last executing test programs:

5m5.016897054s ago: executing program 1 (id=743):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f00000006c0)=ANY=[@ANYBLOB="b40800000000000073114100000000008510000002000000b7000000000000009500c2000000000095000012000000000e09b9445761db3ed82f7be4b9f1628b9a5c40384cb45e62e827e611f21a01a76f66f616553959b478ad3c46bb20e558783b21dd5307760617deec8b1b75c00853ee69e33ba2c01c28950365dd46fcc9f2ac6d20197fd68292e8445824f49b6fba41a316e13e462e31ca00d2622d56318d78e271d364329e7ae732bf8dade587bb30d67e23f78662621b74aabfd8eaf399893bab50fed33101f5a1085f991877907bd6117db675155932860499977f7384a8d94e810492c284fc7cc784ed942bf11d72897a7896f5f8c957984312e9d39eaa478a3065afd52404cb058b"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xc, 0x0, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

5m3.539306031s ago: executing program 1 (id=750):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000003c0)=0x2, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
write$cgroup_pid(r0, &(0x7f0000000180), 0x12)
sendmmsg$inet6(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000009c0)="19d2", 0x2}], 0x1}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000001280)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000480)=""/52, 0x34}], 0x1}, 0x4}], 0x1, 0x20000002, 0x0)

5m2.672259382s ago: executing program 1 (id=755):
syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000000), 0x10, &(0x7f0000000b00)={[{@name={'name', 0x3d, '-+(:[^\xe2#]*\\-/-*'}}]})

5m2.316983866s ago: executing program 1 (id=757):
syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3, &(0x7f0000000400)={[], [{@smackfstransmute={'smackfstransmute', 0x3d, '\\'}}, {@appraise_type}, {@obj_type={'obj_type', 0x3d, ' ^\x99'}}, {@subj_type={'subj_type', 0x3d, ':\\(\\.'}}, {@subj_type}, {@subj_role={'subj_role', 0x3d, 'nr_inodes'}}, {@seclabel}]}, 0x9, 0x61c, &(0x7f0000000700)="$eJzs3U1rXFUfAPD/nbwnz/MkDQ9qXWhAtAVt0qStFBG0CK5KqS8LwY1jk5ba6QtNRFMrTaFuBHHjQnDlwrrwO2hBcOUXcOHGlVSKSDdK0ZE7uTNOk7nJTMzMtJnfD8Y5556bOeea/HvOnDnnTgA9ayr9TyFid0RcSCIm68r6IyucWj3v9m+XT6SPJMrlV35N4vKVZKX+tZLseSwi0oI/xyP5LiIm+9bXu7h86UyxVFq4mOVnls5emFlcvrTv9NniqYVTC+fmnp47fOjgocOz++t+6uSLrV7frrr00WtvvTP+4bHXv/jsTjL75Y/Hkni+VpZeV6uvvZmpmIpypv54+v/18HZX1iV9tb+TfyRrD6z1QhsbREuqv7+BiHgwxqOv7rc5Hh+81NXGAW1VTqLWRwG9JhH/0KOq44Dqe/vm3gcPtnlUAnTCrSMRT9TifyAiqvHfvzo3GMOVuYHR28ld8zxJROzfhvrTOr7/9ti19BFtmocDGlu5OpTN26/t/5NKbE7EcCU3ertwV/wXsmnciWz+8OWNqxnPK5hak8/qH9rq9QDNW7kaEQ81Gv9vHv9vZM/p8Te3WH9O/AMAAAAAAABbcONIRDzV6PO/Qm39z2CD9T9jEXW757Zu88//Cje3oRqggVtHIp5tuP63UD1loi/L/beyHmAgOXm6tLA/Iv4XEXtjYCjNz9a/6Fd1Px0R+z6a/DSv/vr1f+kjrb+6FjBrx83+NauB5otLxW24dOh5t65GPNyfv/4n7f+TBv1/Gt8Xmqxj8vHrx/PKNo9/oF3Kn0fsadj/J7Vzko3vzzFTGQ/MVEcF6z3y3sdf59Uv/qF70v5/dOP4H0rq79ez2NrrD0bEgeX+cl75Vsf/g8mrfVG3E/Hd4tLSxdmIweTo+uNzrbUZ7ifDzZ/6fkRU4qEaL2n8731s4/m/2vi/Lg5Hsnt8NeOBv8Z+yivT/0P3pPE/v3H/P3F3/996Yu76xDd59R9vqv8/WOnT92ZHzP/BxpoN0G63EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADuR4WI+E8khelaulCYno4Yi4j/x2ihdH5x6cmT598+N5+WVb7/v1D9pt/x1XxS/f7/ibr83Jr8gYjYFRGf9I1U8tMnzpfmu33xAAAAAAAAAAAAAAAAAAAAcI8YW31at/8/9XNfV5sGdEJ/9izeoff0d7sBQNeIf+hd4h96V378/36nXNHR5gAd1Gz/X77S5oYAHbfF8b+PC2AH8P4fetVAc6cNt7sdQDfo/wEAAAAAYEfZ9eiNH5KIWHlmpPJIDWZltQ8GR7rVOqCdCnkFQ51tB9B51vBC77L0B3pXk4t/gR0sqaX+aLjZP3/1f9KeBgEAAAAAAAAAAAAA6+zZ3cT+f2BHyt3/D+x4G+z/b7Sxx+0CYAex/x96l9t8AdXBft43/dv/DwAAAAAAAAAAAAD3gOFLZ4ql0sLFxeWmE1daOfnfJ36JvKLnOtmM7UqsFO+JZtwPiYGIWFNUHl/9sz1TLL0WnW1PNWI6UddgB+vKSXTp3yMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCdvwMAAP//emUoLA==")
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

5m1.71424244s ago: executing program 1 (id=762):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xa1, 0x12, 0x17, 0x10, 0xb95, 0x172a, 0xf7f4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xfb, 0x0, 0x2, 0x6c, 0x5d, 0x65, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000140)={0x20, 0x16, 0x2e, "c9df8108b47a6c2a629a7049d007987d56c956648e3fd309bc1388108f4b2455d84af50d5d8bc171dc71927b67c6"}, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000003ac0)={0x2c, &(0x7f0000000700)={0x20, 0x15, 0x2, "35f1"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)

5m0.863854046s ago: executing program 1 (id=766):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000001010101000000000000000002000000040001801800028014000180"], 0x44}}, 0x0)

4m59.516110294s ago: executing program 32 (id=766):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000001010101000000000000000002000000040001801800028014000180"], 0x44}}, 0x0)

3m0.255537039s ago: executing program 4 (id=1350):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xfffe}, 0x6)

2m59.62810937s ago: executing program 4 (id=1354):
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x3e8, 0xa00, 0x70bd2a, 0x25dfdbfc, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4800}, 0x20008000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = signalfd4(r0, &(0x7f0000000100)={[0x100000000000000]}, 0x8, 0x80800)
syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv0\x00'})
setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f0000000400)={0x1, {{0xa, 0x4e24, 0xd2, @private2, 0x1ff}}}, 0x88)
sendmsg$SOCK_DESTROY(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x8008004)
syz_open_dev$sndpcmc(0x0, 0x3, 0x400)
syz_usb_connect(0x0, 0x36, &(0x7f0000000840)={{0x12, 0x1, 0x201, 0x1c, 0xe2, 0xda, 0x40, 0x4f3b, 0xc73, 0x8f81, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x2, 0x9, 0xc0, 0x1, [{{0x9, 0x4, 0xf6, 0x3, 0x2, 0x8, 0x2, 0x0, 0x6, [], [{{0x9, 0x5, 0xa, 0x2, 0x8, 0xfb, 0x6, 0x80}}, {{0x9, 0x5, 0xb, 0x2, 0x200, 0x6, 0x2, 0x2}}]}}]}}]}}, &(0x7f0000001040)={0x0, 0x0, 0x0, 0x0})
writev(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_MAC_ACL(r1, 0x0, 0x40)
read$msr(r1, 0x0, 0x0)
sendmsg$nl_generic(r1, 0x0, 0x20000010)

2m57.410782639s ago: executing program 4 (id=1363):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)={0x20, 0x0, 0x2, 0x5, 0x0, 0x0, {0x5}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x4}]}, 0x20}}, 0x0)

2m56.899556211s ago: executing program 4 (id=1367):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000005c0)={[{@dots}, {@dots}, {@dots}, {@dots}, {@fat=@nfs}, {@fat=@gid}, {@dots}, {@nodots}, {@fat=@umask={'umask', 0x3d, 0x8b3}}, {@fat=@check_strict}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x1}}, {@dots}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x7fff}}, {@nodots}, {@dots}, {@fat=@tz_utc}, {@nodots}, {@dots}, {@fat=@showexec}, {@nodots}, {@nodots}]}, 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
open(&(0x7f00000000c0)='./bus\x00', 0x64842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x300, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x204018, &(0x7f0000000140)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c686964652c73657373696f6e3d3078303030303030303030303030303032312c756e686964652c696f636861727365743d63703433372c6f76657272696465726f636b7065726d2c626c6f636b3d3078303030303030303030303030303430302c005fb50aab29cf1d32d24be5ab2a6506aa524c8f1cd5781842ee1c86bee627767fee958f25bb6db8e631262ed8a59d337d730b6698271aeb8c31c1902a7e236e5dd878e6c1352c0c799d8e80d7346f8d2870acebe617c694bbb925d3ab4fb01784c564c03d88c81d2f84f58e8c6ba18548f09fa6"], 0x1, 0x55c, &(0x7f0000000b00)="$eJzs3V1v08gawPHHpT1EOTrV0eEIoarAUM6RilSCk0CqiJv1OpN0ILEj20HtFapoiipSWFFW2vaG5YbdlXbv9gtwux9ivxHaj7Ar20nbtHmBvtBu9f9FMFN77HkmtfzITTwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgllux7bwldeO1ltVwbiXwG3s/drc+tEDu9BWx8uLAfkWs+J9kMnItXXTtv3urr8b/zcls+tOsZOIiIzv/vPrvh1cmJ3rbjwj4i9ja3nmx2um0X591IKfo+uXh62raM6FvGk5NKxP6qlwq2feWqqGqmroOV8JIN5QbaCfyAzXv3lH5crmodG7Fb3m1ilPXvYWLdwu2XVKPck3tBKHv3XuUC90lU68br5a0iVfHbRbjA/GxiVSknYZS6xuddnHcAOJG+U9pVFBKXek7qg8o2IVCPl8o5EsPyg8WbXvy0AL7ADnU4uwPWpytkz6FA0c20c3/UhcjnrRkWdTAlysVCcSXxpD1Xb38//97emS/+/N/L8tf21s9I0n+vyEiX4ncGJb/h8Qy5vWvXi9H2rrvtSXbsiMvZFU60pG2vD6Bff6dXjXR4omRUHwx0hAnWaK6S5SUpSQlseWpLElVQlFSFSN10RLKioQSiU6OKFcC0eJIJL4EomReXLkjSvJSlrIURYmWnKyILy3xpCYVcZK9rMtG8r4XRVnDYtxtlB86jGzviGhLYcRoyf84vhM8ewPH82cv/wMAAAAAgAvLSv76Hl//T8n1pFY1dW2fdVgAAAAAAOAEJZ/8z8bFVFy7LhbX/wAAAAAAXDRWco+dJSJZuZnW1sVKbpfijwAAAAAAAFwQyef/N+IimQPlpli706Vw/Q8AAAAAwAXx49g59sPmZev3PyQIpqx3zeX/WZvJ3LzO5qV0u0sH9xhVZ6zp7k6SopQWk5OunrUyaaPdSTA/dov1cXFYewE4uwF8/zkBXJmUn+VW2ubWWlqu9dakvWSrpq5zrl9/mBfHmZ6I9HL07cuN7yQZ/k9eY9rKyEannXv2qrOWxPIu3su7ze4EiofmURwRy5tkvoXknouBI55KbsTo9pu1ZH2j07b3j38i3Xyiv8e30yP6fC9zaau57oy32f7xZ+I+87lho+9GkT/myN/L7bTN7fnbaTEgisK4KAr7oxj8Xhw/iuK4KIrHjAIAzsr6mCxkyaG8e4Sz3NGyu3xmdn8v82mb+ZnkxDo5M+CMbo87o9vHzG6/HXoG0rAcG/f7y4Gs+iHe4MPQfsN6wYrfwktvNr+Rq1vbO3c3Nleft5+3XxYKxZJ937YfFGQqGUa3IPcAAAZIn7EjI56xM7aFdX/MVfV/dr9SkJNn8ko6siYLyd0GyTcOBu41u+9rCAtjrlqzSZpMn/CyMOKq7h/JXQ69/RZGtu2PoXj6vwgAAL6guTF5+FPy/8KY6+7+XD766ji772ltAADgdOjgo5WNfrCCwDSf5svlvBMtaRX47mMVmEpNK+NFOnCXHK+mVTPwI9/163HlianoUIWtZtMPIlX1A9X0Q7OcTB+ouo9+D3XD8SLjhs26dkKtXN+LHDdSFRO6qtn6um7CJR0kG4dN7ZqqcZ3I+J4K/Vbg6pxSodb7GpqK9iJTNXHVU83ANJwgo5749VZDq4oO3cA0Iz/dYa8v41X9oJHsNnfWbzYAAOfE1vbOi9VOp/36FCtnPUYAANCPLA0AAAAAAAAAAAAAAAAAAAAAwPn3Je7/o3LMysQ5/zX1poI+L/F8euXyr5PnIYzzWBl76nh76icnAKfqrwAAAP//HHhNeA==")
ioctl$FS_IOC_SETFLAGS(r0, 0x4c02, &(0x7f0000000140))
r1 = open$dir(&(0x7f0000000240)='.\x00', 0x0, 0x0)
renameat(r1, 0x0, r1, &(0x7f0000000440)='./file1\x00')

2m55.741367351s ago: executing program 4 (id=1373):
r0 = openat$ttyS3(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000780)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0xfce1)

2m55.469047378s ago: executing program 3 (id=1374):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
unshare(0x22020400)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842)
poll(&(0x7f0000000000)=[{r0, 0x100}], 0x1, 0x0)

2m55.079409658s ago: executing program 4 (id=1376):
syz_open_dev$loop(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000300)='sys_enter\x00'}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f00000001c0), 0x2, 0x0)
semget$private(0x0, 0x1, 0x0)
semop(0x0, &(0x7f0000000240)=[{0x0, 0x8001}], 0x1)
semctl$IPC_RMID(0x0, 0x0, 0x0)

2m54.724097666s ago: executing program 3 (id=1378):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000640)=ANY=[@ANYBLOB="6801"], 0x168)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
statfs(&(0x7f00000001c0)='./file0\x00', 0x0)

2m52.925526862s ago: executing program 33 (id=1376):
syz_open_dev$loop(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000300)='sys_enter\x00'}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f00000001c0), 0x2, 0x0)
semget$private(0x0, 0x1, 0x0)
semop(0x0, &(0x7f0000000240)=[{0x0, 0x8001}], 0x1)
semctl$IPC_RMID(0x0, 0x0, 0x0)

2m52.791836258s ago: executing program 3 (id=1382):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newroute={0x28, 0x18, 0x1ef, 0x0, 0x0, {}, [@RTA_MULTIPATH={0xc, 0x9, {0x8}}]}, 0x28}, 0x1, 0x11}, 0x0)

2m52.234768762s ago: executing program 3 (id=1383):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000005c0)={[{@dots}, {@dots}, {@dots}, {@dots}, {@fat=@nfs}, {@fat=@gid}, {@dots}, {@nodots}, {@fat=@umask={'umask', 0x3d, 0x8b3}}, {@fat=@check_strict}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x1}}, {@dots}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x7fff}}, {@nodots}, {@dots}, {@fat=@tz_utc}, {@nodots}, {@dots}, {@fat=@showexec}, {@nodots}, {@nodots}]}, 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
open(&(0x7f00000000c0)='./bus\x00', 0x64842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x300, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x204018, &(0x7f0000000140)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c686964652c73657373696f6e3d3078303030303030303030303030303032312c756e686964652c696f636861727365743d63703433372c6f76657272696465726f636b7065726d2c626c6f636b3d3078303030303030303030303030303430302c005fb50aab29cf1d32d24be5ab2a6506aa524c8f1cd5781842ee1c86bee627767fee958f25bb6db8e631262ed8a59d337d730b6698271aeb8c31c1902a7e236e5dd878e6c1352c0c799d8e80d7346f8d2870acebe617c694bbb925d3ab4fb01784c564c03d88c81d2f84f58e8c6ba18548f09fa6"], 0x1, 0x55c, &(0x7f0000000b00)="$eJzs3V1v08gawPHHpT1EOTrV0eEIoarAUM6RilSCk0CqiJv1OpN0ILEj20HtFapoiipSWFFW2vaG5YbdlXbv9gtwux9ivxHaj7Ar20nbtHmBvtBu9f9FMFN77HkmtfzITTwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgllux7bwldeO1ltVwbiXwG3s/drc+tEDu9BWx8uLAfkWs+J9kMnItXXTtv3urr8b/zcls+tOsZOIiIzv/vPrvh1cmJ3rbjwj4i9ja3nmx2um0X591IKfo+uXh62raM6FvGk5NKxP6qlwq2feWqqGqmroOV8JIN5QbaCfyAzXv3lH5crmodG7Fb3m1ilPXvYWLdwu2XVKPck3tBKHv3XuUC90lU68br5a0iVfHbRbjA/GxiVSknYZS6xuddnHcAOJG+U9pVFBKXek7qg8o2IVCPl8o5EsPyg8WbXvy0AL7ADnU4uwPWpytkz6FA0c20c3/UhcjnrRkWdTAlysVCcSXxpD1Xb38//97emS/+/N/L8tf21s9I0n+vyEiX4ncGJb/h8Qy5vWvXi9H2rrvtSXbsiMvZFU60pG2vD6Bff6dXjXR4omRUHwx0hAnWaK6S5SUpSQlseWpLElVQlFSFSN10RLKioQSiU6OKFcC0eJIJL4EomReXLkjSvJSlrIURYmWnKyILy3xpCYVcZK9rMtG8r4XRVnDYtxtlB86jGzviGhLYcRoyf84vhM8ewPH82cv/wMAAAAAgAvLSv76Hl//T8n1pFY1dW2fdVgAAAAAAOAEJZ/8z8bFVFy7LhbX/wAAAAAAXDRWco+dJSJZuZnW1sVKbpfijwAAAAAAAFwQyef/N+IimQPlpli706Vw/Q8AAAAAwAXx49g59sPmZev3PyQIpqx3zeX/WZvJ3LzO5qV0u0sH9xhVZ6zp7k6SopQWk5OunrUyaaPdSTA/dov1cXFYewE4uwF8/zkBXJmUn+VW2ubWWlqu9dakvWSrpq5zrl9/mBfHmZ6I9HL07cuN7yQZ/k9eY9rKyEannXv2qrOWxPIu3su7ze4EiofmURwRy5tkvoXknouBI55KbsTo9pu1ZH2j07b3j38i3Xyiv8e30yP6fC9zaau57oy32f7xZ+I+87lho+9GkT/myN/L7bTN7fnbaTEgisK4KAr7oxj8Xhw/iuK4KIrHjAIAzsr6mCxkyaG8e4Sz3NGyu3xmdn8v82mb+ZnkxDo5M+CMbo87o9vHzG6/HXoG0rAcG/f7y4Gs+iHe4MPQfsN6wYrfwktvNr+Rq1vbO3c3Nleft5+3XxYKxZJ937YfFGQqGUa3IPcAAAZIn7EjI56xM7aFdX/MVfV/dr9SkJNn8ko6siYLyd0GyTcOBu41u+9rCAtjrlqzSZpMn/CyMOKq7h/JXQ69/RZGtu2PoXj6vwgAAL6guTF5+FPy/8KY6+7+XD766ji772ltAADgdOjgo5WNfrCCwDSf5svlvBMtaRX47mMVmEpNK+NFOnCXHK+mVTPwI9/163HlianoUIWtZtMPIlX1A9X0Q7OcTB+ouo9+D3XD8SLjhs26dkKtXN+LHDdSFRO6qtn6um7CJR0kG4dN7ZqqcZ3I+J4K/Vbg6pxSodb7GpqK9iJTNXHVU83ANJwgo5749VZDq4oO3cA0Iz/dYa8v41X9oJHsNnfWbzYAAOfE1vbOi9VOp/36FCtnPUYAANCPLA0AAAAAAAAAAAAAAAAAAAAAwPn3Je7/o3LMysQ5/zX1poI+L/F8euXyr5PnIYzzWBl76nh76icnAKfqrwAAAP//HHhNeA==")
ioctl$FS_IOC_SETFLAGS(r0, 0x4c02, &(0x7f0000000140))
r1 = open$dir(&(0x7f0000000240)='.\x00', 0x0, 0x0)
renameat(r1, 0x0, r1, &(0x7f0000000440)='./file1\x00')

2m51.143437831s ago: executing program 3 (id=1387):
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000001300)={0xa, 0x4e20, 0x0, @loopback, 0x6}, 0x1c)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001880)=[{{0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000000240)="784e8532bc51d9778e4bbb81e255693d2832f3802728ed763aacf318e80e1b19cf30c5f4214185052aab22dea830553c6db324352d6edce6927f9e747f08a659c1365f8b318c734936b24ccb80c8b9892cf2d5f5e6f9bd14951b8dac37e3c51873f21eb6a3d5b0f6852ef05a094926bd00f74ab5d68f2dbec3a6471ec5517ea7973b0eadd203e9d651881048bf4102cc30729aae5c8a1b3a4223a29d92aa550723d99f6596f26bfc66e02de540c397a62d50bb060246300520caddf20ae6701bac03fe94aec0bb32b8ee92dd974bb54ea2ccc2959f4f07e91cb2f22e8e16b11cee681e1f909bc6edfd7d05f7c914a76c9c99879bc728e358d8fcd7e3767117482364ed76b0bd26fca5cc821dfcc0320e2da567cf8e266adcfa020bdc376bb0e3a3cc9725682a957265884a6705f12b04414779837b8fe1ac5457fc005d8609efe3a00007d08ac5a9c7442bbd775f9d7ff490b3fb820e2f4e64c31cfa2101de770ad8d0903c2cf7f907fccfadad58b54d3e76d855ccc9e69fa067578ef929d153e148f0e611a40fe480ee02c2c6880a3ebf78f949e53ffef9aab25fb2816e2933f480d6d60a91c045b70211934ace2695a867eb88d29b2253174baaa56ce64db43e4f5cc822d371c92fd49dec3ac483d904343b3549e529cac2b8be9532f073d7e7c742cf7fa09b030b36671b397e03b9aca2dea714e57b7b429bd064b3c5406b960dfceba3b624c67490309875a87a93250a9113c7e051c506ecb935ed7beef8b644e7725c473250b4b88c78a33c7329ae801e09fed0a408a4e7af19c2fe674b1a56da16c8aad062b00dc84ea79442cfca1645ee35e9bc22ce3199862506cb15cd79c2704c5b86bd992045fe4f8b3e07a9fe59f7b829a232a5fa15b8bcc971857e036afa9651cf114ac34600be4f663f07067e1e55ed8aa1641f6381cb6ce2cb751f032bd6588835acf67ddf7a3af75526ca75bdcfc7a5566044af497610e79987c61d8e5d8292a88107a5b4ee93a34eac880433585092356f76f2633db86b1a1412e10d3932bb7a52d3007dd635bda34a82769e5a9bdade27aed4f9c68f8527924b07749980e1e15c708010274a6c6ebc5213fe31d3bc459051823b7ee6c32797239e40d4821209b498c95080a2ca90c479da86c164304e02a7e71b8f55586292cc9fafa4c5bda285a9de792d6a6a03e5a1f2a13eac02a95f87f13fbfbedc6533b78cf5ac5ce562ef504f95465814f9bb35495196b73780c0a5fc7c6a006ee2d34123c1224d9c08baf0611ba9e7ceb3ccf887e58a78fe236947c4a486c83e49e0070d4fa81a9652e690dcdae169ebd65c281a863905a7ecf9c8f19fe059b2022ef75ab1e9c7c1ad532ff25da12c5e250f601ce95844223310d9959fddc0e684979c6f15d7673512237239b9eb48f72a930e5cc64c382c662db18581eb0069b2242058812f1ae092e139411fc8ec242e8f7dd4da10bcd3f92c0715edf775ffaabd181a36d2a39ceb192e3ebdff02c0c75bd259e725fd4cd5c2722efc41f37ab25706485a265d683c8569c3209a930e05047074b3941f41003d550d923e6dd50110e18d965763727739902067e73a520270c5cb53d6fd22ec4ea8853d113451cb3da2a7a698c807ec394c1da0b9de2a1d62f24a2292c65640ef6a0924191133e80aa60e4f8f5adbae3131956b38c997085f25f54338653d65847f1602e1ad7eb9501f9867e1bfc2410c3fc6402a1f605c0088ef13db8cf967a868e7ae2713b1dc297a5ab33b27566df656d954ee44ffed8a15bac40262099a3287f40425cd146c4a9639321fd46dd85dab9000bce3558f7c99de2849d57041d79082b82faf85abf5ac0c325ca3645500d2bb04809ac3ab33c24b738765d80c610c917b756a1cd4da3ce0921ae1789ea8c3f00532fe97c435cda5a2f5013b90ea596389af1fbba1510ce50d3476019d70be6634ddabdc925324e0bf6914a803c9bccb9f4daa61e9250e05a0d6e906d68418f906dfdcc416441828680bc9160a932168adf51240bce901a1eee84f69dce9cee3378f8414188afc484cfb92043b352271552a152ecac0ec1ba19f1dc72db5d4155d5bf6a63aee9a702f1e194082e609bb30419901349d244a11617795b4580a849196f5c67ed4b060e42b394bbfb4bbfa601d2c8ddff5986563df99b5f02a0f61d56d11a47095651d7337c7c167a04e4a71596fe58486d74bc8ef0a82c370c9ed24e58ed5950b119664767fd6742e967199c4671f5b48a2d723dabc77fc7f9ac57cc36d95b0e336032ccb4647a5502e44db059bb0bce58e4ed4bdd6931cc92c782c75d44d4a1f25e6f6ca076f2ea586ac5daadc5599aa6e5bb26206ffc1310779cba10d72bdbb7ef62b9d22bec948b2153afa5a8e1c1d8d724fc673069c74564102400417452c5eb5350e2a50a732f76122a5648525fa1793a0af6e0a3dcb568a598f7c179e908b40f19fc10a16d53b112692adc1e4dc954009f726057acf04a9740f6bb66327e746dcd7b8b8851e622f9da2c9ddd124e300f03f07e77cf04a263329b435ed04eadb9dc91cfe396f41114283eccbf58f2dccfe32f908cea6678f7490bacbe60c75eb2754e9722b2c58771537966bfe1066c4d28bcceccdca07eb60ddc355aa710266da85e456aa83739fea4ad7dadf461c682201391fa550e12e01be5a2a2c55c3b697aa2e176aad4be5a8dbfb8043f72c5743992e5c7000608a2cf86d88885bf6e1e2173b1361cec282ef35bde24cf99c11110c16c1678c38b74738911ec3eac23067500103f0f5d7dff122fca66852126ce9ac10c7c065992b3fcd81f7d94adad6fcb45872d3fa97f5d704f1653dad962c16daa6978e2fcf41f10257c306fc05fe4cd20e30989b37b19e874f27a065c8d62f2b4194a1540199be22b7e267ce6d2ffc8243421d9f629f5048587ff5d91f8c7bbb9049b40d859e6d382926ba8f005deb18727cefd76198d00d92ef680b56864c9eea9dca35b0e90d0afe1440af704bf00bd68ca088c568088d6aa34a42d66645743ad481b9e5490cfcee486f456490a0e9c3a0bff49b528871a4dfb104a18ba6a22df288349b6fca36b1908c548e90cec26fa28a0772fa4e9418c8d02a3319bc9e8f3892fc933f465ccb6ec683fdc9dd5854bb1295d114bde2e84d04513897ed3ee41ecc1d6d0354c57046c58e390836f11b3e6d4712f7d61b221aa147a58c3903b319a3da746296e576ae21bca4c1c939986fe04145093c4b9173e1936e54c4bfd9aaa4efdd39f2a39e9554fe1bfee4597ce8c798b6233e22a8dcdc7e610ddf6a8c810e7429bb2fcd60f7108119112b3cc5a71fef1fac311afa0d034fd00954111ded4cf381d6a73cc4f6165052325e04566fbb2c644e8bd7e7cf3923af608af8f3537deaaef891bdc258a8341e742f62727444c2cb28ccf8c7e3d79d1162c29af2914627830fe3433c8beb27efc8e08f14581ee0acb0a761a2b0a1f219601c9bae3c6d92f2d3d712e9c239d2910e9ea0f539bc069b7e8a1e36abb4e3ec20ca1677fa0cf3c4d2d3180d15a3c808d0421b564fcb180316df4f46b33df1e57ca2644d8b3fcdd13fef43a3ab76982887a4751615e7665d639854c8c3a8bdceb6cee0fb00fb19f98c42cd6a555da3c4d6a5c6c3ca9f7ccece5bee4907e8676a05aaf4213d4e60c4f5f0bf1a8126b6555ec137dc5f7ca56901bf21329da5a6ad30ebd1d454d7ee3110ae88de0109084e1cdc6342b68883a5205ef763645cdf26815e9f99f8c4bcc5227142ba4e9da752abe3ce3a11f2df8aff40ea3db731c8c1992fc0ab2681c9613861f61f8173d7fafd7a3516e169a8c0541d7632a59641ad3c67ca2cde8dcfcababaa676e25f113d0a6bf3274fc532fafb6042b633051039d682d87477f3a14fa77a7966a6f019738c0a8eb737eea7464d4477f7be1a4553ae736f0dde836688cd4d90e0d207cb82b33f1207d893b1c720d3070c73d6a9b1e52634aea9117ba6a3c063c28e46a687ab0e239b0d95cc2eb76f2b1b6fa6963bb11489e490e70d7f2394cb350f952170a0f6c6338e8460579a1013d9bbc9cc438f617551803af00700e636d0545a4a6877698441b5961cf86d5c40fbbf95775d13dbb50de6a565bd98c3fc8db86278de0bdada8860917ae00345191f96cdffb43216705048851b9bb9cca1e14d394bd9ecd6f567cb16a17592535b0322d143e14f0f982262d5ea7f6790e16c49f6e8740c40be3ae70bf21e5691a175b0060e72c8025f46a439732b8cb8239a5e6823846838f54cb939beca1ca0425c3e43027b3526fc1ffe5e71b72a908002e2e5090e343e87c82cbf2f162f2fef4081c4212b9e4eed4f746a85859f33bcca464667b850851c6e6aafacf930c2f70e777133c651c1851ea8015a9f01cf7c41bf37af677dcd6ad9b0a8eb235f73db7f72007b9d12044451725c559f47deb4bf5054f154e805788a39e69754a054aff979122800365765843cce90a93a3bc6955963594e02da9f7fad62743419870c04751fcd7d8800fc17d6c1566fd1c35f9b464d235d7569f2d0cceeee1c5adbff3e87f3e67bc4beaa4a3fb948b2241b315d0d2a2060bdb2514eaae67a0add5ff446c8291c69d3acd9b7ffa4d01490994bf0135759ba56973d703883c4736c76f5dacb2629bdb429e41bce829bf72b13c0c3d0163efff66b3cde89a61ec6d4a0c3269924934575ff6a6656fc89e9d0d5a5d2a093022b9791763c14a76581e5e1e9f0cf56803e3a29fa93610cff5473a9299dff90e5bfd0e078bc0c4f48a7e379c63b5b048a5ddaeddb495c1631b871f053ad863e832fdc250c1de5242375734feb2895f905d77a1cb3219bb48c3a1403173e401f99d30e5af3731a08fc47186657353cef9e0a628cbf2f67bbe297c9e5bc1b99968f6d744e338a9b3618f180e49d1b641290b2beeaba720abdf6ef0391ab5499d15b5ee5480060e05bb1b50e6516f1f28588343c73c037f410a413cddaecaca940072844ad343a497984d45aa9b8e2be120b8bd0c6e786f5541e7d400d58431417001694a990af3270f82e4a8717e29514", 0xe00}], 0x1}}], 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000006480)={&(0x7f0000b9a000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb8, 0x0, 0x0, 0xfffffffffffffed8}, &(0x7f00000064c0)=0x40)

2m50.400747467s ago: executing program 3 (id=1391):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000140)={0xc0, 0x0, 0x8000})
ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7)

2m49.61508387s ago: executing program 34 (id=1391):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000140)={0xc0, 0x0, 0x8000})
ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7)

2m44.813904781s ago: executing program 0 (id=1409):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
ioctl$UI_GET_SYSNAME(r0, 0x8040552c, 0x0)

2m44.16618363s ago: executing program 0 (id=1411):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x17)
r1 = socket$inet(0xa, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000000640)=@framed={{}, [@map_fd={0x18, 0x0, 0x2, 0x0, r0}, @ldst={0x1, 0x0, 0x4}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r3, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000400)='F*', 0x2}], 0x1}, 0x4)
setsockopt$sock_attach_bpf(r3, 0x84, 0x24, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020ff0600000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000020000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getsockname(r3, &(0x7f0000000140)=@hci, &(0x7f00000001c0)=0x80)
futex(0x0, 0x1, 0x0, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x3ff, 0x0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$unix(0x1, 0x1, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f0000003000)=@file={0x1}, 0x6e)
listen(r6, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
setresuid(0x0, 0x0, 0xee00)
connect$unix(r7, &(0x7f0000000280)=@file={0x1}, 0x6e)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)

2m42.600348952s ago: executing program 0 (id=1414):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000480)={[0xfffffffffffffffd]}, 0x0, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigpending(0x0, 0x0)
bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
clock_gettime(0x0, &(0x7f0000000540)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f0000000040)={0x2, 0x7ff, 0x5, 0x10001, 0x5, 0x0, 0x4, 0xd98}, &(0x7f00000004c0)={0xb, 0x2, 0x800, 0x4, 0x2, 0x90b, 0x4, 0x1}, &(0x7f0000000500)={0x1, 0xb, 0x8, 0x4, 0x100000000, 0x1000, 0x7, 0xe4}, &(0x7f0000000580)={r2, r3+60000000}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x4]}, 0x8})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x48}}, 0x0)

2m41.587867633s ago: executing program 0 (id=1416):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000005c0)={[{@dots}, {@dots}, {@dots}, {@dots}, {@fat=@nfs}, {@fat=@gid}, {@dots}, {@nodots}, {@fat=@umask={'umask', 0x3d, 0x8b3}}, {@fat=@check_strict}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x1}}, {@dots}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x7fff}}, {@nodots}, {@dots}, {@fat=@tz_utc}, {@nodots}, {@dots}, {@fat=@showexec}, {@nodots}, {@nodots}]}, 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
open(&(0x7f00000000c0)='./bus\x00', 0x64842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x300, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x204018, &(0x7f0000000140)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c686964652c73657373696f6e3d3078303030303030303030303030303032312c756e686964652c696f636861727365743d63703433372c6f76657272696465726f636b7065726d2c626c6f636b3d3078303030303030303030303030303430302c005fb50aab29cf1d32d24be5ab2a6506aa524c8f1cd5781842ee1c86bee627767fee958f25bb6db8e631262ed8a59d337d730b6698271aeb8c31c1902a7e236e5dd878e6c1352c0c799d8e80d7346f8d2870acebe617c694bbb925d3ab4fb01784c564c03d88c81d2f84f58e8c6ba18548f09fa6"], 0x1, 0x55c, &(0x7f0000000b00)="$eJzs3V1v08gawPHHpT1EOTrV0eEIoarAUM6RilSCk0CqiJv1OpN0ILEj20HtFapoiipSWFFW2vaG5YbdlXbv9gtwux9ivxHaj7Ar20nbtHmBvtBu9f9FMFN77HkmtfzITTwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgllux7bwldeO1ltVwbiXwG3s/drc+tEDu9BWx8uLAfkWs+J9kMnItXXTtv3urr8b/zcls+tOsZOIiIzv/vPrvh1cmJ3rbjwj4i9ja3nmx2um0X591IKfo+uXh62raM6FvGk5NKxP6qlwq2feWqqGqmroOV8JIN5QbaCfyAzXv3lH5crmodG7Fb3m1ilPXvYWLdwu2XVKPck3tBKHv3XuUC90lU68br5a0iVfHbRbjA/GxiVSknYZS6xuddnHcAOJG+U9pVFBKXek7qg8o2IVCPl8o5EsPyg8WbXvy0AL7ADnU4uwPWpytkz6FA0c20c3/UhcjnrRkWdTAlysVCcSXxpD1Xb38//97emS/+/N/L8tf21s9I0n+vyEiX4ncGJb/h8Qy5vWvXi9H2rrvtSXbsiMvZFU60pG2vD6Bff6dXjXR4omRUHwx0hAnWaK6S5SUpSQlseWpLElVQlFSFSN10RLKioQSiU6OKFcC0eJIJL4EomReXLkjSvJSlrIURYmWnKyILy3xpCYVcZK9rMtG8r4XRVnDYtxtlB86jGzviGhLYcRoyf84vhM8ewPH82cv/wMAAAAAgAvLSv76Hl//T8n1pFY1dW2fdVgAAAAAAOAEJZ/8z8bFVFy7LhbX/wAAAAAAXDRWco+dJSJZuZnW1sVKbpfijwAAAAAAAFwQyef/N+IimQPlpli706Vw/Q8AAAAAwAXx49g59sPmZev3PyQIpqx3zeX/WZvJ3LzO5qV0u0sH9xhVZ6zp7k6SopQWk5OunrUyaaPdSTA/dov1cXFYewE4uwF8/zkBXJmUn+VW2ubWWlqu9dakvWSrpq5zrl9/mBfHmZ6I9HL07cuN7yQZ/k9eY9rKyEannXv2qrOWxPIu3su7ze4EiofmURwRy5tkvoXknouBI55KbsTo9pu1ZH2j07b3j38i3Xyiv8e30yP6fC9zaau57oy32f7xZ+I+87lho+9GkT/myN/L7bTN7fnbaTEgisK4KAr7oxj8Xhw/iuK4KIrHjAIAzsr6mCxkyaG8e4Sz3NGyu3xmdn8v82mb+ZnkxDo5M+CMbo87o9vHzG6/HXoG0rAcG/f7y4Gs+iHe4MPQfsN6wYrfwktvNr+Rq1vbO3c3Nleft5+3XxYKxZJ937YfFGQqGUa3IPcAAAZIn7EjI56xM7aFdX/MVfV/dr9SkJNn8ko6siYLyd0GyTcOBu41u+9rCAtjrlqzSZpMn/CyMOKq7h/JXQ69/RZGtu2PoXj6vwgAAL6guTF5+FPy/8KY6+7+XD766ji772ltAADgdOjgo5WNfrCCwDSf5svlvBMtaRX47mMVmEpNK+NFOnCXHK+mVTPwI9/163HlianoUIWtZtMPIlX1A9X0Q7OcTB+ouo9+D3XD8SLjhs26dkKtXN+LHDdSFRO6qtn6um7CJR0kG4dN7ZqqcZ3I+J4K/Vbg6pxSodb7GpqK9iJTNXHVU83ANJwgo5749VZDq4oO3cA0Iz/dYa8v41X9oJHsNnfWbzYAAOfE1vbOi9VOp/36FCtnPUYAANCPLA0AAAAAAAAAAAAAAAAAAAAAwPn3Je7/o3LMysQ5/zX1poI+L/F8euXyr5PnIYzzWBl76nh76icnAKfqrwAAAP//HHhNeA==")
ioctl$FS_IOC_SETFLAGS(r0, 0x4c02, &(0x7f0000000140))
r1 = open$dir(&(0x7f0000000240)='.\x00', 0x0, 0x0)
renameat(r1, &(0x7f0000000400)='./file0\x00', r1, 0x0)

2m39.760699078s ago: executing program 0 (id=1417):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000180)=0x7f, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x8}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e25, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000340)="2bd1598df75c98a6936444aa68d948213365771a20eb8b0338634fc5b0ef9432584af949108856571424758106273e2a06a088a30c2b700286f933c1b5a338e8f15fff2559eb545e1e8cfcb73d18c15dfaf04550bbd479aca9d59f408a7f8647ee014f5c0325ae447fc915d6a5ba5ddd204b1d4f3c83fc3a8b2e79726653", 0x7e}], 0x1}}], 0x1, 0x0)

2m38.56817848s ago: executing program 0 (id=1419):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x8000, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[], [{@smackfsroot={'smackfsroot', 0x3d, 'trans=fd,'}}]}})

2m35.825683032s ago: executing program 35 (id=1419):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x8000, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[], [{@smackfsroot={'smackfsroot', 0x3d, 'trans=fd,'}}]}})

2m26.04640945s ago: executing program 5 (id=1434):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0e000000040000000400000007"], 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001cc0)={r0, &(0x7f0000001c80)}, 0x20)

2m25.37696998s ago: executing program 5 (id=1435):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x17)
r1 = socket$inet(0xa, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000000640)=@framed={{}, [@map_fd={0x18, 0x0, 0x2, 0x0, r0}, @ldst={0x1, 0x0, 0x4}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000400)='F*', 0x2}], 0x1}, 0x4)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000040)={<r5=>r3, 0xce5, 0x7fffffff, 0x7fffffffffffffff})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020ff0600000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000020000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getsockname(r4, &(0x7f0000000140)=@hci, &(0x7f00000001c0)=0x80)
futex(0x0, 0x1, 0x0, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x3ff, 0x0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$unix(0x1, 0x1, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000003000)=@file={0x1}, 0x6e)
listen(r8, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
setresuid(0x0, 0x0, 0xee00)
connect$unix(r9, &(0x7f0000000280)=@file={0x1}, 0x6e)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close_range(r10, 0xffffffffffffffff, 0x0)

2m23.258063637s ago: executing program 5 (id=1437):
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x9})
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000001380)={0x0, 0x0})

2m22.175905872s ago: executing program 5 (id=1439):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00')
r1 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x1217880, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
sendfile(r1, r0, 0x0, 0x8000000d)

2m20.680414091s ago: executing program 5 (id=1442):
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$netlink(0x10, 0x3, 0xf)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200))
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)

2m19.763684039s ago: executing program 5 (id=1444):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x17)
r1 = socket$inet(0xa, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000000640)=@framed={{}, [@map_fd={0x18, 0x0, 0x2, 0x0, r0}, @ldst={0x1, 0x0, 0x4}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000400)='F*', 0x2}], 0x1}, 0x4)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000040)={<r5=>r3, 0xce5, 0x7fffffff, 0x7fffffffffffffff})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020ff0600000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000020000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getsockname(r4, &(0x7f0000000140)=@hci, &(0x7f00000001c0)=0x80)
futex(0x0, 0x1, 0x0, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x3ff, 0x0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$unix(0x1, 0x1, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000003000)=@file={0x1}, 0x6e)
listen(r8, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
setresuid(0x0, 0x0, 0xee00)
connect$unix(r9, &(0x7f0000000280)=@file={0x1}, 0x6e)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close_range(r10, 0xffffffffffffffff, 0x0)

2m15.471118439s ago: executing program 36 (id=1444):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x17)
r1 = socket$inet(0xa, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000000640)=@framed={{}, [@map_fd={0x18, 0x0, 0x2, 0x0, r0}, @ldst={0x1, 0x0, 0x4}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000400)='F*', 0x2}], 0x1}, 0x4)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000040)={<r5=>r3, 0xce5, 0x7fffffff, 0x7fffffffffffffff})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020ff0600000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000020000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getsockname(r4, &(0x7f0000000140)=@hci, &(0x7f00000001c0)=0x80)
futex(0x0, 0x1, 0x0, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x3ff, 0x0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$unix(0x1, 0x1, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000003000)=@file={0x1}, 0x6e)
listen(r8, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
setresuid(0x0, 0x0, 0xee00)
connect$unix(r9, &(0x7f0000000280)=@file={0x1}, 0x6e)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close_range(r10, 0xffffffffffffffff, 0x0)

11.204516119s ago: executing program 2 (id=1834):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a3100000000090001007379"], 0xe8}}, 0x0)

11.116890868s ago: executing program 9 (id=1835):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

9.299463961s ago: executing program 9 (id=1839):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
r1 = syz_open_pts(r0, 0x141601)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_tables_matches\x00')
read(r2, &(0x7f00000000c0)=""/181, 0xb5)
setuid(0xee00)
fcntl$setstatus(r1, 0x4, 0x102800)
write(r1, &(0x7f0000000000)="d5", 0xfffffedf)
ioctl$TCFLSH(r0, 0x540b, 0x0)

8.580663308s ago: executing program 9 (id=1842):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r1 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000001c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

8.06779845s ago: executing program 9 (id=1845):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @adiantum, 0x3, @desc1})

7.678034655s ago: executing program 2 (id=1848):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0782010000000000140012800900010076657468000000000400028008000a00", @ANYRES32], 0x3c}}, 0x0)

7.263875531s ago: executing program 7 (id=1849):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
keyctl$get_security(0x11, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x101089e, &(0x7f0000000d00)=ANY=[@ANYBLOB="756e686964652c68696465006e6f726f636b2c73657373696f6e3d3078303030303030013030303030303030312c686964652c63007b6865636b3d7374726963f4416e6f636fd689c91ceb036442a5e8b65659212a2bbc4e30952aa22edafcc01c50d9545f6d70726573534d6e6f726f636b2c6368657f12106458668eb97fd25f742c696f636861727365743d69736f383835392d31332c63727566742c7065726d6928d7997c17d1c8704a54dc34229c72656374696f2c61756469742c004b32b19ac463afda9675ef356e50e2fb3d253ba1480f27afe645fded942f5957f2992896524e7731fa148037452b21c34c9918911ac37dff04099efbbf3c69c8fb9bdcda4683151bb24329a40b273da9bce1145213686d55a96caab752943c330423edc3876e0b859d57cd6d60dc5220aa1367c24de5e66343c128db17391d25b7aa35001e68df726f9ca1e0bfab6993329f0318602f3c51a28ed0858da3e3c47e95de50cbd34e68dd8517f143ef9e4d817aae8e0d2e71215bc0127620b046361adbde0b60bee63e91aa28d93cd8d79802966dbfacceffe6b1d302c5515d7323f7cca3f665a6964cba6cd16ae40bc68e94ac6b40bf96a55dcefd4024a5d7a848d08bdb5d8bb89b4cbf68cf6ae0fd7858fa38b738c1ee6822f2cf1e4bc3941199251d603d495ab6ce2ddb8e918e72b9171aaa287f2b19755bdc92109150850d5c14ec2ac32dee0122b28fcb3e88d5096d6352799c5f13f597695adfd21e644379e25e8d82b86dfb9b728c0a48f27b64e6a400000000000000000000000000fa41c3f14dca4ef03fed7e6466a4e2d4503979398731ec0fc7487e0b09466d841e2d8e64ed9e0d4333e6a79acee454fdb4fff932f1230000000000000000000000000000008542adf0fe97ffe013807469b137a0249418fa9db8194c4bb79530c7c2486fb661847edcfa2a75da52b6829842ad89a1c923a605e08611d9120a58fe28d78f21970c50c3242c4f6909263fbdf4fcb43d83877c271c2ed40911482203e370fcd14dbd70b884cac1345264462f3297148a8706ea11ace1e8c10c46326c404bd022cbd1e3d522373918f55fad927a44ec020ebb76fbc258e1e0af32e463b065efcd53fe4641727a319ff79d126a026fb57416a941bed33c2abd3929bc4fed2db1120280033c1b07908d12b5bf51f0e8674c2d9a579881e8503dcd"], 0x1, 0x66f, &(0x7f0000000400)="$eJzs3Vtv2+Ydx/Ef5YMUdwiKbQiCIE2eJCvgYJlCyY0DIwNWjaJsbpIokPRgAwOKrLGLIHK6JRmw+KbwzQ5A9wZ215td7EUM2PXexe42oNjuBuyGAw+yJetkNYrTw/djtKLIP5/nT1LhH7TFhwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALKcum1XLDW99vaOGc+pB35rwvKstSXdziZuT+1XspL/VCrpcjbr8ndPFl9K/ndTV7N3V1VKXko6fOvS2w++s1jorT8hoS9Cszb4/OXhk4fd7t6zM8QuaObm3yQVzhC06ba90PdatU3XeKFvNtbX7btbjdA0vKYb7oaR2zJO4BYiPzCrzm1T2dhYM255199ub9ZrTbc38/4Pqra9bn5SzA60pHLobHnNptfeTGOSxUnMffPpz7MAt9YyZv9xd29tWpJJUOUsQdVpQVW7Wq1UqtXK+r2Ne/dte3Fohp2w7GMaipj7hxZfMfM7eQOvqJDU/39YUlMltbWtHZmRP47qCuSrNWZ5rlf/373rTuy3v/73qvxl6Uf54itK6/+17N21cfV/TC5GxXSFUUusMfNn+1nKW3mulzrUEz1UV13t6dkc2jYy1+fSyjn8bMpVW55C+fLUUi2dY/I5Rhta17psfaAtNRTKqCFPTbkKtatQkdz0E+UokKuaIvkKZLQqR7dlVNGGNrQmI1dl7crXttraVF01/TeO4309Tvf72oQc1QuqjAko9gdVJ7Q0rv7/4pPsc5rXf5v6/02VfQ6K+VlsUgzwJRDn1/8zuv56sgEAAAAAAK+Dlf723Ur/dv+OpFgNr+nabzotAAAAAAAwR5bioq7KUvqVNr0ji+t/AAAAAAC+bqz0HjtL0kr6pX7r5E6os/wSYOEcUgQAAAAAAK8ovfP/2rIUp4NWXJc10/U/AAAAAAD4Cvh93xj7i70xduPen/ULksJO0frrv4sKlqyjzs73rINasqR2kMcMfQMgalyxLuYD9aYvy5LSd4571cp7ywfBPB538PP9aWP9W8GpBJYX+hsYk4CV9Ly+mL/Tp7qRrXIjH2f+0WFB6ZKsl5WG13TLjt98UFGtdrEQuTvRr58+/o0UHG/n/uPuXvnDj7uP0lyOkllHB0mjnwykUxi9M05yeZGOt5DeczFqiy+o0evyD+3WipX2a/e2f0G1g0J/R5MOwEmfv9XN7JjdXMliVw6PR9xPtr+UbH+lnB6yga0PlqyTLCqnt3zUgRiTRSnN4lYWc2v1VvbSyy9pp2CVvr8gVcvDx2Agi2p/FtP3hfWfoX0xJoujvn2xlmTxt6ShMVmszZbF0BEBgDdl/6QKpYOYD9XdXnnondS+UN2ZXt3fH6zuL/4Ux+kKC9Ji/reJib2UlJzRV620Di0rPbEuXumvK/kZ3c7rSkljzuj2K1S3pK+/nDwDKU97KIv/xXH8oJL2+8dTVfWzZIXPxvYbNqsLyS68++Lgl+kA+ImP9j7ae1qtrq3b79n2vaqW0s3IXxZE7QEADJn+jJ2pEdZ7upFF3Hj0r3ezqYGK9+3jrxSU9aE+VlePdKf3CIHro1td6fsawp3sqlV9V63m0tsPLkinYyu6M/baMq2lfbHV49gl9VYZrNQnsWuv+SgAAHC+bk6pw6Prf2mg/t/RahaxemXkdfdgLT/9hOBxsZXpyb8/770BAMA3gxt8bq1Ev7OCwOt8UNnYqNSiLdcEvvNTE3j1Tdd47cgNnK1ae9M1ncCPfMdvmk6gold3QxNudzp+EJmGH5iOH3o76ZPfTf7o99Bt1dqR54SdplsLXeP47ajmRKbuhY7pbP+46YVbbpCuHHZcx2t4Ti3y/LYJ/e3AccvGhK7bF+jV3XbkNbxksm06gdeqBbvmZ35zu+Wauhs6gdeJ/KzBXl9eu+EHrbTZsuKZH3QIAMDX0fOXh08edrt7zyZMHGl6TD6xPKJBxggCAOBL5qRcz7BS6TUmBAAAAAAAAAAAAAAAAAAAAAAAhpzl/r+ZJpZG3SwoHc/51cUztWNp3onNMlGYda3eLRGHT/4+IfjC8Zze7u+POTq3Dfznt6S30jnK5izOv68L6d44vwP3w/1sj46NSRaOXFQ8PhaL8//nkEw8/fOYRXEcx5NXLw7uw+VJGzg4sSjp2fIrHII3cDICcK7+HwAA//9IyDu7")
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0xbe562c8f84d38897, 0x49)

7.007843727s ago: executing program 9 (id=1851):
futex(&(0x7f0000000040)=0x2, 0xc, 0x1, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)=0x1, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/address_bits', 0x107002, 0x0)
syz_clone3(&(0x7f0000000340)={0x80000000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000140), {0x1b}, &(0x7f00000001c0)=""/235, 0xeb, &(0x7f00000002c0)=""/31, &(0x7f0000000300)=[0x0], 0x1, {r0}}, 0x58)

6.930804594s ago: executing program 6 (id=1852):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
syz_open_pts(r0, 0x141601)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_tables_matches\x00')
read(r1, &(0x7f00000000c0)=""/181, 0xb5)

5.735793726s ago: executing program 6 (id=1853):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000040)='./file1\x00', 0x2000000, &(0x7f0000000300)=ANY=[@ANYBLOB="000075b8b62e943fefae1913e055b8852885f3200b41a4a7e940141a3e9a708cfa000f58442c767bb8bac7e75a49ac5762e52f7f3bf6909e28d3468821124bce8d75bf8584dedd275c45e85bfa22d157b6d5ac4e569df05173d6ff9d8ed3bdf95c41f60f6a1b456842fecd0f09b6ab9136de2336b349cfe9cd308933da9b574e4f040f"], 0x1, 0x5f3, &(0x7f0000000d40)="$eJzs3cFvHFcdB/Dvrh1n10jJxk3agCphFalCWCS7tkRShASUgixUoUocOFvESaxs0sreIrcHCIhDxal/Qjn4H0Aci5QD7RFOPRv1iMQZ31zN7Ky9jreunaTZdfL5SLPvvXkzb3/vN7OTmbWiDfDcWl7I9IPUsrzw5mbR3t5a6m5vLd0d1JOcTVJPGklqxeq/J/k8uZ/+km8OOobKQz77uHHr0w8/+aDfalRLuX3tqP0Oa45YtxdLqx9rWT6GA+MtPvZ4B2c4l2T+8eKDJ2N34D8ju0/wuQQATptaMjVqfSuZrW7Wi+eA/l1x/x771Dk/VL8/xjgAAADgaTm/k51s5ty44wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDTpPr9/1q11Af1+dQGv/8/U61LVT/VHow7AAAAAAAAAAA4ntmjOr+9k51s5tygvVsr/+b/Stm4WL5+I+9mI6tZz5VsZiW99LKeTpLW0EAzmyu93nrnGHsujtxzca89/YTmDQAAAAAAAADPkz9lef/v/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAlqyVS/KJeLg3or9ekkjSQzxXb3k38P6qfZg3EHAAAAAE/B+Z3sZDPnBu3dWvnM/2L53N/Iu7mXXtbSSzeruVF+F9B/6q9vby11t7eW7hbL4XF/+r8ThVGOmP53D6Pf+XK5RTM3s1auuZLf5u10cyP1cs/C5UE8o+P6YxFT7ceVY0Z2oyqLmf+yKidDq8zImb2MtKvYimxcODoTJzw6D79TJ/W9b34ufg05n63KYj5vTHTOF4fOvhePzkQy95u/XLvdvXfn9s2NhcmZ0iN6OBNLQ5l46bnKRLvMxKW99nJ+kV9nIfN5K+tZy++ykl5WM583ytpKdT4Xr62jM/WTA623viqSmeq49K+iJ4vplXLfc1nLr/J2bpRHtJ1ruZbF/CCvpX3gCF8aGfcfdqvu8lNfP9mn/jvfrSpnkvy8KidDkdcLQ3kdvua2yr7hNftZmnvy18bpb1WV4ux5feKujRce+ldikIkXjs7EX8sTZ6N778767ZV3jvl+r1ZlkYGfHcrE7tRjT+iRFefLXHGwytbBs6Poe2FkX6fsu7jXVz/Ud2mv76s+qTPVPdzhkRbLvpdG9vX3u9zvaxa9o+63AJh4s9+bnWn+t/mv5kfNPzdvN99svH72+tmXZ3Lmn2d+ON2eerX+cu1v+Si/33/+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHt3Ge+/fWel2V9cnu/L/3b5JiUdF5RmvjPvKBHzdrvbuvnN14733v792d+XW6q3Ve6+1r1/vdDrX2ldvrnVXq9dxRwkAPEn7N/3jjgQAAAAAAAAAAAAAAPgyT+O/E497jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLNteSHTD1JLp32lXbS3t5a6xTKo72/ZSFIrKv9I8nlyP/0lraHhal/2Pp993Lj16YeffLA/VmOwfe2o/Y7nR7NDsdSrcnfqkcc7MLfFh+Z4cvsznE8yV5Uwdl8EAAD//xM7C14=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='.\x00', 0x0, 0x10f482a, 0x0)
pwritev2(r0, &(0x7f0000000000)=[{&(0x7f0000000200)="59f9d4", 0x3}], 0x1, 0x7fff, 0x80, 0x14)
close_range(r0, 0xffffffffffffffff, 0x0)

5.496980163s ago: executing program 2 (id=1854):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x28000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000efff07010040"])

4.076147949s ago: executing program 9 (id=1857):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delqdisc={0xd8, 0x25, 0x0, 0x0, 0x0, {}, [@TCA_STAB={0xb4, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x5}}, {0xe, 0x2, [0x0, 0x3, 0x0, 0x0, 0x0]}}, {{0x1c, 0x1, {0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0xef52}}, {0x4}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0xfffffffc}}, {0x4}}, {{0x1c}, {0x4}}]}]}, 0xd8}}, 0x20040811)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

3.827065622s ago: executing program 7 (id=1858):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a300000000008"], 0xe8}}, 0x0)

3.740127269s ago: executing program 6 (id=1859):
setuid(0xee01)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x15, 0x0)

3.237895024s ago: executing program 7 (id=1860):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x0, &(0x7f0000000080)})
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r0, &(0x7f0000000700), 0x0, 0x0, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x4000)
recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104)

3.09407893s ago: executing program 8 (id=1861):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000180)=0x6, 0x4)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000140)=0x400030, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f00000003c0)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

2.760012752s ago: executing program 8 (id=1862):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00'}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x4004890)
socketpair(0x27, 0x5, 0x2, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
sendmsg$nl_route(r1, 0x0, 0x800)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, 0x0)
bind$l2tp6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x20)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x20)
pipe(&(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfc65, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r6}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00', r7}, 0x18)
ioctl$TUNSETOFFLOAD(r4, 0x5421, 0x110e22fff7)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)

2.759916794s ago: executing program 2 (id=1863):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_tables_matches\x00')
read(r0, &(0x7f00000000c0)=""/181, 0xb5)

2.654399787s ago: executing program 6 (id=1864):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x40, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000080)={0x1, 0x1bc})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.324589199s ago: executing program 8 (id=1865):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000070200e2f7ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[], 0x2c}}, 0x0)

2.059664021s ago: executing program 7 (id=1866):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x7fff)
syz_emit_ethernet(0x4e, &(0x7f0000000280)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0b0e00", 0x18, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@eol]}}}}}}}}, 0x0)
syz_emit_ethernet(0x8e, &(0x7f0000000140)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7b9628", 0x58, 0x6, 0xfe, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x16, 0x4, 0x0, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x8, 0xf989, "457f02b4"}, @timestamp={0x8, 0xa, 0x6, 0x1}, @generic={0x2, 0x2}, @exp_fastopen={0xfe, 0xe, 0xf989, "be1f9452baf63c86e529"}, @fastopen={0x22, 0xd, "0fa8dafab9b3eb3a979917"}, @sack={0x5, 0x12, [0x1ff, 0x5, 0x7, 0x1ff]}]}}}}}}}}, 0x0)

1.635906479s ago: executing program 8 (id=1867):
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$netlink(0x10, 0x3, 0xf)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000c000500ff000000000000000c0002000000000000000000040007800c000800000000000000000008000a00000000004400078008000100", @ANYRES32, @ANYRES32=r2, @ANYRES32, @ANYBLOB="08000100", @ANYRES32], 0x90}}, 0x0)

1.61022885s ago: executing program 7 (id=1868):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x101c08a, &(0x7f0000000a00)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c6e6f6e756d7461696c3d302c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c757466383d302c756e695f786c6174653d312c756e695f786c6174653d302c666c7573682c757466383d302c726f6469722c747a3d5554432c00e696e27e745267d0e7f7d60cf64c4d116172285e0a94b37c3f04b4e454913b1615b6c103a4be033c3f79c81a7a0dc9f3282eb2b984b8df829f11f7b15ceaa2ddb341548691e92d41d923144fa5f6aa8b37c7698e74a04d87cb16f3c338160646d1719f9aa1097cb78032fa4c9c60c14840662537510c0ac9f95a646f5231c0c9eb096b898803099b3050797137354ed2fb2a3dd97ad790f0758b4561eb7180b4b366c9ac840ca3d57727827ab961af0bb24ac6b14796d3bedfa4addb1c2f59217a563ca0a3729d45669905a6f0f3dbf3fd22ab36dfe7cf80913ecb4656ca"], 0x6, 0x2c8, &(0x7f0000002500)="$eJzs3b+LHHUUAPA3d7O74w/YLaxEcEALq5BLa7NBEhCvMmyhFnqYBOR2ERI48AeOqcTOxtK/QBD8H2xt7CwF/wA7IwRGZnbmdtZM9u7k9sTc59PkZb7vzffN7HA3V9y7D15aHN7O4+6Dz3+LLEtiZxrTeJjEJHai9WWsmX4TAMD/2cOyjD/KpZ7lX79+Ql0SEdmWewMAtuOE7/+NdBX+eCFtAQBbdOudd9+6vr9/4+08z+Lm4qujWfWTffXvcv363fgo5nEnrsY4HkXULwqDqN8WqvBmWZZFmlcm8eqiOJpVlYv3f27O/9PzTbAX45jU0fHbRl3/5v6NvXypU19UfTzb7D+t9r8W43jhuHit/lpPfcyG8dornf6vxDh++TA+jnncrptY1X+xl+dvlN/++dl7VXtVfVIczUZ13kq5225eXODnAwAAAAAAAAAAAAAAAAAAAADA0+lKMztnFPX8nupQM39n91H1n0Hkrcn6fJ5lfdKeqDsfqCzLoozv2vk6V/M8L5vEVX0aL6bdwYIAAAAAAAAAAAAAAAAAAABwed3/5NPDg/n8zr1zCdppAGlE/HUr4t+eZ9o58nJsTh41ex7M5ztNuJ6Tdo/EbpuTRGxso7qIc7otJwXPPNZzE3z/Q29VuvbBpdFZyk7edNC/13kG7dN1eJD038PRcc/Z8iGpB0GscoZxyr2GT1oq4yyP37B3aXzmax8+VwfFhpxINjX2+u/LO9ccSf55FcP6rvaWD5qgU76ek53qeY5sWf7414rEtA4AAAAAAAAAAAAAAAAAANiq1W//9iw+2Fi6U4621hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXKjV3/8/Q1A0xadIHsa9+//xJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAJ/B0AAP//eWdglQ==")
mount(0x0, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
creat(&(0x7f00000000c0)='./bus\x00', 0x1b)

1.464376226s ago: executing program 2 (id=1869):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
shutdown(0xffffffffffffffff, 0x1)
openat$ppp(0xffffffffffffff9c, 0x0, 0x1a01, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$binder(&(0x7f0000000000/0x4000)=nil, 0x1fffff, 0x1, 0x11, r1, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @private=0xa010100}, 0x10)

1.439516961s ago: executing program 6 (id=1870):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a300000000008"], 0xe8}}, 0x0)

1.079447421s ago: executing program 8 (id=1871):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000880)=ANY=[@ANYBLOB="5300000007000046009de8"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

598.130623ms ago: executing program 6 (id=1872):
syz_mount_image$hfsplus(&(0x7f0000000180), &(0x7f0000000100)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x2, &(0x7f000000ab80)=ANY=[], 0x91, 0x6cb, &(0x7f0000003b00)="$eJzs3c9rHOf9B/D3rlY/1gFZiR3H3y+BqDGkpaa2ZeG07sVuKcWFUIIL7VnEciwsO66sFCeHWmkLhZ566B+QHNxLe2ophULBkJ7bW2hPoqdAIZecnFA6ZWZnVytlV1rVtiS3r5eYnc88z+wzn/ns/NhdEBvgf9alk2ndTzuXTr5yp1xevze/vH5v/kYnbi4nmUzSTFqdWRo3k8b7ycV0pvxf2VgP1xi2nV8snb/8wcfrH3aWWtkYr3xoD0+wNcperNVTZpOM1fPO6OOjVmLoeK91x9udyY2w0atMWbAT3cLBfitPj2KT7x/b6BmkGOtbGHq+A0+ORue+2adz/s8kh5JMdW9oa53O5t5nuKMRrkU/60VrjzcXAAAAOBAOP7ib3Mn0fucBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT5L69/8b9dTsxrNpdH//f6LvN/Yn9jnd4bbPbKob3G/uRTIAAAAAAAAA8Hi98CC/ulwU093lopHmd8fqhaPV41N5M7ezmJWcyp0sZDWrWclckpm+gSbuLKyurszlxc4zPy2KYsgzzw585tkRE24//D4DAAAAAAAAwH+RC/X8R7mU6X3OBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANmkkY51ZNR3txjNptpJMJZko11tL/tKNn2T39zsBAAAAeFT+9s+iMqDr8IM8yJ1Md5eLRvWZ/1j1uX8qb+ZmVrOU1SxnMVeq7wI6n/qb6/fml9fvzd8op8+O+157I/7t9I4ZViOm893D4C0fr9Zo52qWqpZTeS1vZDlX0qyeWTrezWdwXu98VI59oaMoMjlK7a7U83LPf17PD4aZqiLjvYqcKXNrdOr49PaV+NpHD7WluTR73/wc3UXNL2y7lca/ukfooW5L8tS3dq75+K525qFsrcTZvqPv2PaVSD7/u19/79ryzevXGmsnD85hNMgLg5sn/75xDZmpz9hUXwYuZr6vEs+NXImrtw94JYZqbVpq5tlefCnfzHdyMrN5NStZyg+ykNUsZjbfqKKF+nguH2e2r9TFTUuv7pTTRP26jG3J6XOHO/Ptcnqxeu50lvLtvJErWczL1d/ZzOXLOZdzOd/3Cj87wlnfHHDW/3548ie+UAflneOn9fxgKOv6dF9d+6+5M1Vff0szRX1neeaRXRt7Wv9fB+Ur8eO+c3D/9Soxld5dopvdkW4FxgdW4r3qsnJ7+eb1lWsLt7aM21gbvL2Xsnn3D86FpDxenuldIzYfHWXfkYF9c1Xf0V5fc2vfL9u9vp3O1In6PdxnRzpb9T03sG++6jve11e+35pKsphPi6LovN/qOrLHVQVgZIe+eGii/Y/2n9vvtn/SvtZ+Zerrk1+ZfH4i438a/2rrzNhLzecbv8m7+WF2/oQOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6PZbb19fWF5eXNkSFEVxd0jXYwnSSja1/PEPfetUvzWWZPQBy7UvNpOqpZU62F1id/+z3XlnFyuvpa/lr/VrsicFfyTB1NDjZ2vwSVEUByPnUYKitudbb2bf970b7OtlCdgDp1dv3Dp9+623v7R0Y+H1xdcXb54/d+78mfPnXp4/fXVpeWq/0wMeo+peX73P2e9MAAAAAAAAAAAAgFGN9s85jV5LK8mu/7cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CFcOpnW/TQyd+bUmXJ5/d78cjl14401P0nSTNKYTRrvJxfTmTLTN1xj2HbWkssffLz+YWepVU/V+s2H34u1espskrF6PsDUoMbi7rDxGtU4t4aPN6JGrzJlwU50Cwf77d8BAAD//y6lHHk=")
llistxattr(&(0x7f0000000140)='./file1\x00', 0x0, 0x0)

519.008731ms ago: executing program 7 (id=1873):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)

309.454062ms ago: executing program 8 (id=1874):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$AUDIT_USER_TTY(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4010)

0s ago: executing program 2 (id=1875):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x4004890)
socketpair(0x27, 0x5, 0x2, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
sendmsg$nl_route(r1, 0x0, 0x800)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, 0x0)
bind$l2tp6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x20)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x20)
pipe(&(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfc65, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r6}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00', r7}, 0x18)
ioctl$TUNSETOFFLOAD(r4, 0x5421, 0x110e22fff7)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

fsck is recommended
[  477.076440][ T8408] EXT4-fs warning (device loop4): dx_probe:869: inode #2: comm syz.4.932: Unimplemented hash flags: 0x0001
[  477.088718][ T8408] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.932: Corrupt directory, running e2fsck is recommended
[  477.159064][ T8399] EXT4-fs warning (device loop4): dx_probe:869: inode #2: comm syz.4.932: Unimplemented hash flags: 0x0001
[  477.171329][ T8399] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.932: Corrupt directory, running e2fsck is recommended
[  477.255258][ T8408] EXT4-fs warning (device loop4): dx_probe:869: inode #2: comm syz.4.932: Unimplemented hash flags: 0x0001
[  477.267897][ T8408] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.932: Corrupt directory, running e2fsck is recommended
[  477.300232][ T8399] EXT4-fs warning (device loop4): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed
[  477.649210][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  478.019212][ T8424] netlink: 4 bytes leftover after parsing attributes in process `syz.4.941'.
[  478.205029][   T29] audit: type=1326 audit(1731538890.069:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8421 comm="syz.5.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb0697e719 code=0x7ffc0000
[  478.285856][   T29] audit: type=1326 audit(1731538890.109:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8421 comm="syz.5.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ffb0697e719 code=0x7ffc0000
[  478.308818][   T29] audit: type=1326 audit(1731538890.109:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8421 comm="syz.5.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffb0697e753 code=0x7ffc0000
[  478.331515][   T29] audit: type=1326 audit(1731538890.119:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8421 comm="syz.5.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ffb0697d1ff code=0x7ffc0000
[  478.524415][ T8422] loop5: detected capacity change from 0 to 512
[  478.536571][   T29] audit: type=1326 audit(1731538890.379:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8421 comm="syz.5.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7ffb0697e7a7 code=0x7ffc0000
[  478.560218][   T29] audit: type=1326 audit(1731538890.389:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8421 comm="syz.5.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffb0697d0b0 code=0x7ffc0000
[  478.588815][   T29] audit: type=1326 audit(1731538890.389:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8421 comm="syz.5.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffb0697e31b code=0x7ffc0000
[  478.613362][   T29] audit: type=1326 audit(1731538890.459:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8421 comm="syz.5.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ffb0697d3aa code=0x7ffc0000
[  478.636066][   T29] audit: type=1326 audit(1731538890.459:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8421 comm="syz.5.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ffb0697d3aa code=0x7ffc0000
[  478.658642][   T29] audit: type=1326 audit(1731538890.459:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8421 comm="syz.5.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7ffb0697cfb7 code=0x7ffc0000
[  478.740368][ T8422] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #2: comm syz.5.942: corrupted xattr block 255: invalid header
[  478.835255][ T8422] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  478.848080][ T8422] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  478.862872][ T8422] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #2: comm syz.5.942: corrupted xattr block 255: invalid header
[  479.058024][ T7962] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.465789][ T8469] loop3: detected capacity change from 0 to 512
[  480.548222][ T8469] EXT4-fs (loop3): blocks per group (71) and clusters per group (20800) inconsistent
[  481.819097][ T8493] geneve2: entered promiscuous mode
[  481.824639][ T8493] geneve2: entered allmulticast mode
[  482.165847][ T3051] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  482.446139][ T3051] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  482.459971][ T3051] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  482.470805][ T3051] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  482.551586][ T3051] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  482.563122][ T3051] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.572256][ T3051] usb 1-1: Product: syz
[  482.577009][ T3051] usb 1-1: Manufacturer: syz
[  482.581915][ T3051] usb 1-1: SerialNumber: syz
[  483.178361][ T8512] loop3: detected capacity change from 0 to 512
[  483.317702][ T8512] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent
[  483.603972][ T8522] netlink: 4 bytes leftover after parsing attributes in process `syz.5.982'.
[  483.833773][ T3051] cdc_ncm 1-1:1.0: bind() failure
[  483.876200][ T3051] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[  483.922416][ T3051] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[  483.937990][ T3051] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[  483.956451][ T3051] usb 1-1: USB disconnect, device number 3
[  484.623553][ T8530] loop2: detected capacity change from 0 to 2048
[  484.672880][ T8533] loop5: detected capacity change from 0 to 128
[  484.942324][ T8541] syz.4.989 uses obsolete (PF_INET,SOCK_PACKET)
[  484.994656][ T8530] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  485.463239][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.772772][ T8556] 9pnet_fd: Insufficient options for proto=fd
[  486.382206][ T8566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1002'.
[  486.392012][ T8566] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1002'.
[  486.402138][ T8566] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1002'.
[  486.754717][ T8574] loop5: detected capacity change from 0 to 128
[  486.770339][ T8574] vfat: Unknown parameter '0x0000000000000000'
[  487.020936][ T8577] loop2: detected capacity change from 0 to 512
[  487.035206][ T8577] EXT4-fs: Ignoring removed i_version option
[  487.044439][ T8577] EXT4-fs: Ignoring removed nobh option
[  487.098058][ T8577] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  487.139171][ T8578] loop5: detected capacity change from 0 to 256
[  487.192317][ T8578] exfat: Unknown parameter '��S�h_�&�a���^��@RY���cayr��FzQ>P߁��*ٹ�V��8��d|�C��p�I��7�7�"�T�U��T��CH{W��.H K;�^�j�_�]�7�5�q�Y�b�Y���F'
[  487.227646][ T8577] EXT4-fs (loop2): 1 truncate cleaned up
[  487.237496][ T8577] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  487.381081][ T8574] loop5: detected capacity change from 0 to 512
[  487.456563][ T3051] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  487.672595][ T3051] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  487.684191][ T3051] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.771476][ T3051] usb 1-1: config 0 descriptor??
[  487.820947][ T8591] 9pnet_fd: Insufficient options for proto=fd
[  487.919175][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.052183][ T3051] [drm] vendor descriptor length:6 data:06 5f 01 03 00 00 00 00 00 00 00
[  488.061399][ T3051] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  488.253251][ T3051] [drm:udl_init] *ERROR* Selecting channel failed
[  488.285620][ T3051] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2
[  488.295292][ T3051] [drm] Initialized udl on minor 2
[  488.303713][ T3051] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  488.313310][ T3051] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  488.324739][ T5847] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  488.334700][ T5847] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  488.343546][ T5847] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  488.351261][ T3051] usb 1-1: USB disconnect, device number 4
[  488.366745][ T5840] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  488.450359][ T8599] loop4: detected capacity change from 0 to 8
[  488.514513][ T8599] SQUASHFS error: Failed to read block 0x4e8: -5
[  488.527109][ T8599] SQUASHFS error: Failed to read block 0x4de: -5
[  488.534307][ T8599] SQUASHFS error: Failed to read block 0x4de: -5
[  488.542988][ T8599] SQUASHFS error: Failed to read block 0x4de: -5
[  488.551625][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  488.551706][   T29] audit: type=1800 audit(1731538900.419:469): pid=8599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1015" name="file1" dev="loop4" ino=5 res=0 errno=0
[  488.627856][ T5840] usb 6-1: Using ep0 maxpacket: 32
[  488.826899][ T5840] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  488.838662][ T5840] usb 6-1: New USB device found, idVendor=056a, idProduct=00c2, bcdDevice= 0.00
[  488.850271][ T5840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  488.898339][ T5840] usb 6-1: config 0 descriptor??
[  488.922862][ T8604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1017'.
[  488.932925][ T8604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1017'.
[  488.942289][ T8604] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1017'.
[  489.342968][ T5840] wacom 0003:056A:00C2.0002: unbalanced collection at end of report description
[  489.398209][ T5840] wacom 0003:056A:00C2.0002: parse failed
[  489.404991][ T5840] wacom 0003:056A:00C2.0002: probe with driver wacom failed with error -22
[  489.554172][ T8614] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1023'.
[  489.690659][ T5840] usb 6-1: USB disconnect, device number 2
[  490.057825][ T8623] 9pnet_fd: Insufficient options for proto=fd
[  490.559331][ T8633] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1030'.
[  490.758804][ T8638] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  491.036300][   T29] audit: type=1326 audit(1731538902.889:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8637 comm="syz.5.1032" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffb0697e719 code=0x0
[  491.853691][ T8653] loop4: detected capacity change from 0 to 1024
[  491.867468][ T8653] EXT4-fs: Ignoring removed orlov option
[  492.058434][ T8653] EXT4-fs (loop4): Test dummy encryption mode enabled
[  492.173234][ T8653] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  492.182301][ T8660] loop3: detected capacity change from 0 to 1024
[  492.250939][ T8655] 9pnet_fd: Insufficient options for proto=fd
[  492.854811][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.014184][ T8678] loop2: detected capacity change from 0 to 1024
[  493.027815][ T1936] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  493.240169][ T1936] usb 6-1: Using ep0 maxpacket: 32
[  493.584405][ T1936] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  493.639011][ T1936] usb 6-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  493.648692][ T1936] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  493.657173][ T1936] usb 6-1: Product: syz
[  493.661653][ T1936] usb 6-1: Manufacturer: syz
[  493.666768][ T1936] usb 6-1: SerialNumber: syz
[  493.730824][ T1936] usb 6-1: config 0 descriptor??
[  493.741690][ T8668] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  493.779334][ T1936] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  494.031275][ T8691] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  494.095838][ T8692] 9pnet_fd: Insufficient options for proto=fd
[  494.311774][   T29] audit: type=1326 audit(1731538906.179:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8689 comm="syz.0.1054" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f496457e719 code=0x0
[  494.461628][ T8699] loop4: detected capacity change from 0 to 1024
[  494.487748][ T3051] usb 6-1: USB disconnect, device number 3
[  494.501960][ T8699] EXT4-fs: Ignoring removed nobh option
[  494.508490][ T8699] EXT4-fs: Ignoring removed orlov option
[  494.609934][ T8699] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  494.984942][ T8708] ALSA: seq fatal error: cannot create timer (-22)
[  495.011821][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.317445][ T8713] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1061'.
[  495.896168][ T8719] loop0: detected capacity change from 0 to 128
[  496.017109][ T8719] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  496.126822][ T8719] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  496.369464][   T29] audit: type=1800 audit(1731538908.199:472): pid=8719 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1064" name="bus" dev="loop0" ino=115 res=0 errno=0
[  497.434264][ T8744] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  497.584845][   T29] audit: type=1326 audit(1731538909.449:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8743 comm="syz.0.1074" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f496457e719 code=0x0
[  497.692034][ T8742] loop5: detected capacity change from 0 to 2048
[  497.700868][ T3051] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  497.783340][ T8748] loop2: detected capacity change from 0 to 512
[  497.837145][ T8742] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  497.845786][ T8748] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  497.867599][ T8748] EXT4-fs error (device loop2): ext4_orphan_get:1414: comm syz.2.1076: bad orphan inode 15
[  497.895631][ T8748] ext4_test_bit(bit=14, block=4) = 1
[  497.901493][ T8748] is_bad_inode(inode)=0
[  497.906089][ T8748] NEXT_ORPHAN(inode)=0
[  497.910403][ T8748] max_ino=32
[  497.913820][ T8748] i_nlink=1
[  497.922238][ T8748] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  497.960040][ T3051] usb 5-1: Using ep0 maxpacket: 32
[  498.035972][ T3051] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  498.072239][ T3051] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  498.082196][ T3051] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.087938][ T8748] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #2: block 4: comm syz.2.1076: lblock 0 mapped to illegal pblock 4 (length 1)
[  498.090725][ T3051] usb 5-1: Product: syz
[  498.109611][ T3051] usb 5-1: Manufacturer: syz
[  498.114508][ T3051] usb 5-1: SerialNumber: syz
[  498.247706][ T7962] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  498.330911][ T3051] usb 5-1: config 0 descriptor??
[  498.341535][ T8732] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  498.397283][ T3051] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  498.435949][ T8757] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1077'.
[  498.482329][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  498.836911][ T8763] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  499.332687][ T3051] usb 5-1: USB disconnect, device number 2
[  499.738960][ T8778] loop2: detected capacity change from 0 to 512
[  499.995779][ T8778] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  500.047607][ T8785] loop5: detected capacity change from 0 to 256
[  500.152855][ T8785] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[  500.183592][ T8789] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  500.344782][   T29] audit: type=1326 audit(1731538912.179:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8788 comm="syz.4.1090" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2098b7e719 code=0x0
[  500.437100][   T29] audit: type=1800 audit(1731538912.309:475): pid=8792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1088" name="file0" dev="loop5" ino=1048653 res=0 errno=0
[  500.903423][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.125235][ T8797] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  501.513401][ T8805] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1095'.
[  501.620930][ T8806] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1094'.
[  503.084100][ T3051] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  503.248090][ T8829] loop2: detected capacity change from 0 to 256
[  503.261139][ T3051] usb 5-1: Using ep0 maxpacket: 32
[  503.299660][ T3051] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  503.363595][ T3051] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  503.373411][ T3051] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.381927][ T3051] usb 5-1: Product: syz
[  503.386560][ T3051] usb 5-1: Manufacturer: syz
[  503.391543][ T3051] usb 5-1: SerialNumber: syz
[  503.410572][ T8831] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1106'.
[  503.433805][ T3051] usb 5-1: config 0 descriptor??
[  503.445707][ T8825] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  503.508253][ T3051] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  504.139457][ T8841] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  504.301485][ T1936] usb 5-1: USB disconnect, device number 3
[  504.625654][ T3051] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  504.797102][ T3051] usb 1-1: Using ep0 maxpacket: 32
[  504.814957][ T3051] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  504.827010][ T3051] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  504.838732][ T3051] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  504.848829][ T3051] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.934856][ T8850] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1112'.
[  505.024958][ T3051] usb 1-1: config 0 descriptor??
[  505.047980][ T8846] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  505.138425][ T3051] hub 1-1:0.0: USB hub found
[  505.325890][ T3051] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  505.826083][ T3051] hid-generic 0003:046D:C314.0003: unknown main item tag 0x0
[  505.887356][ T3051] hid-generic 0003:046D:C314.0003: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.0-1/input0
[  505.969186][ T3051] usb 1-1: USB disconnect, device number 5
[  506.118841][ T8857] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1115'.
[  506.288107][ T8863] loop2: detected capacity change from 0 to 1024
[  507.274469][ T8871] loop2: detected capacity change from 0 to 256
[  507.329632][ T3051] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  507.817971][ T8882] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  507.981551][ T8871] FAT-fs (loop2): Directory bread(block 64) failed
[  507.989584][ T8871] FAT-fs (loop2): Directory bread(block 65) failed
[  507.997063][ T8871] FAT-fs (loop2): Directory bread(block 66) failed
[  508.003932][ T8871] FAT-fs (loop2): Directory bread(block 67) failed
[  508.011095][ T8871] FAT-fs (loop2): Directory bread(block 68) failed
[  508.018286][ T8871] FAT-fs (loop2): Directory bread(block 69) failed
[  508.025435][ T8871] FAT-fs (loop2): Directory bread(block 70) failed
[  508.032269][ T8871] FAT-fs (loop2): Directory bread(block 71) failed
[  508.039541][ T8871] FAT-fs (loop2): Directory bread(block 72) failed
[  508.046518][ T8871] FAT-fs (loop2): Directory bread(block 73) failed
[  508.073232][ T1936] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  508.146337][ T8886] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1127'.
[  508.181700][   T29] audit: type=1800 audit(1731538920.049:476): pid=8871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1119" name="bus" dev="loop2" ino=1048656 res=0 errno=0
[  508.215720][ T8871] syz.2.1119: attempt to access beyond end of device
[  508.215720][ T8871] loop2: rw=2049, sector=1224, nr_sectors = 32 limit=256
[  508.243949][ T8871] syz.2.1119: attempt to access beyond end of device
[  508.243949][ T8871] loop2: rw=2049, sector=1288, nr_sectors = 96 limit=256
[  508.326202][ T1936] usb 5-1: Using ep0 maxpacket: 32
[  508.347664][ T1936] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  508.389683][ T1936] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  508.399916][ T1936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.408493][ T1936] usb 5-1: Product: syz
[  508.412979][ T1936] usb 5-1: Manufacturer: syz
[  508.418054][ T1936] usb 5-1: SerialNumber: syz
[  508.428283][ T1936] usb 5-1: config 0 descriptor??
[  508.440873][ T8877] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  508.489426][ T1936] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  509.066025][ T8877] loop4: detected capacity change from 0 to 256
[  509.270096][ T8898] bridge0: port 3(gretap0) entered blocking state
[  509.277762][ T8898] bridge0: port 3(gretap0) entered disabled state
[  509.289501][ T8898] gretap0: entered allmulticast mode
[  509.300147][ T8898] gretap0: entered promiscuous mode
[  509.308411][ T8898] bridge0: port 3(gretap0) entered blocking state
[  509.315732][ T8898] bridge0: port 3(gretap0) entered forwarding state
[  509.483204][   T29] audit: type=1326 audit(1731538921.349:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1130" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x0
[  509.946043][ T3051] usb 5-1: USB disconnect, device number 4
[  510.768091][ T8920] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  511.077169][ T8926] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1141'.
[  511.233284][ T8929] loop0: detected capacity change from 0 to 16
[  511.292250][ T8929] erofs: (device loop0): erofs_read_inode: unsupported chunk format ffff of nid 36
[  511.327188][ T8929] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1143'.
[  511.355663][ T8929] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1143'.
[  511.364985][ T8929] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  512.600547][ T8937] loop4: detected capacity change from 0 to 2048
[  512.697092][ T8937] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  512.710141][ T8937] ext4 filesystem being mounted at /235/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  512.781883][ T8952] loop0: detected capacity change from 0 to 512
[  512.805874][ T8952] EXT4-fs (loop0): blocks per group (95) and clusters per group (32768) inconsistent
[  512.887161][ T3051] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  513.065690][ T3051] usb 6-1: Using ep0 maxpacket: 32
[  513.098329][ T3051] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  513.150926][ T3051] usb 6-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  513.160792][ T3051] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.169268][ T3051] usb 6-1: Product: syz
[  513.173770][ T3051] usb 6-1: Manufacturer: syz
[  513.180278][ T3051] usb 6-1: SerialNumber: syz
[  513.244409][ T3051] usb 6-1: config 0 descriptor??
[  513.253981][ T8944] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  513.308011][ T3051] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  513.338315][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  513.932681][ T8970] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1158'.
[  514.235080][ T3051] usb 6-1: USB disconnect, device number 4
[  514.874491][ T8980] cgroup: release_agent respecified
[  515.801783][ T8996] loop3: detected capacity change from 0 to 1024
[  515.862654][ T8996] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  515.926878][ T8999] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  516.116917][ T9002] usb usb7: usbfs: process 9002 (syz.0.1171) did not claim interface 0 before use
[  516.286459][   T29] audit: type=1326 audit(1731538928.149:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8998 comm="syz.0.1171" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f496457e719 code=0x0
[  516.928386][ T9019] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1175'.
[  517.165909][ T1936] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  517.176077][ T3051] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  517.366936][ T3051] usb 3-1: Using ep0 maxpacket: 32
[  517.387241][ T1936] usb 5-1: too many configurations: 65, using maximum allowed: 8
[  517.395130][ T3051] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  517.410592][ T3051] usb 3-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  517.420840][ T3051] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.429856][ T3051] usb 3-1: Product: syz
[  517.434338][ T3051] usb 3-1: Manufacturer: syz
[  517.439504][ T3051] usb 3-1: SerialNumber: syz
[  517.475157][ T3051] usb 3-1: config 0 descriptor??
[  517.487486][ T9017] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  517.506220][ T1936] usb 5-1: config 0 has no interfaces?
[  517.514443][ T3051] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  517.530285][ T1936] usb 5-1: config 0 has no interfaces?
[  517.558888][ T1936] usb 5-1: config 0 has no interfaces?
[  517.592382][ T1936] usb 5-1: config 0 has no interfaces?
[  517.623022][ T1936] usb 5-1: config 0 has no interfaces?
[  517.656148][ T1936] usb 5-1: config 0 has no interfaces?
[  517.688610][ T1936] usb 5-1: config 0 has no interfaces?
[  517.700966][ T1936] usb 5-1: config 0 has no interfaces?
[  517.706974][ T1936] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  517.716708][ T1936] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.778502][ T1936] usb 5-1: config 0 descriptor??
[  518.041211][ T9013] loop2: detected capacity change from 0 to 256
[  518.878069][ T9021] loop4: detected capacity change from 0 to 1024
[  518.938188][ T9021] EXT4-fs: Ignoring removed orlov option
[  518.944297][ T9021] EXT4-fs: Ignoring removed nomblk_io_submit option
[  519.067839][ T1936] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  519.329522][ T9021] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  519.344743][ T1936] usb 6-1: Using ep0 maxpacket: 16
[  519.366374][ T1936] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  519.377353][ T1936] usb 6-1: config 0 interface 0 has no altsetting 0
[  519.384407][ T1936] usb 6-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  519.394060][ T1936] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.426755][ T5840] usb 3-1: USB disconnect, device number 4
[  519.438857][ T1936] usb 6-1: config 0 descriptor??
[  520.045958][ T1936] usbhid 6-1:0.0: can't add hid device: -71
[  520.053526][ T1936] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  520.112058][ T1936] usb 6-1: USB disconnect, device number 5
[  520.496772][ T9045] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.037876][ T1936] usb 5-1: USB disconnect, device number 5
[  521.208329][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  522.312019][ T9066] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1192'.
[  522.328359][ T9064] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  522.616521][ T9067] usb usb7: usbfs: process 9067 (syz.2.1190) did not claim interface 0 before use
[  522.665116][    C0] hrtimer: interrupt took 261865 ns
[  522.731260][   T29] audit: type=1326 audit(1731538934.599:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9062 comm="syz.2.1190" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x0
[  523.663485][ T9075] loop3: detected capacity change from 0 to 2048
[  524.021125][ T9075] loop3: detected capacity change from 0 to 4096
[  524.143461][ T9087] loop0: detected capacity change from 0 to 1024
[  524.295586][ T9075] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.542821][ T9075] EXT4-fs: Ignoring removed nomblk_io_submit option
[  524.550828][ T9075] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  524.560989][ T9075] EXT4-fs: Cannot change quota options when quota turned on
[  524.561126][ T9099] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1207'.
[  525.253173][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.290586][ T9108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1208'.
[  525.458767][ T9112] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  525.733595][ T9116] usb usb7: usbfs: process 9116 (syz.4.1213) did not claim interface 0 before use
[  525.899141][   T29] audit: type=1326 audit(1731538937.759:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.4.1213" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2098b7e719 code=0x0
[  526.820140][ T9132] loop0: detected capacity change from 0 to 128
[  527.049296][ T9132] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  527.123733][ T9132] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  527.469521][ T9140] loop3: detected capacity change from 0 to 2048
[  527.589009][ T9140] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  527.812497][   T52] Bluetooth: hci3: command tx timeout
[  527.985910][ T9156] loop0: detected capacity change from 0 to 128
[  528.002609][ T9156] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  528.064288][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.124549][ T9156] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  528.305822][ T9159] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1231'.
[  528.343177][ T9159] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1231'.
[  528.352457][ T9159] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  528.726004][ T9166] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  529.073045][   T29] audit: type=1326 audit(1731538940.929:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9165 comm="syz.5.1233" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffb0697e719 code=0x0
[  529.250582][ T9174] loop3: detected capacity change from 0 to 512
[  529.322168][ T9174] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  529.372971][ T9174] EXT4-fs (loop3): invalid journal inode
[  529.379338][ T9174] EXT4-fs (loop3): can't get journal size
[  529.486253][ T9174] EXT4-fs (loop3): 1 truncate cleaned up
[  529.494186][ T9174] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  530.021149][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  530.773429][ T9204] loop0: detected capacity change from 0 to 256
[  530.831509][ T9204] FAT-fs (loop0): bogus logical sector size 2053
[  530.838678][ T9204] FAT-fs (loop0): Can't find a valid FAT filesystem
[  531.232784][ T9212] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  531.531300][   T29] audit: type=1326 audit(1731538943.399:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9211 comm="syz.5.1253" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffb0697e719 code=0x0
[  531.720546][ T9223] loop4: detected capacity change from 0 to 256
[  531.798152][ T9218] loop3: detected capacity change from 0 to 2048
[  531.929972][ T9218] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  532.999948][ T9238] loop3: detected capacity change from 0 to 1024
[  533.839646][ T9260] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1272'.
[  534.037635][ T9263] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  534.349461][   T29] audit: type=1326 audit(1731538946.219:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9262 comm="syz.4.1274" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2098b7e719 code=0x0
[  534.971795][ T9283] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1281'.
[  535.144907][ T9287] loop3: detected capacity change from 0 to 512
[  535.155898][ T9287] ext4: Unknown parameter 'noacl'
[  536.325121][ T9312] loop0: detected capacity change from 0 to 1024
[  536.543018][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  536.550201][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  536.867965][ T9318] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  537.203423][   T29] audit: type=1326 audit(1731538949.069:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9316 comm="syz.3.1295" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01db77e719 code=0x0
[  537.318678][ T5840] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  537.507686][ T5840] usb 6-1: Using ep0 maxpacket: 32
[  537.538061][ T5840] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  537.551752][ T5840] usb 6-1: config 0 has no interface number 0
[  537.588126][ T5840] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  537.598072][ T5840] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  537.606648][ T5840] usb 6-1: Product: syz
[  537.611108][ T5840] usb 6-1: Manufacturer: syz
[  537.616327][ T5840] usb 6-1: SerialNumber: syz
[  537.632933][ T5840] usb 6-1: config 0 descriptor??
[  537.647094][ T5840] smsc95xx v2.0.0
[  537.880769][ T9309] loop2: detected capacity change from 0 to 8192
[  538.653292][ T9334] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1300'.
[  538.663044][ T9334] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1300'.
[  538.734678][ T5840] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  538.746508][ T5840] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  538.780275][ T5840] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  538.794470][ T5840] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71
[  538.827911][ T5840] usb 6-1: USB disconnect, device number 6
[  539.096349][ T9345] loop2: detected capacity change from 0 to 8
[  539.747188][ T9358] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  540.159428][   T29] audit: type=1326 audit(1731538951.959:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9356 comm="syz.2.1311" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x0
[  540.704984][ T9366] loop0: detected capacity change from 0 to 164
[  542.503440][ T9377] loop4: detected capacity change from 0 to 256
[  542.514414][ T9376] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1317'.
[  542.524486][ T9376] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1317'.
[  544.109849][ T9388] cgroup: Unknown subsys name 'cpuset'
[  545.954042][ T9398] loop0: detected capacity change from 0 to 164
[  546.940460][ T9406] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  547.381306][   T29] audit: type=1326 audit(1731538959.229:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9405 comm="syz.4.1327" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2098b7e719 code=0x0
[  547.876867][ T3051] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  548.116022][ T3051] usb 3-1: Using ep0 maxpacket: 16
[  548.187036][ T3051] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  548.199528][ T3051] usb 3-1: config 0 has no interfaces?
[  548.355640][ T3051] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  548.365263][ T3051] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  548.374006][ T3051] usb 3-1: Product: syz
[  548.378718][ T3051] usb 3-1: Manufacturer: syz
[  548.383673][ T3051] usb 3-1: SerialNumber: syz
[  548.558403][ T3051] usb 3-1: config 0 descriptor??
[  548.746511][ T9415] loop3: detected capacity change from 0 to 512
[  548.781960][ T3051] usb 3-1: USB disconnect, device number 5
[  548.872270][ T9415] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.1332: Invalid inode bitmap blk 4 in block_group 0
[  548.945937][ T9415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  549.025845][ T9423] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1333'.
[  549.035643][ T9423] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1333'.
[  549.058281][ T9415] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.1332: Invalid inode bitmap blk 4 in block_group 0
[  549.100806][ T9415] EXT4-fs error (device loop3) in ext4_free_inode:360: Corrupt filesystem
[  549.379492][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  549.800199][ T9430] loop3: detected capacity change from 0 to 256
[  551.633134][ T9444] loop0: detected capacity change from 0 to 1024
[  551.811729][ T9447] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  552.045080][ T9444] syz.0.1344: attempt to access beyond end of device
[  552.045080][ T9444] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  552.059469][ T9444] Buffer I/O error on dev loop0, logical block 2889, async page read
[  552.068043][ T9444] syz.0.1344: attempt to access beyond end of device
[  552.068043][ T9444] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  552.081907][ T9444] Buffer I/O error on dev loop0, logical block 2889, async page read
[  552.098630][   T29] audit: type=1800 audit(1731538963.969:487): pid=9444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1344" name="file1" dev="loop0" ino=20 res=0 errno=0
[  552.371875][   T29] audit: type=1326 audit(1731538964.239:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9446 comm="syz.3.1343" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01db77e719 code=0x0
[  552.548972][ T9444] syz.0.1344: attempt to access beyond end of device
[  552.548972][ T9444] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  553.118313][ T9454] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1346'.
[  553.128051][ T9454] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1346'.
[  554.025008][ T9469] loop0: detected capacity change from 0 to 128
[  554.115235][ T9469] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  554.265219][ T9469] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  554.415653][ T3051] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  554.705926][ T3051] usb 5-1: unable to get BOS descriptor or descriptor too short
[  554.720208][ T3051] usb 5-1: config 2 has an invalid interface number: 246 but max is 0
[  554.729176][ T3051] usb 5-1: config 2 has no interface number 0
[  554.735769][ T3051] usb 5-1: config 2 interface 246 altsetting 3 bulk endpoint 0xA has invalid maxpacket 8
[  554.746127][ T3051] usb 5-1: config 2 interface 246 has no altsetting 0
[  554.986117][ T3051] usb 5-1: New USB device found, idVendor=4f3b, idProduct=0c73, bcdDevice=8f.81
[  554.996038][ T3051] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.004367][ T3051] usb 5-1: Product: syz
[  555.008968][ T3051] usb 5-1: Manufacturer: syz
[  555.013867][ T3051] usb 5-1: SerialNumber: syz
[  555.076603][ T9468] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  555.316841][ T3051] usb-storage 5-1:2.246: USB Mass Storage device detected
[  555.401599][ T9483] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  555.410813][ T3051] usb 5-1: USB disconnect, device number 6
[  555.747538][ T9487] loop0: detected capacity change from 0 to 256
[  555.851577][ T9487] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  555.945622][ T9489] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  556.257966][   T29] audit: type=1326 audit(1731538968.119:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9488 comm="syz.3.1361" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01db77e719 code=0x0
[  556.539340][ T9496] loop0: detected capacity change from 0 to 1024
[  556.578035][ T9496] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  556.676008][ T9496] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  556.825232][ T9496] 9pnet: p9_errstr2errno: server reported unknown error 184467440737
[  557.012547][ T9506] loop4: detected capacity change from 0 to 256
[  557.155555][   T29] audit: type=1800 audit(1731538968.999:490): pid=9506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1367" name="bus" dev="loop4" ino=1048659 res=0 errno=0
[  557.269587][ T5788] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.327673][ T9507] netlink: 'syz.2.1366': attribute type 16 has an invalid length.
[  557.338321][ T9507] netlink: 'syz.2.1366': attribute type 3 has an invalid length.
[  557.349028][ T9507] netlink: 64066 bytes leftover after parsing attributes in process `syz.2.1366'.
[  557.507888][ T9506] loop4: detected capacity change from 256 to 0
[  557.761126][ T5803] syz-executor: attempt to access beyond end of device
[  557.761126][ T5803] loop4: rw=0, sector=12, nr_sectors = 4 limit=0
[  557.775520][ T5803] FAT-fs (loop4): Directory bread(block 3) failed
[  557.953658][ T3511] kworker/u8:12: attempt to access beyond end of device
[  557.953658][ T3511] loop4: rw=0, sector=48, nr_sectors = 4 limit=0
[  557.967840][ T3511] FAT-fs (loop4): unable to read inode block for updating (i_pos 770)
[  558.039080][ T5803] syz-executor: attempt to access beyond end of device
[  558.039080][ T5803] loop4: rw=0, sector=0, nr_sectors = 4 limit=0
[  558.052887][ T5803] FAT-fs (loop4): unable to read boot sector to mark fs as dirty
[  558.151244][ T1936] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  558.505723][ T1936] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  558.516031][ T1936] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  558.534613][ T1936] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  558.549856][ T1936] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  558.559836][ T1936] usb 1-1: SerialNumber: syz
[  558.594451][ T9521] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  561.057760][ T5794] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  561.068046][ T5794] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  561.078255][ T5794] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  561.092506][ T5794] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  561.106914][ T5794] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  561.140767][ T9541] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  561.320041][ T1936] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -71
[  561.342291][ T5794] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  561.386610][ T9545] loop3: detected capacity change from 0 to 256
[  561.436146][ T1936] usb 1-1: USB disconnect, device number 7
[  561.439973][ T9547] input: syz1 as /devices/virtual/input/input9
[  561.705088][   T29] audit: type=1800 audit(1731538973.469:491): pid=9545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1383" name="bus" dev="loop3" ino=1048662 res=0 errno=0
[  561.742537][   T29] audit: type=1326 audit(1731538973.609:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9538 comm="syz.2.1381" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x0
[  561.826858][ T9545] loop3: detected capacity change from 256 to 0
[  562.248888][ T9539] chnl_net:caif_netlink_parms(): no params data found
[  562.386711][ T5787] syz-executor: attempt to access beyond end of device
[  562.386711][ T5787] loop3: rw=0, sector=12, nr_sectors = 4 limit=0
[  562.401622][ T5787] FAT-fs (loop3): Directory bread(block 3) failed
[  562.650254][ T3574] kworker/u8:14: attempt to access beyond end of device
[  562.650254][ T3574] loop3: rw=0, sector=48, nr_sectors = 4 limit=0
[  562.664200][ T3574] FAT-fs (loop3): unable to read inode block for updating (i_pos 770)
[  562.747848][ T5787] syz-executor: attempt to access beyond end of device
[  562.747848][ T5787] loop3: rw=0, sector=0, nr_sectors = 4 limit=0
[  562.761560][ T5787] FAT-fs (loop3): unable to read boot sector to mark fs as dirty
[  563.730694][ T9539] bridge0: port 1(bridge_slave_0) entered blocking state
[  563.739191][ T9539] bridge0: port 1(bridge_slave_0) entered disabled state
[  563.747328][ T9539] bridge_slave_0: entered allmulticast mode
[  563.757408][ T9539] bridge_slave_0: entered promiscuous mode
[  563.781215][ T5794] Bluetooth: hci4: command tx timeout
[  563.790403][ T9539] bridge0: port 2(bridge_slave_1) entered blocking state
[  563.798557][ T9539] bridge0: port 2(bridge_slave_1) entered disabled state
[  563.806780][ T9539] bridge_slave_1: entered allmulticast mode
[  563.816448][ T9539] bridge_slave_1: entered promiscuous mode
[  564.189642][ T9539] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  564.299598][ T9539] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  564.537373][   T52] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  564.606053][   T52] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  564.621894][   T52] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  564.654164][   T52] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  564.716456][   T52] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  564.740458][ T9539] team0: Port device team_slave_0 added
[  564.750823][   T52] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  564.759506][ T9539] team0: Port device team_slave_1 added
[  564.884872][ T9539] batman_adv: batadv0: Adding interface: batadv_slave_0
[  564.898921][ T9539] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  564.927344][ T9539] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  565.103544][ T9539] batman_adv: batadv0: Adding interface: batadv_slave_1
[  565.111172][ T9539] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  565.137673][ T9539] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  565.670854][ T9587] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  565.717656][ T9539] hsr_slave_0: entered promiscuous mode
[  565.732384][ T9539] hsr_slave_1: entered promiscuous mode
[  565.744001][ T9539] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  565.752158][ T9539] Cannot create hsr debugfs directory
[  565.795983][ T5794] Bluetooth: hci4: command tx timeout
[  566.084061][   T29] audit: type=1326 audit(1731538977.939:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9586 comm="syz.5.1398" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffb0697e719 code=0x0
[  566.916109][ T5794] Bluetooth: hci1: command tx timeout
[  567.058299][ T9539] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  567.296249][ T9539] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  567.383175][ T9575] chnl_net:caif_netlink_parms(): no params data found
[  567.467340][ T9539] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  567.532179][ T9539] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  567.887522][ T5794] Bluetooth: hci4: command tx timeout
[  568.985998][ T9575] bridge0: port 1(bridge_slave_0) entered blocking state
[  568.993933][ T9575] bridge0: port 1(bridge_slave_0) entered disabled state
[  569.002159][ T9575] bridge_slave_0: entered allmulticast mode
[  569.011782][ T9575] bridge_slave_0: entered promiscuous mode
[  569.057410][ T5794] Bluetooth: hci1: command tx timeout
[  569.274407][ T9622] loop2: detected capacity change from 0 to 256
[  569.287766][ T9575] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.297909][ T9575] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.306127][ T9575] bridge_slave_1: entered allmulticast mode
[  569.320569][ T9575] bridge_slave_1: entered promiscuous mode
[  569.348126][ T9539] 8021q: adding VLAN 0 to HW filter on device bond0
[  569.518682][ T9626] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  569.582840][ T9539] 8021q: adding VLAN 0 to HW filter on device team0
[  569.698522][ T3511] bridge0: port 1(bridge_slave_0) entered blocking state
[  569.706491][ T3511] bridge0: port 1(bridge_slave_0) entered forwarding state
[  569.744407][ T9575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  569.785191][   T29] audit: type=1326 audit(1731538981.649:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9625 comm="syz.0.1411" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f496457e719 code=0x0
[  569.848265][ T3511] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.856166][ T3511] bridge0: port 2(bridge_slave_1) entered forwarding state
[  569.885859][ T9575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  569.956240][ T5794] Bluetooth: hci4: command tx timeout
[  570.278912][ T9575] team0: Port device team_slave_0 added
[  570.394817][ T9575] team0: Port device team_slave_1 added
[  570.702644][ T9575] batman_adv: batadv0: Adding interface: batadv_slave_0
[  570.710083][ T9575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  570.742305][ T9575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  570.949718][ T9575] batman_adv: batadv0: Adding interface: batadv_slave_1
[  570.957138][ T9575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  570.984413][ T9575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  571.077466][ T5794] Bluetooth: hci1: command tx timeout
[  571.266274][ T9575] hsr_slave_0: entered promiscuous mode
[  571.330060][ T9575] hsr_slave_1: entered promiscuous mode
[  571.414321][ T9575] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  571.422814][ T9575] Cannot create hsr debugfs directory
[  571.422953][   T29] audit: type=1326 audit(1731538983.279:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9635 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f496457e719 code=0x7ffc0000
[  571.455624][   T29] audit: type=1326 audit(1731538983.309:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9635 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f496457e719 code=0x7ffc0000
[  571.478809][   T29] audit: type=1326 audit(1731538983.309:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9635 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f496457e719 code=0x7ffc0000
[  571.501730][   T29] audit: type=1326 audit(1731538983.309:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9635 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f496457e719 code=0x7ffc0000
[  571.524632][   T29] audit: type=1326 audit(1731538983.309:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9635 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f496457e719 code=0x7ffc0000
[  571.548806][   T29] audit: type=1326 audit(1731538983.309:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9635 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f496457e719 code=0x7ffc0000
[  571.571945][   T29] audit: type=1326 audit(1731538983.319:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9635 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f496457e719 code=0x7ffc0000
[  571.595015][   T29] audit: type=1326 audit(1731538983.319:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9635 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f496457e719 code=0x7ffc0000
[  571.618003][   T29] audit: type=1326 audit(1731538983.319:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9635 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f496457e719 code=0x7ffc0000
[  572.132707][ T9644] loop0: detected capacity change from 0 to 256
[  572.226433][ T5841] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  572.487094][ T9575] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  572.521224][ T9575] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  572.575031][ T5841] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  572.587851][ T5841] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  572.633654][ T9539] 8021q: adding VLAN 0 to HW filter on device batadv0
[  572.652666][ T5841] usb 3-1: config 0 descriptor??
[  572.667246][ T9575] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  572.720156][ T5841] cp210x 3-1:0.0: cp210x converter detected
[  572.720603][ T9575] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  572.798184][ T9644] loop0: detected capacity change from 256 to 0
[  573.158963][ T5794] Bluetooth: hci1: command tx timeout
[  573.288172][ T9575] 8021q: adding VLAN 0 to HW filter on device bond0
[  573.356103][ T9575] 8021q: adding VLAN 0 to HW filter on device team0
[  573.516047][ T9575] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  573.528140][ T9575] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  573.600068][ T4961] bridge0: port 1(bridge_slave_0) entered blocking state
[  573.607955][ T4961] bridge0: port 1(bridge_slave_0) entered forwarding state
[  573.626446][ T4961] bridge0: port 2(bridge_slave_1) entered blocking state
[  573.634202][ T4961] bridge0: port 2(bridge_slave_1) entered forwarding state
[  573.791744][ T5841] cp210x 3-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  573.839706][ T5788] syz-executor: attempt to access beyond end of device
[  573.839706][ T5788] loop0: rw=0, sector=12, nr_sectors = 4 limit=0
[  573.854780][ T5788] FAT-fs (loop0): Directory bread(block 3) failed
[  574.283305][ T3539] kworker/u8:13: attempt to access beyond end of device
[  574.283305][ T3539] loop0: rw=0, sector=48, nr_sectors = 4 limit=0
[  574.297723][ T3539] FAT-fs (loop0): unable to read inode block for updating (i_pos 770)
[  574.408213][ T5788] syz-executor: attempt to access beyond end of device
[  574.408213][ T5788] loop0: rw=0, sector=0, nr_sectors = 4 limit=0
[  574.428183][ T5788] FAT-fs (loop0): unable to read boot sector to mark fs as dirty
[  574.953514][  T998] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.975848][ T5847] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  575.207235][ T5847] usb 6-1: config 0 has an invalid interface number: 64 but max is 0
[  575.215519][  T998] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.226699][ T5847] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  575.238925][ T5847] usb 6-1: config 0 has no interface number 0
[  575.410145][  T998] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.476186][ T5847] usb 6-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  575.485907][ T5847] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.494300][ T5847] usb 6-1: Product: syz
[  575.499891][ T5847] usb 6-1: Manufacturer: syz
[  575.504782][ T5847] usb 6-1: SerialNumber: syz
[  575.578017][ T5847] usb 6-1: config 0 descriptor??
[  575.831692][ T5847] usb 6-1: Found UVC 0.08 device syz (046d:0823)
[  575.838644][  T998] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.852223][ T5847] usb 6-1: No valid video chain found.
[  576.088582][ T5847] usb 6-1: USB disconnect, device number 7
[  576.161650][ T9575] 8021q: adding VLAN 0 to HW filter on device batadv0
[  576.456855][ T5841] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71
[  576.472663][ T5841] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  576.575657][  T998] bridge_slave_1: left allmulticast mode
[  576.581679][  T998] bridge_slave_1: left promiscuous mode
[  576.588728][  T998] bridge0: port 2(bridge_slave_1) entered disabled state
[  576.635424][ T5841] usb 3-1: cp210x converter now attached to ttyUSB0
[  576.694577][ T5841] usb 3-1: USB disconnect, device number 6
[  576.711202][ T5841] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  576.722446][ T5841] cp210x 3-1:0.0: device disconnected
[  577.927469][  T998] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  577.953758][   T52] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  577.982149][   T52] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  578.000899][   T52] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  578.024729][   T52] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  578.042181][   T52] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  578.058700][   T52] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  578.062989][  T998] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  578.182576][  T998] bond0 (unregistering): Released all slaves
[  578.614720][ T9668] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  578.993879][ T9673] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1423'.
[  579.151397][  T998] hsr_slave_0: left promiscuous mode
[  579.176308][  T998] hsr_slave_1: left promiscuous mode
[  579.198782][  T998] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  579.207099][  T998] batman_adv: batadv0: Removing interface: batadv_slave_0
[  579.248884][  T998] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  579.257760][  T998] batman_adv: batadv0: Removing interface: batadv_slave_1
[  579.346240][  T998] veth1_macvtap: left promiscuous mode
[  579.352089][  T998] veth0_macvtap: left promiscuous mode
[  579.358805][  T998] veth1_vlan: left promiscuous mode
[  579.364347][  T998] veth0_vlan: left promiscuous mode
[  579.777276][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  579.777370][   T29] audit: type=1326 audit(1731538991.639:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9667 comm="syz.2.1422" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x0
[  580.196322][   T52] Bluetooth: hci2: command tx timeout
[  580.290611][  T998] team0 (unregistering): Port device team_slave_1 removed
[  580.408346][  T998] team0 (unregistering): Port device team_slave_0 removed
[  580.920865][ T9539] veth0_vlan: entered promiscuous mode
[  581.135006][ T9539] veth1_vlan: entered promiscuous mode
[  581.487031][ T9665] chnl_net:caif_netlink_parms(): no params data found
[  581.612004][ T9539] veth0_macvtap: entered promiscuous mode
[  581.728067][ T9539] veth1_macvtap: entered promiscuous mode
[  582.027481][ T9539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  582.039754][ T9539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.049930][ T9539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  582.060798][ T9539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.070973][ T9539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  582.081962][ T9539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.093498][ T9539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  582.104847][ T9539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.125573][ T9539] batman_adv: batadv0: Interface activated: batadv_slave_0
[  582.187376][ T9539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  582.201554][ T9539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.212632][ T9539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  582.223935][ T9539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.234120][ T9539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  582.244984][ T9539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.255484][ T9539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  582.266353][ T9539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.282423][ T9539] batman_adv: batadv0: Interface activated: batadv_slave_1
[  582.307202][ T9539] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  582.310170][   T52] Bluetooth: hci2: command tx timeout
[  582.316351][ T9539] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  582.331150][ T9539] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  582.340610][ T9539] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  582.789207][ T9575] veth0_vlan: entered promiscuous mode
[  582.850516][ T9697] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1429'.
[  582.891209][ T9575] veth1_vlan: entered promiscuous mode
[  583.050496][ T9575] veth0_macvtap: entered promiscuous mode
[  583.073806][ T9575] veth1_macvtap: entered promiscuous mode
[  583.176136][ T9575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  583.187050][ T9575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.197593][ T9575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  583.208591][ T9575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.220205][ T9575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  583.231552][ T9575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.244360][ T9575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  583.256421][ T9575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.266716][ T9575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  583.277657][ T9575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.293573][ T9575] batman_adv: batadv0: Interface activated: batadv_slave_0
[  583.548451][ T9698] loop2: detected capacity change from 0 to 512
[  583.862925][ T9665] bridge0: port 1(bridge_slave_0) entered blocking state
[  583.871255][ T9665] bridge0: port 1(bridge_slave_0) entered disabled state
[  583.881775][ T9665] bridge_slave_0: entered allmulticast mode
[  583.891689][ T9665] bridge_slave_0: entered promiscuous mode
[  583.930694][ T9575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  583.947744][ T9575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.960011][ T9575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  583.970912][ T9575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.981145][ T9575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  583.992210][ T9575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  584.002517][ T9575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  584.013400][ T9575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  584.023700][ T9575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  584.034673][ T9575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  584.058628][ T9575] batman_adv: batadv0: Interface activated: batadv_slave_1
[  584.069270][ T9665] bridge0: port 2(bridge_slave_1) entered blocking state
[  584.077504][ T9665] bridge0: port 2(bridge_slave_1) entered disabled state
[  584.085582][ T9665] bridge_slave_1: entered allmulticast mode
[  584.095499][ T9665] bridge_slave_1: entered promiscuous mode
[  584.379206][   T52] Bluetooth: hci2: command tx timeout
[  584.429076][ T9706] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1431'.
[  584.463796][ T9575] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  584.473218][ T9575] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  584.482594][ T9575] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  584.491838][ T9575] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  584.572943][ T9665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  584.620206][ T9698] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  584.634129][ T9698] ext4 filesystem being mounted at /293/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  584.651661][ T9665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  584.892998][ T9665] team0: Port device team_slave_0 added
[  584.921540][ T9665] team0: Port device team_slave_1 added
[  585.212438][ T9665] batman_adv: batadv0: Adding interface: batadv_slave_0
[  585.221079][ T9665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  585.248389][ T9665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  585.342050][ T9665] batman_adv: batadv0: Adding interface: batadv_slave_1
[  585.349763][ T9665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  585.377342][ T9665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  585.951515][ T9665] hsr_slave_0: entered promiscuous mode
[  586.449581][ T9724] fuse: Unknown parameter 'fd<ԁ�B�y԰@����J��JWݢ�Hu�U��c��vv{��$*+E����l��$S	�^ص&r��-O�q���ݖ��]�Vz��W�rp�m0x0000000000000004'
[  586.506981][ T9724] 9pnet_virtio: no channels available for device ./cgroup/file0
[  586.639776][ T9665] hsr_slave_1: entered promiscuous mode
[  587.237525][   T52] Bluetooth: hci2: command tx timeout
[  587.243920][   T52] Bluetooth: hci3: Ignoring error of Inquiry Cancel command
[  588.269662][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  588.399663][ T9735] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  588.943506][ T9665] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  588.994643][ T9665] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  589.034677][ T9665] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  589.074413][ T9665] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  589.153214][   T29] audit: type=1326 audit(1731539001.019:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9734 comm="syz.5.1435" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffb0697e719 code=0x0
[  590.383071][ T9665] 8021q: adding VLAN 0 to HW filter on device bond0
[  590.628579][ T9665] 8021q: adding VLAN 0 to HW filter on device team0
[  590.689882][ T4052] bridge0: port 1(bridge_slave_0) entered blocking state
[  590.690421][ T4052] bridge0: port 1(bridge_slave_0) entered forwarding state
[  590.757798][ T4052] bridge0: port 2(bridge_slave_1) entered blocking state
[  590.758322][ T4052] bridge0: port 2(bridge_slave_1) entered forwarding state
[  591.028208][ T3511] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  591.036645][ T3511] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  591.353966][ T3811] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  591.362389][ T3811] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  592.831923][ T9773] loop6: detected capacity change from 0 to 256
[  593.699330][ T3811] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  594.012058][ T3574] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  594.020517][ T3574] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  594.064938][ T3811] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  594.656774][ T3811] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  594.809141][ T9665] 8021q: adding VLAN 0 to HW filter on device batadv0
[  594.836095][ T4052] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  594.844526][ T4052] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  594.937724][   T29] audit: type=1326 audit(1731539006.729:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9777 comm="syz.2.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x7ffc0000
[  594.960986][   T29] audit: type=1326 audit(1731539006.739:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9777 comm="syz.2.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x7ffc0000
[  595.123465][ T3811] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  595.477698][   T29] audit: type=1326 audit(1731539007.039:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9777 comm="syz.2.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d8bb7e719 code=0x7ffc0000
[  595.501281][   T29] audit: type=1326 audit(1731539007.049:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9777 comm="syz.2.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x7ffc0000
[  595.532371][   T29] audit: type=1326 audit(1731539007.079:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9777 comm="syz.2.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d8bb7e719 code=0x7ffc0000
[  595.558085][   T29] audit: type=1326 audit(1731539007.079:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9777 comm="syz.2.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x7ffc0000
[  595.581153][   T29] audit: type=1326 audit(1731539007.209:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9777 comm="syz.2.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x7ffc0000
[  595.604050][   T29] audit: type=1326 audit(1731539007.209:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9777 comm="syz.2.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x7ffc0000
[  595.635115][   T29] audit: type=1326 audit(1731539007.309:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9777 comm="syz.2.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f1d8bb7e719 code=0x7ffc0000
[  596.396141][ T3811] bridge_slave_1: left allmulticast mode
[  596.402141][ T3811] bridge_slave_1: left promiscuous mode
[  596.409660][ T3811] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.428786][   T29] audit: type=1326 audit(1731539007.579:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9777 comm="syz.2.1443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d8bb7e719 code=0x7ffc0000
[  596.626725][ T3811] bridge_slave_0: left allmulticast mode
[  596.645499][ T3811] bridge_slave_0: left promiscuous mode
[  596.652435][ T3811] bridge0: port 1(bridge_slave_0) entered disabled state
[  597.279521][ T3811] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  597.373705][ T3811] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  597.409035][ T3811] bond0 (unregistering): Released all slaves
[  597.986376][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  597.993166][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  598.246838][ T3811] hsr_slave_0: left promiscuous mode
[  598.279480][ T3811] hsr_slave_1: left promiscuous mode
[  598.306183][ T3811] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  598.314060][ T3811] batman_adv: batadv0: Removing interface: batadv_slave_0
[  598.337748][ T3811] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  598.345870][ T3811] batman_adv: batadv0: Removing interface: batadv_slave_1
[  598.389632][ T3811] veth1_macvtap: left promiscuous mode
[  598.395833][ T3811] veth0_macvtap: left promiscuous mode
[  598.401839][ T3811] veth1_vlan: left promiscuous mode
[  598.407693][ T3811] veth0_vlan: left promiscuous mode
[  599.303439][ T3811] team0 (unregistering): Port device team_slave_1 removed
[  599.333655][ T3811] team0 (unregistering): Port device team_slave_0 removed
[  599.516681][ T5794] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  599.540290][ T5794] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  599.573609][ T5794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  599.626819][ T9793] loop6: detected capacity change from 0 to 1024
[  599.740848][ T5794] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  599.753416][ T5794] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  599.768875][ T5794] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  599.975887][ T9793] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  600.392052][ T9800] loop2: detected capacity change from 0 to 256
[  600.618252][ T9810] netlink: 'syz.7.1449': attribute type 30 has an invalid length.
[  601.004071][ T9539] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  601.217420][ T9794] chnl_net:caif_netlink_parms(): no params data found
[  601.340907][ T9665] veth0_vlan: entered promiscuous mode
[  601.642946][ T9665] veth1_vlan: entered promiscuous mode
[  601.820369][ T9665] veth0_macvtap: entered promiscuous mode
[  601.876328][ T5794] Bluetooth: hci3: command tx timeout
[  601.899488][ T9665] veth1_macvtap: entered promiscuous mode
[  601.968775][ T9665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  601.980136][ T9665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  601.990445][ T9665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  602.001455][ T9665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  602.011647][ T9665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  602.022527][ T9665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  602.032836][ T9665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  602.043719][ T9665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  602.053950][ T9665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  602.073062][ T9665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  602.091034][ T9665] batman_adv: batadv0: Interface activated: batadv_slave_0
[  602.141993][ T9665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  602.154130][ T9665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  602.173743][ T9665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  602.188109][ T9665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  602.199076][ T9665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  602.209947][ T9665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  602.220309][ T9665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  602.231308][ T9665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  602.241570][ T9665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  602.252559][ T9665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  602.278649][ T9665] batman_adv: batadv0: Interface activated: batadv_slave_1
[  602.411099][ T9665] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  602.420510][ T9665] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  602.429872][ T9665] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  602.440858][ T9665] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  602.727762][ T9826] loop7: detected capacity change from 0 to 256
[  603.342348][ T9830] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1455'.
[  603.468532][ T9794] bridge0: port 1(bridge_slave_0) entered blocking state
[  603.479229][ T9794] bridge0: port 1(bridge_slave_0) entered disabled state
[  603.487365][ T9794] bridge_slave_0: entered allmulticast mode
[  603.499138][ T9794] bridge_slave_0: entered promiscuous mode
[  603.638804][ T9794] bridge0: port 2(bridge_slave_1) entered blocking state
[  603.646889][ T9794] bridge0: port 2(bridge_slave_1) entered disabled state
[  603.654849][ T9794] bridge_slave_1: entered allmulticast mode
[  603.664888][ T9794] bridge_slave_1: entered promiscuous mode
[  604.053617][ T5794] Bluetooth: hci3: command tx timeout
[  604.717660][ T9794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  605.069248][   T29] kauditd_printk_skb: 40 callbacks suppressed
[  605.069340][   T29] audit: type=1326 audit(1731539016.939:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ecfb7e719 code=0x7ffc0000
[  605.083640][ T9794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  605.099361][   T29] audit: type=1326 audit(1731539016.939:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ecfb7e719 code=0x7ffc0000
[  605.379658][   T29] audit: type=1326 audit(1731539017.009:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ecfb7e719 code=0x7ffc0000
[  605.403065][   T29] audit: type=1326 audit(1731539017.009:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ecfb7e719 code=0x7ffc0000
[  605.426015][   T29] audit: type=1326 audit(1731539017.019:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ecfb7e719 code=0x7ffc0000
[  605.457517][   T29] audit: type=1326 audit(1731539017.019:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ecfb7e719 code=0x7ffc0000
[  605.480447][   T29] audit: type=1326 audit(1731539017.029:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ecfb7e719 code=0x7ffc0000
[  605.503340][   T29] audit: type=1326 audit(1731539017.029:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ecfb7e719 code=0x7ffc0000
[  605.526312][   T29] audit: type=1326 audit(1731539017.049:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ecfb7e719 code=0x7ffc0000
[  605.556092][   T29] audit: type=1326 audit(1731539017.049:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6ecfb7e719 code=0x7ffc0000
[  606.135693][ T9794] team0: Port device team_slave_0 added
[  606.201887][ T5794] Bluetooth: hci3: command tx timeout
[  606.263516][ T9794] team0: Port device team_slave_1 added
[  606.683170][ T9794] batman_adv: batadv0: Adding interface: batadv_slave_0
[  606.690546][ T9794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  606.716966][ T9794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  606.880121][ T9794] batman_adv: batadv0: Adding interface: batadv_slave_1
[  606.889428][ T9794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  606.917496][ T9794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  607.164829][ T9846] loop7: detected capacity change from 0 to 256
[  607.561074][ T9794] hsr_slave_0: entered promiscuous mode
[  607.647845][ T9794] hsr_slave_1: entered promiscuous mode
[  607.685665][ T9794] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  607.702325][ T9794] Cannot create hsr debugfs directory
[  607.839055][ T9852] loop6: detected capacity change from 0 to 256
[  608.055720][ T9852] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  608.350434][ T5794] Bluetooth: hci3: command tx timeout
[  609.153845][ T9794] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  609.268417][ T9794] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  609.360003][ T9794] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  609.360900][ T9869] loop7: detected capacity change from 0 to 16
[  609.432285][ T9869] erofs: (device loop7): mounted with root inode @ nid 36.
[  609.454466][ T9794] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  609.870638][ T9873] loop6: detected capacity change from 0 to 256
[  610.600323][ T9877] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1467'.
[  612.524361][ T9794] 8021q: adding VLAN 0 to HW filter on device bond0
[  613.062328][ T9794] 8021q: adding VLAN 0 to HW filter on device team0
[  613.150608][ T3539] bridge0: port 1(bridge_slave_0) entered blocking state
[  613.158533][ T3539] bridge0: port 1(bridge_slave_0) entered forwarding state
[  613.313587][ T3539] bridge0: port 2(bridge_slave_1) entered blocking state
[  613.321641][ T3539] bridge0: port 2(bridge_slave_1) entered forwarding state
[  613.433925][ T9794] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  613.444762][ T9794] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  614.025772][ T9896] loop2: detected capacity change from 0 to 256
[  614.119529][ T3811] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  614.128037][ T3811] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  614.412749][ T3692] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  614.421094][ T3692] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  615.094490][ T9906] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1472'.
[  615.159006][ T9907] loop6: detected capacity change from 0 to 8
[  615.241340][ T9794] 8021q: adding VLAN 0 to HW filter on device batadv0
[  616.112402][ T9915] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1476'.
[  616.813070][ T9923] ALSA: seq fatal error: cannot create timer (-22)
[  616.833613][ T9927] loop8: detected capacity change from 0 to 256
[  619.778480][ T9794] veth0_vlan: entered promiscuous mode
[  620.043960][ T9794] veth1_vlan: entered promiscuous mode
[  620.714161][ T9945] loop7: detected capacity change from 0 to 1024
[  620.985768][ T9943] loop6: detected capacity change from 0 to 2048
[  621.016764][ T9794] veth0_macvtap: entered promiscuous mode
[  621.087798][ T9945] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  621.240895][ T9794] veth1_macvtap: entered promiscuous mode
[  621.291214][ T9943] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  622.487582][ T9943] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  622.913136][ T9953] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1486'.
[  623.202265][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  623.213465][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  623.223738][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  623.234617][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  623.244880][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  623.257410][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  623.267962][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  623.278818][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  623.289165][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  623.299998][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  623.310193][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  623.321044][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  623.336744][ T9794] batman_adv: batadv0: Interface activated: batadv_slave_0
[  624.156239][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  624.167121][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  624.178795][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  624.190564][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  624.206014][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  624.216909][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  624.227295][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  624.238276][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  624.248481][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  624.259350][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  624.269552][ T9794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  624.283801][ T9794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  624.300991][ T9794] batman_adv: batadv0: Interface activated: batadv_slave_1
[  624.608403][ T9794] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  624.617993][ T9794] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  624.627784][ T9794] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  624.637398][ T9794] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  625.621393][ T9961] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1488'.
[  626.261876][ T9965] loop7: detected capacity change from 0 to 512
[  626.360342][ T9965] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  626.521210][ T9965] EXT4-fs (loop7): 1 truncate cleaned up
[  626.532027][ T9965] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  626.701621][ T9969] loop6: detected capacity change from 0 to 1024
[  626.921858][ T9575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  627.008821][ T9969] hfsplus: invalid extended attribute record
[  628.255801][   T29] kauditd_printk_skb: 53 callbacks suppressed
[  628.255896][   T29] audit: type=1326 audit(1731539040.039:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9985 comm="syz.7.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5418f7e719 code=0x7ffc0000
[  628.293909][   T29] audit: type=1326 audit(1731539040.049:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9985 comm="syz.7.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f5418f7e719 code=0x7ffc0000
[  628.319471][   T29] audit: type=1326 audit(1731539040.049:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9985 comm="syz.7.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5418f7e719 code=0x7ffc0000
[  628.342858][   T29] audit: type=1326 audit(1731539040.049:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9985 comm="syz.7.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7f5418f7e719 code=0x7ffc0000
[  628.365848][   T29] audit: type=1326 audit(1731539040.049:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9985 comm="syz.7.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5418f7e719 code=0x7ffc0000
[  628.614123][ T9993] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1498'.
[  629.647044][T10005] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1502'.
[  629.801184][T10006] loop7: detected capacity change from 0 to 1024
[  630.205207][T10010] loop8: detected capacity change from 0 to 512
[  630.254174][T10006] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  630.461314][T10010] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  630.474750][T10010] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  630.771796][T10014] loop6: detected capacity change from 0 to 2048
[  630.826654][   T29] audit: type=1800 audit(1731539042.679:627): pid=10010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1505" name="file1" dev="loop8" ino=15 res=0 errno=0
[  630.849156][   T29] audit: type=1800 audit(1731539042.679:628): pid=10022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1505" name="bus" dev="loop8" ino=18 res=0 errno=0
[  630.988761][T10014] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  631.058271][T10014] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  631.498506][ T9575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.526405][ T9665] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.275683][T10036] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1507'.
[  632.285143][T10036] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1507'.
[  632.294504][T10036] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1507'.
[  633.594186][ T1131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  633.603355][ T1131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  633.757983][T10045] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1511'.
[  634.244857][ T4052] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  634.254688][ T4052] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  635.465479][T10052] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1514'.
[  635.968470][T10063] netlink: 200 bytes leftover after parsing attributes in process `syz.8.1518'.
[  636.017143][   T29] audit: type=1326 audit(1731539047.869:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10062 comm="syz.8.1518" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed7177e719 code=0x0
[  636.401562][T10070] loop9: detected capacity change from 0 to 256
[  636.522674][T10070] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  636.534237][T10070] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[  636.604674][T10072] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1521'.
[  636.614389][T10072] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1521'.
[  636.623786][T10072] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1521'.
[  636.722448][T10070] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x8605e5da, utbl_chksum : 0xe619d30d)
[  637.204473][T10085] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1524'.
[  638.886647][T10110] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1536'.
[  638.896203][T10110] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1536'.
[  638.905519][T10110] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1536'.
[  640.328262][T10136] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1545'.
[  641.333201][T10147] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1551'.
[  641.342807][T10147] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1551'.
[  641.348244][T10148] loop9: detected capacity change from 0 to 256
[  641.352020][T10147] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1551'.
[  642.038259][T10158] loop7: detected capacity change from 0 to 128
[  642.193598][T10158] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  642.278518][T10158] ext4 filesystem being mounted at /34/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  642.552978][T10168] tmpfs: Unknown parameter 'defcontext'
[  642.742061][T10170] loop9: detected capacity change from 0 to 16
[  642.808260][T10158] syz.7.1557 (pid 10158) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  642.843649][T10158] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  642.856453][T10158] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  642.878597][T10170] erofs: (device loop9): mounted with root inode @ nid 36.
[  643.269130][ T9575] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  643.321451][T10179] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1564'.
[  643.334656][T10179] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1564'.
[  643.344894][T10179] netlink: 40 bytes leftover after parsing attributes in process `syz.9.1564'.
[  644.113575][T10189] loop6: detected capacity change from 0 to 256
[  646.045847][ T5847] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  646.335677][ T5847] usb 8-1: Using ep0 maxpacket: 8
[  646.391249][ T5847] usb 8-1: config 61 has too many interfaces: 213, using maximum allowed: 32
[  646.403782][ T5847] usb 8-1: config 61 has an invalid descriptor of length 0, skipping remainder of the config
[  646.415645][ T5847] usb 8-1: config 61 has 0 interfaces, different from the descriptor's value: 213
[  646.756851][ T5847] usb 8-1: New USB device found, idVendor=046d, idProduct=0896, bcdDevice=3a.11
[  646.766575][ T5847] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  646.774887][ T5847] usb 8-1: Product: syz
[  646.779669][ T5847] usb 8-1: Manufacturer: syz
[  646.784561][ T5847] usb 8-1: SerialNumber: syz
[  647.677279][T10211] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1577'.
[  647.687004][T10211] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1577'.
[  647.698803][T10211] netlink: 40 bytes leftover after parsing attributes in process `syz.9.1577'.
[  647.718058][T10216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1579'.
[  648.068133][ T5847] usb 8-1: USB disconnect, device number 2
[  648.478735][T10228] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1581'.
[  649.334135][T10240] loop6: detected capacity change from 0 to 256
[  650.134349][T10245] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1592'.
[  650.143953][T10245] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1592'.
[  650.153482][T10245] netlink: 40 bytes leftover after parsing attributes in process `syz.9.1592'.
[  652.561349][T10262] loop8: detected capacity change from 0 to 1024
[  652.679312][T10262] EXT4-fs: Ignoring removed orlov option
[  652.685603][T10262] EXT4-fs: Ignoring removed nomblk_io_submit option
[  652.908493][T10262] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  653.119757][T10274] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1601'.
[  653.551520][ T9665] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  653.643148][T10281] input: syz1 as /devices/virtual/input/input11
[  653.817216][T10283] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1606'.
[  653.826843][T10283] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1606'.
[  653.836263][T10283] netlink: 40 bytes leftover after parsing attributes in process `syz.9.1606'.
[  654.539859][T10295] loop2: detected capacity change from 0 to 256
[  654.552351][T10297] loop6: detected capacity change from 0 to 256
[  654.560825][T10295] exfat: Deprecated parameter 'namecase'
[  655.703251][T10295] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  657.669230][T10320] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1618'.
[  657.678824][T10320] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1618'.
[  657.688198][T10320] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1618'.
[  657.950636][T10324] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1620'.
[  658.229123][T10318] loop7: detected capacity change from 0 to 2048
[  658.300504][T10318] EXT4-fs: Ignoring removed nobh option
[  658.368843][T10318] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  658.392448][T10318] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  658.798363][ T9575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.427741][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  659.434552][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  659.901964][T10353] loop7: detected capacity change from 0 to 256
[  660.555019][T10357] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1634'.
[  660.564739][T10357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1634'.
[  660.574011][T10357] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1634'.
[  661.207283][T10362] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1635'.
[  662.010750][T10367] loop2: detected capacity change from 0 to 512
[  662.225207][T10367] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  662.238885][T10367] ext4 filesystem being mounted at /334/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  663.927018][T10383] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1643'.
[  664.163363][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  664.316230][T10389] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1647'.
[  664.333447][T10389] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1647'.
[  664.346085][T10389] netlink: 32 bytes leftover after parsing attributes in process `syz.9.1647'.
[  664.609895][T10395] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1648'.
[  665.098414][T10402] loop2: detected capacity change from 0 to 256
[  666.523575][T10411] loop7: detected capacity change from 0 to 164
[  666.652297][T10410] loop6: detected capacity change from 0 to 1024
[  666.757616][T10411] Unsupported NM flag settings (8)
[  668.096874][T10421] netlink: 72 bytes leftover after parsing attributes in process `syz.8.1659'.
[  668.916947][T10431] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1664'.
[  670.726383][T10452] loop2: detected capacity change from 0 to 256
[  671.102653][T10456] loop6: detected capacity change from 0 to 16
[  671.211872][T10456] erofs: (device loop6): mounted with root inode @ nid 36.
[  671.659738][T10460] netlink: 72 bytes leftover after parsing attributes in process `syz.8.1676'.
[  672.116768][ T9784] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  672.405900][ T9784] usb 10-1: Using ep0 maxpacket: 32
[  672.487860][ T9784] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  672.544089][ T9784] usb 10-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  672.554067][ T9784] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  672.562860][ T9784] usb 10-1: Product: syz
[  672.567608][ T9784] usb 10-1: Manufacturer: syz
[  672.572598][ T9784] usb 10-1: SerialNumber: syz
[  672.671195][ T9784] usb 10-1: config 0 descriptor??
[  672.683849][T10465] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  672.742243][T10475] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1681'.
[  672.769735][ T9784] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  673.141026][T10463] loop9: detected capacity change from 0 to 256
[  673.917811][ T5847] usb 10-1: USB disconnect, device number 2
[  674.939844][T10500] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1692'.
[  674.958021][T10505] loop7: detected capacity change from 0 to 1024
[  675.016444][T10506] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1694'.
[  675.844173][T10509] loop9: detected capacity change from 0 to 1024
[  675.937973][T10509] EXT4-fs: Ignoring removed bh option
[  676.267341][T10518] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1699'.
[  676.578571][T10509] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  676.798752][   T29] audit: type=1800 audit(1731539088.649:630): pid=10509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1696" name="bus" dev="loop9" ino=18 res=0 errno=0
[  677.027901][ T9801] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  677.250838][ T9801] usb 9-1: Using ep0 maxpacket: 32
[  677.292501][ T9801] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  677.463101][ T9801] usb 9-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  677.473089][ T9801] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  677.481657][ T9801] usb 9-1: Product: syz
[  677.486334][ T9801] usb 9-1: Manufacturer: syz
[  677.491225][ T9801] usb 9-1: SerialNumber: syz
[  677.562740][ T9801] usb 9-1: config 0 descriptor??
[  677.623210][T10537] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1707'.
[  677.698554][T10526] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  677.802181][ T9801] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  678.082306][T10526] loop8: detected capacity change from 0 to 256
[  678.522035][ T9794] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  678.601766][ T5847] usb 9-1: USB disconnect, device number 2
[  678.952627][T10552] loop9: detected capacity change from 0 to 1024
[  679.658234][T10552] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  679.714632][T10561] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1715'.
[  680.142834][T10571] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1719'.
[  680.149117][ T9794] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  681.055728][T10586] loop9: detected capacity change from 0 to 256
[  681.165617][ T9801] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  681.252996][T10587] loop8: detected capacity change from 0 to 1024
[  681.336203][T10587] EXT4-fs (loop8): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  681.384254][ T9801] usb 8-1: Using ep0 maxpacket: 16
[  681.445878][ T9801] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  681.450929][T10592] loop2: detected capacity change from 0 to 512
[  681.457426][ T9801] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  681.457670][ T9801] usb 8-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[  681.457850][ T9801] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  681.496647][ T9801] usb 8-1: config 0 descriptor??
[  681.554439][T10587] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  681.608547][T10592] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  681.632469][T10592] ext4 filesystem being mounted at /353/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  681.728113][T10590] loop6: detected capacity change from 0 to 256
[  681.914131][T10603] loop9: detected capacity change from 0 to 256
[  682.009596][T10603] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  682.077238][   T29] audit: type=1800 audit(1731539093.939:631): pid=10601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1727" name="bus" dev="loop2" ino=18 res=0 errno=0
[  682.119752][ T9801] ntrig 0003:1B96:0008.0004: unbalanced delimiter at end of report description
[  682.132498][ T9665] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  682.186103][ T9801] ntrig 0003:1B96:0008.0004: parse failed
[  682.192617][ T9801] ntrig 0003:1B96:0008.0004: probe with driver ntrig failed with error -22
[  682.209643][T10603] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[  682.472170][ T5847] usb 8-1: USB disconnect, device number 3
[  682.614697][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  682.743647][T10609] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  683.139269][T10618] netlink: 64 bytes leftover after parsing attributes in process `syz.9.1734'.
[  683.402455][T10620] loop9: detected capacity change from 0 to 512
[  683.492097][T10622] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1732'.
[  683.540678][T10621] loop8: detected capacity change from 0 to 512
[  683.600455][T10620] EXT4-fs warning (device loop9): ext4_multi_mount_protect:318: fsck is running on the filesystem
[  683.612398][T10620] EXT4-fs warning (device loop9): ext4_multi_mount_protect:318: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  683.721619][T10621] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2
[  683.730376][T10621] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -2
[  683.744326][T10621] EXT4-fs (loop8): 1 truncate cleaned up
[  683.752771][T10621] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  683.782454][T10621] EXT4-fs error (device loop8): ext4_append:79: inode #2: comm syz.8.1735: Logical block already allocated
[  684.377419][T10632] mkiss: ax0: crc mode is auto.
[  684.502585][ T9665] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  685.023636][T10635] loop9: detected capacity change from 0 to 164
[  685.750870][T10643] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  685.961909][T10646] netlink: 64 bytes leftover after parsing attributes in process `syz.7.1746'.
[  686.187284][T10639] loop8: detected capacity change from 0 to 256
[  686.909596][T10662] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1750'.
[  687.216143][ T5794] Bluetooth: hci4: command 0x0406 tx timeout
[  687.223065][ T5795] Bluetooth: hci1: command 0x0406 tx timeout
[  688.086362][ T9801] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  688.318412][ T9801] usb 10-1: config 0 interface 0 has no altsetting 0
[  688.326168][ T9801] usb 10-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  688.335908][ T9801] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  688.360469][ T9801] usb 10-1: config 0 descriptor??
[  688.410216][ T9801] ums-realtek 10-1:0.0: USB Mass Storage device detected
[  688.927231][ T9801] usb 10-1: USB disconnect, device number 3
[  689.265559][ T5847] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  689.290349][T10685] loop6: detected capacity change from 0 to 164
[  689.481144][ T5847] usb 8-1: Using ep0 maxpacket: 8
[  689.500704][ T5847] usb 8-1: config 0 has an invalid interface number: 134 but max is 0
[  689.512430][ T5847] usb 8-1: config 0 has no interface number 0
[  689.519930][ T5847] usb 8-1: config 0 interface 134 has no altsetting 0
[  689.732187][ T5847] usb 8-1: New USB device found, idVendor=0dba, idProduct=3000, bcdDevice=9a.18
[  689.742035][ T5847] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  689.750903][ T5847] usb 8-1: Product: syz
[  689.755564][ T5847] usb 8-1: Manufacturer: syz
[  689.760470][ T5847] usb 8-1: SerialNumber: syz
[  689.920415][T10690] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  690.054367][ T5847] usb 8-1: config 0 descriptor??
[  690.110439][T10693] netlink: 64 bytes leftover after parsing attributes in process `syz.9.1760'.
[  690.112229][ T5847] usb 8-1: Invalid firmware size=18.
[  690.278507][ T5847] usb 8-1: USB disconnect, device number 4
[  690.528058][T10699] loop8: detected capacity change from 0 to 16
[  690.589272][T10699] erofs: (device loop8): mounted with root inode @ nid 36.
[  690.700831][T10703] loop9: detected capacity change from 0 to 8
[  690.732846][T10696] loop6: detected capacity change from 0 to 256
[  690.827419][T10703] SQUASHFS error: Failed to read block 0x738: -5
[  690.834182][T10703] SQUASHFS error: Unable to read metadata cache entry [736]
[  691.307642][T10709] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1765'.
[  691.633301][T10715] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1767'.
[  693.101187][T10729] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  693.254051][T10730] netlink: 64 bytes leftover after parsing attributes in process `syz.6.1773'.
[  693.442401][T10734] loop8: detected capacity change from 0 to 164
[  693.445757][T10733] loop9: detected capacity change from 0 to 128
[  694.496434][T10746] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1780'.
[  694.696231][ T5847] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  694.767947][T10752] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1779'.
[  694.865801][ T5847] usb 10-1: Using ep0 maxpacket: 16
[  694.909957][ T5847] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  694.923864][ T5847] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  694.938581][ T5847] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  695.027662][ T5847] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  695.040340][ T5847] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  695.049734][ T5847] usb 10-1: Product: syz
[  695.054282][ T5847] usb 10-1: Manufacturer: syz
[  695.059525][ T5847] usb 10-1: SerialNumber: syz
[  695.677393][T10758] loop7: detected capacity change from 0 to 512
[  695.687039][T10758] EXT4-fs: Ignoring removed mblk_io_submit option
[  695.760924][T10758] EXT4-fs (loop7): blocks per group (255) and clusters per group (8192) inconsistent
[  697.187293][T10766] loop2: detected capacity change from 0 to 256
[  698.733452][T10770] loop8: detected capacity change from 0 to 164
[  699.807719][ T5847] usb 10-1: USB disconnect, device number 4
[  700.078441][T10780] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  700.176125][ T9784] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[  700.398518][ T9784] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 255, setting to 64
[  700.412133][ T9784] usb 9-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22
[  700.520329][ T9784] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  700.530240][ T9784] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  700.538771][ T9784] usb 9-1: SerialNumber: syz
[  700.611994][T10776] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  700.680581][T10785] netlink: 36 bytes leftover after parsing attributes in process `syz.7.1793'.
[  700.843129][T10776] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  701.380539][ T9784] cdc_ether 9-1:1.0 eth13: register 'cdc_ether' at usb-dummy_hcd.8-1, CDC Ethernet Device, 42:42:42:42:42:42
[  701.419173][T10792] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1795'.
[  702.389595][T10803] loop9: detected capacity change from 0 to 256
[  702.392473][T10801] loop6: detected capacity change from 0 to 512
[  702.436401][ T5795] Bluetooth: hci2: command 0x0406 tx timeout
[  703.419473][T10808] loop6: detected capacity change from 0 to 128
[  705.353911][T10811] loop9: detected capacity change from 0 to 164
[  705.608964][ T5847] usb 9-1: USB disconnect, device number 3
[  705.617560][ T5847] cdc_ether 9-1:1.0 eth13: unregister 'cdc_ether' usb-dummy_hcd.8-1, CDC Ethernet Device
[  706.488158][T10817] batadv_slave_1: entered promiscuous mode
[  706.535110][T10816] batadv_slave_1: left promiscuous mode
[  706.599622][T10819] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1806'.
[  707.552968][T10826] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1811'.
[  707.814190][   T52] Bluetooth: hci3: link tx timeout
[  707.819763][   T52] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  707.955506][   T52] Bluetooth: hci3: link tx timeout
[  707.960915][   T52] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  709.092382][T10833] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  709.877762][   T52] Bluetooth: hci3: command 0x0406 tx timeout
[  710.992795][T10837] loop9: detected capacity change from 0 to 256
[  711.749421][T10839] loop7: detected capacity change from 0 to 512
[  711.947552][T10839] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  712.177871][T10839] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:483: comm syz.7.1813: Invalid block bitmap block 0 in block_group 0
[  712.329294][T10839] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  712.402302][T10839] EXT4-fs error (device loop7): ext4_clear_blocks:876: inode #11: comm syz.7.1813: attempt to clear invalid blocks 983260 len 1
[  712.471697][T10839] EXT4-fs error (device loop7): __ext4_get_inode_loc:4403: comm syz.7.1813: Invalid inode table block 0 in block_group 0
[  712.555671][T10839] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5780: Corrupt filesystem
[  712.746317][T10839] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem
[  713.136651][T10839] EXT4-fs error (device loop7): __ext4_get_inode_loc:4403: comm syz.7.1813: Invalid inode table block 0 in block_group 0
[  713.217124][T10839] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5780: Corrupt filesystem
[  713.306571][T10839] EXT4-fs error (device loop7): ext4_truncate:4208: inode #11: comm syz.7.1813: mark_inode_dirty error
[  713.386307][T10839] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem
[  713.790729][T10849] loop8: detected capacity change from 0 to 512
[  714.503591][T10839] EXT4-fs (loop7): 1 truncate cleaned up
[  714.515393][T10839] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  714.542878][T10844] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 0 in block_group 0
[  714.581554][T10851] loop9: detected capacity change from 0 to 164
[  714.824309][T10853] loop8: detected capacity change from 0 to 128
[  716.710185][T10844] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 0 in block_group 0
[  717.483770][ T9575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  717.869805][T10860] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1821'.
[  718.041446][T10858] loop2: detected capacity change from 0 to 512
[  718.514624][T10858] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  718.528568][T10858] ext4 filesystem being mounted at /369/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  718.776659][T10879] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1824'.
[  718.974380][T10881] loop6: detected capacity change from 0 to 256
[  719.142960][T10858] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #2: comm syz.2.1819: corrupted inode contents
[  719.414222][T10858] EXT4-fs error (device loop2): ext4_dirty_inode:5984: inode #2: comm syz.2.1819: mark_inode_dirty error
[  719.895660][T10858] EXT4-fs error (device loop2): ext4_do_update_inode:5121: inode #2: comm syz.2.1819: corrupted inode contents
[  720.205839][T10858] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.1819: mark_inode_dirty error
[  720.727709][T10899] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  720.752611][T10897] loop6: detected capacity change from 0 to 256
[  720.883797][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  720.891588][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  721.734561][T10901] loop8: detected capacity change from 0 to 164
[  722.408065][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  724.246336][T10913] loop7: detected capacity change from 0 to 1024
[  724.649439][T10923] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1838'.
[  724.917331][T10922] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1834'.
[  725.322688][T10930] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  725.576218][T10935] loop9: detected capacity change from 0 to 128
[  725.726890][T10935] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  725.826995][T10935] ext4 filesystem being mounted at /69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  725.892106][T10938] loop8: detected capacity change from 0 to 128
[  726.549495][ T9794] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  727.289576][T10955] loop7: detected capacity change from 0 to 164
[  728.562125][T10959] loop6: detected capacity change from 0 to 1024
[  729.680762][T10968] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1856'.
[  729.908519][T10973] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1858'.
[  730.608257][T10982] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  732.068131][T10997] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1867'.
[  732.079154][T10997] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1867'.
[  732.088654][T10997] nbd: socks must be embedded in a SOCK_ITEM attr
[  732.224740][T10999] loop7: detected capacity change from 0 to 256
[  732.434521][T11001] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1870'.
[  732.855828][T11006] 9pnet: p9_errstr2errno: server reported unknown error ��
[  733.385033][T11009] loop6: detected capacity change from 0 to 1024
[  733.592099][T11009] =====================================================
[  733.599767][T11009] BUG: KMSAN: uninit-value in hfs_find_1st_rec_by_cnid+0x27a/0x3f0
[  733.608240][T11009]  hfs_find_1st_rec_by_cnid+0x27a/0x3f0
[  733.614141][T11009]  __hfsplus_brec_find+0x26f/0x7b0
[  733.619700][T11009]  hfsplus_brec_find+0x445/0x970
[  733.624923][T11009]  hfsplus_find_attr+0x30c/0x390
[  733.630310][T11009]  hfsplus_listxattr+0x586/0x1a50
[  733.635889][T11009]  listxattr+0x1f3/0x6b0
[  733.640412][T11009]  __x64_sys_llistxattr+0x165/0x2e0
[  733.648955][T11009]  x64_sys_call+0x2b7e/0x3ba0
[  733.653912][T11009]  do_syscall_64+0xcd/0x1e0
[  733.660268][T11009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.666747][T11009] 
[  733.669214][T11009] Uninit was created at:
[  733.673805][T11009]  __kmalloc_noprof+0x661/0xf30
[  733.679116][T11009]  hfsplus_find_init+0x95/0x1d0
[  733.684236][T11009]  hfsplus_listxattr+0x44a/0x1a50
[  733.689684][T11009]  listxattr+0x1f3/0x6b0
[  733.694196][T11009]  __x64_sys_llistxattr+0x165/0x2e0
[  733.699947][T11009]  x64_sys_call+0x2b7e/0x3ba0
[  733.704904][T11009]  do_syscall_64+0xcd/0x1e0
[  733.711396][T11009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.717917][T11009] 
[  733.720400][T11009] CPU: 1 UID: 0 PID: 11009 Comm: syz.6.1872 Not tainted 6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0
[  733.731597][T11009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  733.742050][T11009] =====================================================
[  733.752194][T11009] Disabling lock debugging due to kernel taint
[  733.760145][T11009] Kernel panic - not syncing: kmsan.panic set ...
[  733.766850][T11009] CPU: 1 UID: 0 PID: 11009 Comm: syz.6.1872 Tainted: G    B              6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0
[  733.779400][T11009] Tainted: [B]=BAD_PAGE
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  733.783710][T11009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  733.793984][T11009] Call Trace:
[  733.797424][T11009]  <TASK>
[  733.800508][T11009]  dump_stack_lvl+0x216/0x2d0
[  733.805501][T11009]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  733.811567][T11009]  dump_stack+0x1e/0x30
[  733.815982][T11009]  panic+0x4e2/0xcf0
[  733.820112][T11009]  ? kmsan_get_metadata+0x111/0x1c0
[  733.825526][T11009]  kmsan_report+0x2c7/0x2d0
[  733.830226][T11009]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  733.836241][T11009]  ? __msan_warning+0x95/0x120
[  733.841244][T11009]  ? hfs_find_1st_rec_by_cnid+0x27a/0x3f0
[  733.847222][T11009]  ? __hfsplus_brec_find+0x26f/0x7b0
[  733.852774][T11009]  ? hfsplus_brec_find+0x445/0x970
[  733.858149][T11009]  ? hfsplus_find_attr+0x30c/0x390
[  733.863498][T11009]  ? hfsplus_listxattr+0x586/0x1a50
[  733.868956][T11009]  ? listxattr+0x1f3/0x6b0
[  733.873616][T11009]  ? __x64_sys_llistxattr+0x165/0x2e0
[  733.879218][T11009]  ? x64_sys_call+0x2b7e/0x3ba0
[  733.884320][T11009]  ? do_syscall_64+0xcd/0x1e0
[  733.889261][T11009]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.895571][T11009]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  733.901632][T11009]  ? hfsplus_bnode_read_u16+0x3e/0x2b0
[  733.907414][T11009]  ? filter_irq_stacks+0x60/0x1a0
[  733.912811][T11009]  ? kmsan_get_metadata+0x13e/0x1c0
[  733.918239][T11009]  ? kmsan_internal_memmove_metadata+0x91/0x230
[  733.924737][T11009]  ? kmsan_get_metadata+0x13e/0x1c0
[  733.930151][T11009]  ? kmsan_internal_memmove_metadata+0x91/0x230
[  733.936694][T11009]  ? kmsan_get_metadata+0x13e/0x1c0
[  733.942203][T11009]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  733.948211][T11009]  __msan_warning+0x95/0x120
[  733.953061][T11009]  hfs_find_1st_rec_by_cnid+0x27a/0x3f0
[  733.958919][T11009]  __hfsplus_brec_find+0x26f/0x7b0
[  733.964287][T11009]  ? __pfx_hfs_find_1st_rec_by_cnid+0x10/0x10
[  733.970621][T11009]  hfsplus_brec_find+0x445/0x970
[  733.975813][T11009]  ? __pfx_hfs_find_1st_rec_by_cnid+0x10/0x10
[  733.982274][T11009]  hfsplus_find_attr+0x30c/0x390
[  733.987474][T11009]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  733.993502][T11009]  hfsplus_listxattr+0x586/0x1a50
[  733.998793][T11009]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  734.005147][T11009]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  734.011745][T11009]  ? kmsan_get_metadata+0x13e/0x1c0
[  734.017139][T11009]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  734.023161][T11009]  ? kmsan_get_metadata+0x13e/0x1c0
[  734.028557][T11009]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  734.034575][T11009]  ? kmsan_get_metadata+0x13e/0x1c0
[  734.039969][T11009]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  734.045975][T11009]  ? __pfx_hfsplus_listxattr+0x10/0x10
[  734.051706][T11009]  ? __pfx_hfsplus_listxattr+0x10/0x10
[  734.057455][T11009]  listxattr+0x1f3/0x6b0
[  734.061984][T11009]  __x64_sys_llistxattr+0x165/0x2e0
[  734.067459][T11009]  x64_sys_call+0x2b7e/0x3ba0
[  734.072456][T11009]  do_syscall_64+0xcd/0x1e0
[  734.077258][T11009]  ? clear_bhb_loop+0x25/0x80
[  734.082185][T11009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.088313][T11009] RIP: 0033:0x7f6ecfb7e719
[  734.092897][T11009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.112753][T11009] RSP: 002b:00007f6ed08b2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[  734.121405][T11009] RAX: ffffffffffffffda RBX: 00007f6ecfd35f80 RCX: 00007f6ecfb7e719
[  734.129581][T11009] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000140
[  734.137834][T11009] RBP: 00007f6ecfbf175e R08: 0000000000000000 R09: 0000000000000000
[  734.145991][T11009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  734.154129][T11009] R13: 0000000000000000 R14: 00007f6ecfd35f80 R15: 00007ffd918f8c08
[  734.162321][T11009]  </TASK>
[  734.165882][T11009] Kernel Offset: disabled
[  734.170333][T11009] Rebooting in 86400 seconds..