descriptor read/64, error -71
[ 1724.798426][T13699] usb usb5-port1: attempt power cycle
[ 1725.200486][   T29] audit: type=1326 audit(1718197448.245:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17481 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x0
[ 1725.287340][T17482] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1725.927704][T17500] loop4: detected capacity change from 0 to 256
[ 1726.196224][ T6954] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1726.204724][ T6954] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1726.281895][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1726.290232][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1726.498711][T17508] bridge0: entered allmulticast mode
[ 1727.617058][T11640] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1727.802715][T11640] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1727.831554][T13699] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[ 1727.987189][T11640] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1728.044236][T13699] usb 4-1: device descriptor read/64, error -71
[ 1728.171579][T11640] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1728.219146][   T29] audit: type=1326 audit(1718197451.195:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17530 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc80207cea9 code=0x0
[ 1728.283890][T17534] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1728.340031][T13699] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[ 1728.574724][T11640] bridge_slave_1: left allmulticast mode
[ 1728.580933][T11640] bridge_slave_1: left promiscuous mode
[ 1728.584961][T13699] usb 4-1: device descriptor read/64, error -71
[ 1728.587639][T11640] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1728.645327][T11640] bridge_slave_0: left allmulticast mode
[ 1728.651396][T11640] bridge_slave_0: left promiscuous mode
[ 1728.658167][T11640] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1728.740395][T13699] usb usb4-port1: attempt power cycle
[ 1729.018777][T13689] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1729.043385][T13689] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1729.069439][T13689] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1729.204533][T13689] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1729.237002][T13689] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1729.270768][T13689] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1729.360764][T13699] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[ 1729.506705][T11640] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1729.524081][T13699] usb 4-1: device descriptor read/8, error -71
[ 1729.598964][T11640] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1729.667319][T17551] loop4: detected capacity change from 0 to 256
[ 1729.687338][T11640] bond0 (unregistering): Released all slaves
[ 1729.958821][T13699] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[ 1730.057044][T11640] IPVS: stopping master sync thread 13843 ...
[ 1730.091770][T13699] usb 4-1: device descriptor read/8, error -71
[ 1730.248003][T13699] usb usb4-port1: unable to enumerate USB device
[ 1730.430446][T17557] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1730.652480][T11640] hsr_slave_0: left promiscuous mode
[ 1730.726875][T11640] hsr_slave_1: left promiscuous mode
[ 1730.779001][T11640] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1730.787117][T11640] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1730.846161][T11640] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1730.854118][T11640] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1730.944477][T11640] veth1_macvtap: left promiscuous mode
[ 1730.950226][T11640] veth0_macvtap: left promiscuous mode
[ 1730.956223][T11640] veth1_vlan: left promiscuous mode
[ 1730.965726][T11640] veth0_vlan: left promiscuous mode
[ 1731.423879][T13689] Bluetooth: hci3: command tx timeout
[ 1731.772055][T11640] team0 (unregistering): Port device team_slave_1 removed
[ 1731.819439][T11640] team0 (unregistering): Port device team_slave_0 removed
[ 1732.690636][   T29] audit: type=1326 audit(1718197455.675:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17575 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feaef87cea9 code=0x0
[ 1732.775834][T17576] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1732.875257][T17537] chnl_net:caif_netlink_parms(): no params data found
[ 1733.504321][T13689] Bluetooth: hci3: command tx timeout
[ 1733.907747][T17537] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1733.915810][T17537] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1733.924006][T17537] bridge_slave_0: entered allmulticast mode
[ 1733.938163][T17537] bridge_slave_0: entered promiscuous mode
[ 1733.964121][T17537] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1733.971828][T17537] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1733.979790][T17537] bridge_slave_1: entered allmulticast mode
[ 1733.989117][T17537] bridge_slave_1: entered promiscuous mode
[ 1734.180930][T17537] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1734.245701][T17537] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1734.553191][T17537] team0: Port device team_slave_0 added
[ 1734.641255][T17537] team0: Port device team_slave_1 added
[ 1734.773639][T17537] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1734.781099][T17537] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1734.807591][T17537] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1734.869692][T17537] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1734.877033][T17537] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1734.903329][T17537] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1735.129695][T17537] hsr_slave_0: entered promiscuous mode
[ 1735.140638][T17606] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1735.153844][T17537] hsr_slave_1: entered promiscuous mode
[ 1735.175108][T17537] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1735.183049][T17537] Cannot create hsr debugfs directory
[ 1735.593800][T13689] Bluetooth: hci3: command tx timeout
[ 1736.822384][T17537] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1736.894970][T17537] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1737.013758][T17537] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1737.181466][T17537] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1737.236212][   T29] audit: type=1326 audit(1718197460.235:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17620 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbc55e7cea9 code=0x0
[ 1737.328279][T17624] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1737.663983][T13689] Bluetooth: hci3: command tx timeout
[ 1738.443330][T17537] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1738.650157][ T6954] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 1738.680979][T17537] 8021q: adding VLAN 0 to HW filter on device team0
[ 1738.781985][T17244] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1738.789999][T17244] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1738.808375][T17640] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1738.890777][T17244] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1738.898413][T17244] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1738.961564][ T6954] usb 2-1: Using ep0 maxpacket: 8
[ 1739.146306][ T6954] usb 2-1: config 0 has an invalid interface number: 127 but max is 0
[ 1739.159424][ T6954] usb 2-1: config 0 has no interface number 0
[ 1739.167910][ T6954] usb 2-1: too many endpoints for config 0 interface 127 altsetting 101: 146, using maximum allowed: 30
[ 1739.179551][ T6954] usb 2-1: config 0 interface 127 altsetting 101 has 0 endpoint descriptors, different from the interface descriptor's value: 146
[ 1739.194594][ T6954] usb 2-1: config 0 interface 127 has no altsetting 0
[ 1739.455048][ T6954] usb 2-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 1.00
[ 1739.468103][ T6954] usb 2-1: New USB device strings: Mfr=16, Product=1, SerialNumber=1
[ 1739.477925][ T6954] usb 2-1: Product: syz
[ 1739.482829][ T6954] usb 2-1: Manufacturer: syz
[ 1739.487797][ T6954] usb 2-1: SerialNumber: syz
[ 1739.536390][ T6954] usb 2-1: config 0 descriptor??
[ 1739.842821][ T6954] ftdi_sio 2-1:0.127: FTDI USB Serial Device converter detected
[ 1739.852439][ T6954] usb 2-1: Detected SIO
[ 1739.868551][ T6954] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1739.894644][ T6954] usb 2-1: USB disconnect, device number 28
[ 1739.929931][ T6954] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1739.940768][ T6954] ftdi_sio 2-1:0.127: device disconnected
[ 1740.744367][T17537] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1741.146819][T17244] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 1741.162024][T17537] veth0_vlan: entered promiscuous mode
[ 1741.329267][T17537] veth1_vlan: entered promiscuous mode
[ 1741.464330][T17244] usb 1-1: Using ep0 maxpacket: 32
[ 1741.604406][T17244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1741.622555][T17244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1741.632981][T17244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[ 1741.644605][T17244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1741.654802][T17244] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 1741.671774][T17244] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[ 1741.681568][T17244] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1741.706547][T17660] =====================================================
[ 1741.713763][T17660] BUG: KMSAN: uninit-value in dev_map_hash_lookup_elem+0x116/0x2e0
[ 1741.721867][T17660]  dev_map_hash_lookup_elem+0x116/0x2e0
[ 1741.727717][T17660]  bpf_map_lookup_elem+0x5c/0x80
[ 1741.732858][T17660]  ___bpf_prog_run+0x13fe/0xe0f0
[ 1741.737990][T17660]  __bpf_prog_run64+0xb5/0xe0
[ 1741.742844][T17660]  bpf_trace_run4+0x240/0x340
[ 1741.747684][T17660]  __bpf_trace_sched_switch+0x37/0x50
[ 1741.753265][T17660]  __traceiter_sched_switch+0xb7/0x150
[ 1741.758922][T17660]  __schedule+0x2eca/0x6bc0
[ 1741.763607][T17660]  __cond_resched+0x49/0xc0
[ 1741.768273][T17660]  do_recvmmsg+0x9fc/0xfd0
[ 1741.772874][T17660]  __x64_sys_recvmmsg+0x397/0x490
[ 1741.778104][T17660]  x64_sys_call+0xf6c/0x3b50
[ 1741.782885][T17660]  do_syscall_64+0xcf/0x1e0
[ 1741.787569][T17660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1741.793656][T17660] 
[ 1741.796059][T17660] Local variable stack created at:
[ 1741.801251][T17660]  __bpf_prog_run64+0x45/0xe0
[ 1741.806090][T17660]  bpf_trace_run4+0x240/0x340
[ 1741.810920][T17660] 
[ 1741.813338][T17660] CPU: 1 PID: 17660 Comm: syz-executor.1 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0
[ 1741.823568][T17660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1741.833751][T17660] =====================================================
[ 1741.840777][T17660] Disabling lock debugging due to kernel taint
[ 1741.847027][T17660] Kernel panic - not syncing: kmsan.panic set ...
[ 1741.853541][T17660] CPU: 1 PID: 17660 Comm: syz-executor.1 Tainted: G    B              6.9.0-syzkaller-02707-g614da38e2f7a #0
[ 1741.865256][T17660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1741.875439][T17660] Call Trace:
[ 1741.878821][T17660]  <TASK>
[ 1741.881849][T17660]  dump_stack_lvl+0x216/0x2d0
[ 1741.886728][T17660]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1741.892722][T17660]  dump_stack+0x1e/0x30
[ 1741.897072][T17660]  panic+0x4e2/0xcd0
[ 1741.901162][T17660]  ? kmsan_get_metadata+0xf1/0x1d0
[ 1741.906463][T17660]  kmsan_report+0x2d5/0x2e0
[ 1741.911152][T17660]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1741.917448][T17660]  ? __msan_warning+0x95/0x120
[ 1741.922620][T17660]  ? dev_map_hash_lookup_elem+0x116/0x2e0
[ 1741.928543][T17660]  ? bpf_map_lookup_elem+0x5c/0x80
[ 1741.933842][T17660]  ? ___bpf_prog_run+0x13fe/0xe0f0
[ 1741.939131][T17660]  ? __bpf_prog_run64+0xb5/0xe0
[ 1741.944161][T17660]  ? bpf_trace_run4+0x240/0x340
[ 1741.949204][T17660]  ? __bpf_trace_sched_switch+0x37/0x50
[ 1741.955038][T17660]  ? __traceiter_sched_switch+0xb7/0x150
[ 1741.960878][T17660]  ? __schedule+0x2eca/0x6bc0
[ 1741.966152][T17660]  ? __cond_resched+0x49/0xc0
[ 1741.970991][T17660]  ? do_recvmmsg+0x9fc/0xfd0
[ 1741.975866][T17660]  ? __x64_sys_recvmmsg+0x397/0x490
[ 1741.981348][T17660]  ? x64_sys_call+0xf6c/0x3b50
[ 1741.986303][T17660]  ? do_syscall_64+0xcf/0x1e0
[ 1741.991172][T17660]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1741.997444][T17660]  ? kmsan_get_metadata+0x146/0x1d0
[ 1742.002809][T17660]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1742.008793][T17660]  ? kmsan_get_metadata+0x146/0x1d0
[ 1742.014157][T17660]  ? kmsan_get_metadata+0x146/0x1d0
[ 1742.019523][T17660]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1742.025506][T17660]  ? try_to_wake_up+0xa27/0x1920
[ 1742.030630][T17660]  ? kmsan_get_metadata+0x146/0x1d0
[ 1742.035991][T17660]  ? kmsan_get_metadata+0x146/0x1d0
[ 1742.041357][T17660]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1742.047337][T17660]  __msan_warning+0x95/0x120
[ 1742.052080][T17660]  dev_map_hash_lookup_elem+0x116/0x2e0
[ 1742.057817][T17660]  ? __pfx_dev_map_hash_lookup_elem+0x10/0x10
[ 1742.064068][T17660]  bpf_map_lookup_elem+0x5c/0x80
[ 1742.069203][T17660]  ___bpf_prog_run+0x13fe/0xe0f0
[ 1742.074329][T17660]  ? kmsan_get_metadata+0x146/0x1d0
[ 1742.079713][T17660]  __bpf_prog_run64+0xb5/0xe0
[ 1742.084571][T17660]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1742.090556][T17660]  ? __pfx___bpf_prog_run64+0x10/0x10
[ 1742.096112][T17660]  bpf_trace_run4+0x240/0x340
[ 1742.100980][T17660]  ? kmsan_get_metadata+0x146/0x1d0
[ 1742.106346][T17660]  __bpf_trace_sched_switch+0x37/0x50
[ 1742.111914][T17660]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[ 1742.118182][T17660]  __traceiter_sched_switch+0xb7/0x150
[ 1742.123934][T17660]  __schedule+0x2eca/0x6bc0
[ 1742.128597][T17660]  ? kmsan_get_metadata+0x146/0x1d0
[ 1742.133956][T17660]  ? ___sys_recvmsg+0x255/0x840
[ 1742.139054][T17660]  __cond_resched+0x49/0xc0
[ 1742.143722][T17660]  do_recvmmsg+0x9fc/0xfd0
[ 1742.148336][T17660]  ? stack_depot_save_flags+0x2c/0x6e0
[ 1742.153960][T17660]  ? kmsan_internal_set_shadow_origin+0x66/0xe0
[ 1742.160435][T17660]  __x64_sys_recvmmsg+0x397/0x490
[ 1742.165655][T17660]  ? kmsan_get_metadata+0x146/0x1d0
[ 1742.171027][T17660]  x64_sys_call+0xf6c/0x3b50
[ 1742.175811][T17660]  do_syscall_64+0xcf/0x1e0
[ 1742.180500][T17660]  ? clear_bhb_loop+0x25/0x80
[ 1742.185378][T17660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1742.191478][T17660] RIP: 0033:0x7fbc55e7cea9
[ 1742.196030][T17660] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1742.215836][T17660] RSP: 002b:00007fbc56c270c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1742.224415][T17660] RAX: ffffffffffffffda RBX: 00007fbc55fb4050 RCX: 00007fbc55e7cea9
[ 1742.232526][T17660] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003
[ 1742.240627][T17660] RBP: 00007fbc55eebff4 R08: 0000000000000000 R09: 0000000000000000
[ 1742.248726][T17660] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1742.256824][T17660] R13: 000000000000006e R14: 00007fbc55fb4050 R15: 00007fffc820c858
[ 1742.264956][T17660]  </TASK>
[ 1743.673061][T17660] Shutting down cpus with NMI
[ 1743.678121][T17660] Kernel Offset: disabled
[ 1743.682524][T17660] Rebooting in 86400 seconds..