last executing test programs:

35.904025096s ago: executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_REFILL_DELAY={0x8, 0x9, 0xfffffff8}]}}]}, 0x38}}, 0x0)

35.747203735s ago: executing program 4:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000090000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)

35.579757703s ago: executing program 4:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f0000000200)=0x80000000, 0x4)

35.425965974s ago: executing program 4:
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000003c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="303e30800200000002d190c937dc6914243b0402d6dcb7154fe6727ae888746b024ee670a5882a0ad79716584e5704b7f62edac751478af9c62f000000000000", 0x40, r0)

35.179873233s ago: executing program 4:
r0 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
dup(0xffffffffffffffff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
io_setup(0x100, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x0, 0x0)
socketpair$tipc(0x1e, 0x0, 0x0, 0x0)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8990, &(0x7f0000002080)={'bond0\x00', @ifru_names='bond0\x00'})
ioctl$CEC_RECEIVE(r3, 0xc0386106, &(0x7f0000000000)={0xfffffffffffffff8, 0x0, 0x0, 0xfffffff7, 0x100, 0x3f, "9746c60b5eac36f1e2c35b35229adf2c", 0x60, 0x0, 0x9, 0x9, 0x2, 0xfa, 0xf2})
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_FALLOCATE={0x11, 0x40, 0x0, @fd_index=0x7, 0x3ff, 0x0, 0x8, 0x0, 0x0, {0x0, r5}})
io_uring_enter(r0, 0x1, 0x2, 0x1, 0x0, 0x0)

21.563442547s ago: executing program 3:
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000c6a000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f00002a0000/0x4000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)

21.266931964s ago: executing program 3:
syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x201cc42, &(0x7f0000000100)={[{@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@nocompress}, {@check_relaxed}]}, 0x3, 0xac8, &(0x7f0000000f40)="$eJzs3d1vXGdeB/DvmdiO7a262W7olqrbTFqlm+0G1y80VdQLNrXHrhe/INuRWgm0WW1cFNWiaAvStkJqKhBXVKwQQgIkhHrJVaXlgr1BvYNLrrhAgop/AK24yiJg0DkztmfsGU/iTOxk+Xys8Zw55/ec5/ecc+Y8nvHMecLjrNlsVrdjPr7xNyeZLI+eNxa++PSzT8rbx3cyljN5tfi7ZDxJPRn5n+pYGZ1f2FhfHbCid5ObST5PiiRn07rvY6Lr0c0Uf5wn9h9/nuIv80yPYuP32TgGavL/2mkffwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8EiaX5ienimysrx24616f9UQ4Ecs313dT6pRv4ufDKq2SIrylvHx3aG+nzm/v/jp8tcLea716LnWyN/j+fBLT597/asjtd3yRyR0It7/4MN3v7ezs/2D9hY4W6+PDix09kRSuz9jxyu21Fhb3lxfXr2+1Kgvb67Xr129Ov3Km4ub9cXlNDbf3txqrNbnNxrXt9Y36pfnv1mfuXZtrt6Yenv9xtrSwtRKY3fma780Oz19tf6dqV9rXN/YXF975TtTm/NvLq+sLK8tVTHl4jLmtfJA/NXlrfpW4/pqvf7O7Z3tub7ZVaPYt4JmegYU+5Nl0Oyg5s5Oz87OzMxO5Oqr1159bXp6pD1jdmZ3xvQBORRx+gctw/ZX9xz5t8M+fcODqLX7/6xkOWu5kbdS7/kzn4VsZD2rPZYV++vb7f8vvdI4st7O/n+3l39mf/Gzqfr/51uPnu/X//fJdfBPs9lac69ltftYT3Hng3yYd/O97GQn2/nBsTNq/zTP5EBmPzsY89/NZvMYa66X67zQuQ0eNNfUs5RG1rKczaxnOau5nqX8/r+3WrCeeq7laq5mOt/Nm1nMZupZzHJW0shm3s5mttKojqj5bKRRT7ayno3Ucznz+Wbqmcm1TGQu9TQylbeznhtZy1IWcr1ayzu5XW33uSNy3AuauZeg2SOCDnXmD9b/Nx/FvwQ5tsF/+leGdeqGB9Zs9/9jfQOau1OX508sKwAAAGCYfvEf8+T5p/7hX5PRfL16X35xeaUxfdppAQAAAENUfVzvufJutJnk6yl6vP6v9S47ehIJAgAAAA+sqL5jVySZzIXWVOubUGfiQwAAAADwc6L6///z5d1kOXUhxd6VUG72iAQAAAAeQwOvsd9+2X/niIjxtK9pWb/Vur/Vjmhf53dycXmlMTW/vvL6TF6qrjJQfdPg0NrOJMVo9fWDl3MxE+Xii5Ot6MnuNY6XUTNTr8/k5bzQbsjlF8u7Fy/3iJxtRX6jFfmNIyLnysh7cGcY2x4ATssLh/vjnzW7rrE/+C+El3OlFXHl2ZGxJCPP9uhZp/d71pHTaCgAsGfwGDvdER+1y3X2/79cvv7v7tS7+v+n8s7/ljO3M5Xv573s5FauVN82qD5x0FXvr/+o/Z7B3scQpnMlF1uxfd4N2I39p9dquTLg/YDJjoFergx4R6AVm99I5h7iHgCAk/dCn354pFbr2f9XEdn9OGCr/7/S8fo/h1//7w0ttO0rhQDwSNgbwX6oE80znXNOu40AQDe9NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzfUC/7P37M4v/WHtevNac5/PEIek9MtLfB7pyPyq2RWmvmwOIfv//Bh3+SpHNRWfYh5VwlNdw114awnmaSk9pfDzIxkuTeS+XcPRwA/bZqei0aS/LQWzoxhCr2ng6tp0HtqJPHjSOXAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8BgokjO95teSs0mmk7xy8lk9PHdOO4GT9yudD4q7uZsf5snTSwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OdT+/r/tbTuv9SalZFacinJzSTN085xmO6edgJDMnHMch3X/y/3eZpFRlq7PcXo/MLG+mq5+6uxH2pffPrZJ1/rLn72XuupAmsHBpdo13Aw9q+f2J36SlVqcmH7/Xd/573fri+8kVrG8sbW4srC6tLGt/eLPF38OKmnddtV5lvefu/S3/+oR8t/XLa0t4P1LlYbZ+FwvV/rVbpfvbV+1e25vbM9W0ZtNd7a+t3fuv3DjkVP5WLy4uXkcndNv1neercwFzN6aN7Y/mTx0+IPiyfzZ7lZ7f9yaxTNotxFX67SnXjn9s721Pff27nVJ6dzuZDkVjKedvm+Oe1t6gvV+aSn6qirjZa1TldB5a/zA9rY294YF7d21zjTpw1fqQ6ZyXYbxrraUOtTZ71/G6oN3rHd9/Z50VGkldFcO6OxdGf01bzUY083zyb9t8JLPfb0QMVPi38p3sw/5w86xv+olfv/UrP/s7N7FZfSfaT0jay1IquWz3Yu+O7ByP/483vKvucwNdyvP2od+G21jvN/e18d73w0frCeZtH7fNTWUeNcnxp7Py8OnB0OHhX9z7lVj3T+QIn22advoVae51tRffL8hXwrGXk2XRu2O89DvfW3+p9Rust/+8D85kfV3XGf/39RXM5/5o7xfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdfkZzpNb+WXEpybvdxPWnex2rP9ltQmyzuN8WhurP36zF3vvpd65r38eBixd3cbX70sJICAAAAAAAA4KS9sfDFp599Ut6q/8efudtstv+/X09Gkpwr/nQiCxvrqwNWNJrcTPJ5OT3eL+i/mi3dc8tyeWL/8edJ88vHbxIAMMD/BQAA//9XD20h")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.events\x00', 0x275a, 0x0)

20.76744617s ago: executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sendmsg$NFNL_MSG_CTHELPER_DEL(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sched_getaffinity(r0, 0x8, &(0x7f0000000180))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000400)={[{@fat=@flush}, {@fat=@nocase}, {@fat=@discard}, {@dots}, {@fat=@dos1xfloppy}, {@dots}, {@nodots}, {@nodots}, {@dots}]}, 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r5, &(0x7f0000000880)="bd3119fab037020de607352a978727cdd46a7ad7671829c16bb1339d3f711b7c5da66f48a8b5842dad66eedf75899eb65d733423ca5651013e1db97f5d192e302ac583ccd19e1e8a3e7812af51f0eea31c5e05cec737cc11a38936d67d4c7cd78351177f51dab5ebe8523e54dd8db33ab6214499c610051df74b67269c9b554b25c70c3238ffaa908675df728ef76e7ae5ee938e025ed07603ec4cc86ee67be10ef6087e7ff0017b358ebee016f08b756cfd2645ccdf335d8b62b630939ba724776a5f2caa487586527f2066b2845e52758b6da2ce07de99165195af70ea9659005901a0f28e90b49a0803ab10698ade4c07337535c2600c45b8c497ab6863ad984815f375df57e5940e5322d90d66c84937e9b7f2356a6e16a026b2393670d370759a4567a87fd2a4d0d5857b9e2559a5a0a857b845f0e1495e8d9b574b0f4d1a55ec8d93c148a50c5c4228c653be69a7d728fa4983e129ec4e7b821ce041be389d37efd40b81a9704e5182b9cdca1f2d3312351e9edaa8ac96088c465a953e0ec3e8f26aa17ea3e1913b4d147141d1aef80b3ed959d14fad4ead4de92e10f0faca7acdce7c712ab95a11ff4c72798565f0794dffc50f5082b52b34a1de7c5609e31e1fcc05fc7dbd73973b5dfc92896f57f5b76fd9df5067eb273f0960560df3dfd00ba068e28812244f700d76da4197bb332245f00112b73659c63dfb854eb8eed1a9881e5c49399b2c6932b540d3464d470cabb65a62fe8119c6543923bb11bfd61db06f5455d202681199fc176e67c4714335e8f479725a37a9dea710b98e3583539fb99a076b773ecf636293b98cc5ce8302e739016b20a70e80d1227c9ac1d2d9324c8bc8312179130a44ad1528b2759f08fecded5aa3eb91f3d54928c59d7bbaeba2cc870e9b767e16e510f2b142e7b249bba2bdc19b10996643a26b9631c4dddcf7e310c7bffeff3d01d22c4e009842059b8e14b3ef308e4bc849fcd77d6fcb2731b1f7a3c00908c1551932784e7ce430d123f4c8249a34d6b347b8507b8a2eb71a6965c5475eb63678da3cfc876dd26971dfe5755eedbe578858e938a039b312466b37a076166fb7c971f14bde339d88bc7ce7acf0cbc005d9dab73da57af154203cace21ee8cc4ab28c98467e61a5258f096aa768b2d8fb2f5618c7686464d2c69d8e817506471369865cc0c1aab81600c5e0c0300eea38c6102c02a2b9432259ccce10be43801ce79a6bb38479c40e9cbba16958d3b24a7a171e8bc3f8dc4788d072bd2f29672f182eeec86ef53400db8416e69b36cdc925322b479ed07a749161af1a03c3d7ed25ac4a43bf2c0e5bbe21cf5e43421adf7f960aca86f06d4e8744fe630571ea5c16e7772fe9b28e6a02d95d8eab4c5062569327f66140e786ae7504850472aea61884e6b05bba6387886a17b6739447e54669d50676543c4eda9b9840865e3930d00ebed9b1eeb4782297edecccaab84e34207ad569fd00a28539395b432b29bc98634a0e335ceacb3370a498095ef22ca0c080781689020e07171b8ff6cabf4fd671eed3fa8aaa54d4d85401803b434332d7724aff7bec9941a07999567a49ae64f9bcbcca4f298497b940a2ab2a0000293362f18da3d16a6dae61e87fe2fc072ec53b0142ccf4d9080f3fd2bc244bc194ee9be3f08d256b99305ddfbef01521d262ae93ccd0c11244a90fa2460b16985e5ae68652f1d8564d5e8d94bfbc3f25f86b1b749ea14e9664bfa53eac14aba49d313689e7f8052a63357348454aee148aa3296c369f969ed9f148841b277538965a6b9832d7b272d21fb773b8d59eb95ad8dcef4f877115aa0179cde53b497d15e5291a3aaef5d46b0d676798c8524d2dd2c579025ef57802dc0450b3c6983f8999a979feacb6661d29a7611305349836ebf7c0946b07dcbc07e6e8f273eded8c7a7cb43048a8c0aa8f0cad9df1bf0b79cada49f30db48a021d7f2ff3ee535af6ef47ac9e1a7a30d7fbfc5955be63b8", 0x58d, 0x0, 0x0, 0x0)
sendto(r5, &(0x7f00000002c0)='%', 0x1, 0x0, 0x0, 0x0)
sendto$inet(r5, &(0x7f00000026c0)='?', 0xd0b9, 0x0, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2032184c, &(0x7f0000001c40)=ANY=[@ANYBLOB="696f636861727365743d61736369692c646973636172642c646d61736b3d30303030303030303030303030303030303030303030b72c7569643d344bfe104e3abadf5ec358", @ANYRES64=r4, @ANYBLOB="2c646d61736b3d30303030303030303030303030303030303030303135322c696f636861727365743d69736f383835392d312c6769643d03c41ca188ec72e4bbefe43e9b003cccf1805ef94f4419f1f1dc2ffaba28b02fd1ff09568b5652df51a48884df875111f6b97ed4cf69b59343b68e578770b60349d3643aad6023d16258b86df4610fec3bf10922b68c4cc68f818f5c851f0232502f2c39d38a2e94deab91abc39181efe54e5fbc9e1dfe93e241640a7a3cd2c1da4df2ba395b452abec9ea85bff3484850ba341726331c3f5370438d541eae8b44da0953827f4072da8c1be72894b9e0f6d4f60a69cdc561292972c47c055062e9976bbaa6eda7c51cdc5d1fe273db15b6f06f78f0360c29e61815dd11656301699582fad53a8ed3413b8f9c69fca7ac6c9c49ce0b517a2069ef2fd60c549fdf52fb2a36499c7952e3b7ee994ae4f71bffd319131e3da5e1896661d8265bd50bce10611b38fc393d070b026fc3964d58fbf5b3c2200d791dc8ba4ef46440008634dac4b51500da29bf4a64c964aad9850043607e636f7f57f8d16c941431c496a11c3d4b492ec6bae33cf85e31b539b8035f653822785e20ce8f49ffd19286fad2aa3994910c94b946cbe315486cf5a9e75453fb559cc775a6308fb821f71d37d8b002ca6685096a749b54d8231ca4587dee0f4960e3ee39563ec704a4c0dde91b8d742d8fdbde7f39a1f2d5feaea74751427ae5bd3202878c54756b0171f58595189533fc2e13a0fc1ae7d0f9dd5c732e6804b62af68ee725f3446eb09f", @ANYRESHEX, @ANYBLOB="0001000000", @ANYRES16, @ANYBLOB=',discard,\x00', @ANYRES64=r4, @ANYRES16=r3, @ANYRES16=0x0], 0x80, 0x1501, &(0x7f0000000500)="$eJzs3Au0jtX2MPA511oPm6Q3yX3NNR/e5LIISS4JuSRJkiS5JSRJjiQkt9ySkITck9xDcoud3O+33JPkSJIkJCRZ39DpfM75Ov/Tv++c/+cbZ8/fGGvsNffzzvnOZ8899vs87x57f9NxSNX61SrVZWb4l+BfPvQAgBQA6A8A1wFABAAls5TMcvl4Bo09/rUnEf9eD02/2h2Iq0nmn7bJ/NM2mX/aJvNP22T+aZvMP22T+adtMn8h0rJtM3JeLyvtLnn/Py2T1///IEeKjP1iQ5EbO/2BFJl/2ibzT9tk/mmbzD9tk/mnbTL//3wV/8kxmX/aJvMXIi272u8/y7q662p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhysMAPx1f7X7EkIIIYQQQgghxL9PSH+1OxBCCCGEEEIIIcT/PAQFGgxEkA7SQwpkgIxwDWSCayEzXAcJuB6ywA2QFW6EbJAdckBOyAW5IQ9YIHDAEENeyAdJuAnyw81QAApCISgMHopAUbgFikFxKAG3Qkm4DUoBJEpDGSgL5eAOKA93QgWoCJXgLqgMVaAqVIO7oTrcAzXgXqgJ90EtuB9qwwNQBx6EuvAQ1IOHoT48Ag3gUWgIjaAxNIGm/1f5L0BXeBG6QXfoAT2hF7wEvaEP9IV+0B9ehgHwCgyEV2EQDIYh8BoMhddhGLwBw2EEjIQ3YRSMhjEwFsbBeJgAb8FEeBsmwTswGabAVJgG02EGzIR3YRbMhjnwHsyF92EezIcFsBAWwQewGJZAKnwIS+EjWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBh/DdtgBO2EX7IY9sBc+gX3wKeyHz+AAfP4H88/9H/mdEBBQoUKDBtNhOkzBFMyIGTETZsLMmBkTmMAsmAWzYlbMhtkwB+bAXJgL82AeJCRkZMyLeTGJScyP+bEAFsBCWAg9eiyKRbEYFscSWAJLYkkshaWwNJbBMlgOy2F5LI8VsAJWwkpYGStjVayKd+PdeA/WwBpYE2tiLayFtbE21sE6WBfrYj2sh/WxPjbABtgQG2JjbIxNsSk2w2bYHJtjS2yJrbAVtsbW2AbbYFtsi+2wHbbH9tgBO2BH7IidsDN2xhfwBXwRX8TuWFn1xF7YC3tjb+yL/bAfvowD8BV8BV/FQTgYh+Br+Bq+jsPwLA7HETgSR2J5NRrH4FhkNR4n4ASciBNxEk7CyTgFp+A0nI4zcCbOxFk4G2fjezgX38f3cT7Ox4W4CBfhYlyCqZiKS/EcLsPluAJX4ipcjatwLa7DtbgBN+IG3IybcStuxY/xY9yBO3AX7sI9uAc/wU/wU/wUB+EBPIAH8SAewkN4GA/jETyCR/EoHsNjeByP4wk8gSfxFJ7GU3gGz+BZPIfn8TxewAt4EZ/L9VW9PQXXDwJ1mVFGpVPpVIpKURlVRpVJZVKZVWaVUAmVRWVRWVVWlU1lUzlUDpVL5VJ5VB5FihSrWOVVeVVSJVV+lV8VUAVUIVVIeeVVUVVUFVPFVAlVQpVUt6lS6nZVWpVRLXw5VU6VVy19BVVRVVKVVGVVRVVV1VQ1VV1VVzVUDVVT1VS1VC1VWz2g6qie2BcfUpcnU18NxgZqCDZUjVRj1US9jo+pZmoYNlctVEv1hBqBw7G1aubbqKdVWzUG26k/qbH4rOqgxmNH9bzqpDqrLuoF1VU1991UdzUZe6peahr2Vn1UX9VPzcIq6vLEqqpX1SA1WA1Rr6mF+Loapt5Qw9UINVK9qUap0WqMGqvGqfFqgnpLTVRvq0nqHTVZTVFT1TQ1Xc1QM9W7apaareao99Rc9b6ap+arBWqhWqQ+UIvVEpWqPlRL1UdqmVquVqiVapVardaotWqdWq82qI1qk9qstqitapv6WG1XO9ROtUvtVnvUXvWJ2qc+VfvVZ+qA+lwdVH9Wh9QX6rD6Uh1RX6mj6mt1TH2jjqtv1Qn1nTqpTqnT6nt1Rv2gzqpz6rz6UV1QP6mL6md1SQUFGrXSWhsd6XQ6vU7RGXRGfY3OpK/VmfV1OqGv11n0DTqrvlFn09l1Dp1T59K5dR5tNWmnWcc6r86nk/omnV/frAvogrqQLqy9LqKL6lt0MV1cl9C36pL6Nl1K365L6zK6rC6n79Dl9Z26gq6oK+m7dGVdRVfV1fTdurq+R9fQ9+qa+j5dS9+va+sHdB39oK6rH9L19MO6vn5EN9CP6oa6kW6sm+im+jHdTD+um+sWuqV+QrfST+rW+indRj+t2+pndDud7tfXued0R/287qQ76y76Z31JB91Nd9c9dE/dS7+ke+s+uq/up/vrl/UA/YoeqF/Vg/RgPUS/pofq1/Uw/YYerkfokfpNPUqP1mP0WD1Oj9cT9Ft6on5bT9Lv6Ml6ip6qp+npeobu+2ulOf+N/Lf/Qf7AX559q96mP9bb9Q69U+/Su9OD3qv36n16n96v9+sD+oA+qEP3v5zfYX1EH9FH9VF9TB/Tx/VxfUKf0Cf1Kf2j/l6f0T/os/qcPqd/1Bf0BX3x168BGDTKaGNMZNKZ9CbFZDAZzTUmk7nWZDbXmYS53mQxN5is5kaTzWQ3OUxOk8vkNnmMNWScYRObvCafSZqbTH5zsylgCppCprDxpogpam75l/N/r7+mpqlpZpqZ5qa5aWlamlamlWltWps2po1pa9qadqadaW/amw6mg+loOppOppPpYrqYrqar6Wa6mR6mh+llXjK9TR/T1/Qz/c3LZoAZYAaagWaQGWSGmCFmqBlqhplhZrgZbkaakWaUGWXGmDFmnBlnJpgJZqKZaCaZSWaymWymmqlmupluZpqZZpaZZeaYOWaumWvmmXlmgVlgFplFZrFZbFJNqllqlpplZrlZblaalWa1WW3WmrVmvVlvNpqNZrPZbJaZbWab2W62m51mp9ltdpu9Zq/ZZ/aZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlhTpiT5qQ5bU6bM+aMOWvOmvPmvLlgLpiL5qK5ZC5dvuyLVKQiE5koXZQuSolSooxRxihTlCnKHGWOElEiyhJlibJGN0bZouxRjihnlCvKHeWJbESRiziKo7xRvigZ3RTlj26OCkQFo0JR4chHRaKi0S1Rsah4FAFAyei2qFR0e1Q6KhOVjcpFd0TlozujClHFqFJ0V1Q5qhJVjapFd0fVo3uiv16Z1oruj2pHD0R1ogejutFDUb3o4ah+9EjUIHo0ahg1ihpHTaKmUfGoRHRr9Efq14jujWpG90W/rR/C2eyP+262u+1he9pe9iXb2/axfW0/29++bAfYV+xA+6odZAfbIfY1O9S+bofZN+xwO8KOtG/aUXa0HWPH2nF2vJ1g37IT7dt2kn3HTrZT7FQ7zU63M+xM+66dZWfbOfY9O9e+b+fZ+XaBXWgX2Q/sYrvEptoP7VL7kV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9stdqvdZj+22+0Ou9PusrvtHrvXfmL32U/tfvuZPWA/twftn+0h+4U9bL+0R+xX9qj92h6z39jj9lt7wn5nT9pT9rT93p6xP9iz9pw9b3+0F+xP9qL92V6y4fLF/eWXdzJkKB2loxRKoYyUkTJRJspMmSlBCcpCWSgrZaVslI1yUA7KRbkoD+Why5iY8lJeSlKS8lN+KkAFqBAVIk+eilJRKkbFqASVoJJUkkpRKSpNpakslaU76A66k+6kilSR7qK7qApVoWpUjapTdapBNagm1aRaVItqU22qQ3WoLtWlelSP6lN9akANqCE1pMbUmJpSU2pGzag5NaeW1JJaUStqTa2pDbWhttSW2lE7ak/tqQN1oI7UkTpRJ+pCXagrdaVu1I16UA/qRb2oN/WmvtSX+lN/GkADaCANpEE0iIbQEBpKQ2kYDaPhNIJG0ps0ikbTGBpL42g8TaAJNJEm0iSaRJNpMk2lqTSdptNMmkmzaBbNoTk0l+bSPJpHC2gBLaJFtJgWUyql0lJaSstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpC22gbbafttJN20m7aTXtpL+2jfbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO0wk6QSfpJJ2m03SGztBZOkvn6TxdoJ/oIv1MlyhQilOQ0V3jMrlrXWZ3nUtxGdzfxjlcTpfL5XZ5nHXZXPa/i8k5V8AVdIVcYeddEVfU3fKbuLQr48q6cu4OV97d6Sr8Jq7u7nE13L2uprvPVXN3/11cy93vartHXB33qKvrGrl6romr7x5xDdyjrqFr5Bq7Jq6Ve9K1dk+5Nu5p19Y985t4sVvi1rn1boPb6Pa5T91596M75r5xIf1Prpvr7vq7l90A94ob6F51g9zg38Qj3ZtulBvtxrixbpwb/5t4qpvmprsZbqZ7181ys38TL3IfuLku1c1z890Ct/CX+HJPqe5Dt9R95Ja55W6FW+lWudVujVv7v3td6Ta7LW6r2+s+cdvdDrfT7XK73Z5f4svnsd995g64z91R97U75L5wh91xd8R99Ut8+fyOu2/dCfedO+lOudPue3fG/eDOunO/nP8F95P73v3sLrnggJEVazYccTpOzymcgTPyNZyJr+XMfB0n+HrOwjdwVr6Rs3F2zsE5ORfn5jxsmdgxc8x5OR8n+SbOzzdzAS7Ihbgwey7CRfkWLsbFuQTfyiX5Ni7Ft3NpLsNluRzfweX5Tq7AFbkS38WVuQpX5Wp8N1fne7gG38s1+T6uxfdzbX6A6/CDXJcf4nr8MNfnR7gBP8oNuRE35ibclB/jZvw4N+cW3JKf4Fb8JLfmp7gNP81t+Rlux3/i9vwsd+DnuCM/z524M3fhF7grv8jduDv34J7ci1/i3tyH+3I/7s8v8wB+hQfyqzyIB/MQfo2H8us8jN/g4TyCR/KbPIpH8xgey+N4PE/gt3giv82T+B2ezFN4Kk/j6TyDZ/K7PItn8xx+j+fy+zyP5/MCXsiL+ANezEs4lT/kpfwRL+PlvIJX8ipezWt4La/j9byBN/Im3sxbeCtv4495O+/gnbyLd/Me3suf8D7+lPfzZ3yAP+eD/Gc+xF/wYf6Sj/BXfJS/5mP8DR/nb/kEf8cn+RSf5u/5DP/AZ/kcn+cf+QL/xBf5Z77EgSHGWMU6NnEUp4vTxylxhjhjfE2cKb42zhxfFyfi6+Ms8Q1x1vjGOFucPc4R54xzxbnjPLGNKXYxx3GcN84XJ+Ob4vzxzXGBuGBcKC4c+7hIXDS+JS4WF49LxLfGJePb4lLx7XHpuEz8yH3l4jvi8vGdcYW4YlwpviuuHFeJq8bV4rvj6vE9cY343rhmfF9cIr4/rh0/ENeJH4zrxg/F9eKH4/rxI3GD+NG4Ydwobhw3iZvGj8XN4sfj5nGLuGX8RNwqfjJuHT8Vt4mfjtvGz/zu8R5xz7hX/FL8UhzCvXpBcmFyUfKD5OLkkmRq8sPk0uRHyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmNyU3Jzcktya3JEKqlB49eee2Nj3w6n96n+Aw+o7/GZ/LX+sz+Op/w1/ss/gaf1d/os/nsPofP6XP53D6Pt5688+xjn9fn80l/k8/vb/YFfEFfyBf23hfxRX0T39Q39c384765b+Fb+if8E/5J/6R/yj/ln/Zt/TO+nf+Tb++f9R38c/45/7zv5Dv7Lv4F39W/6Lv57r6H7+F7+V6+t+/t+/q+vr/v7wf4AX6gH+gH+UF+iB/ih/qhfpgf5of74X6kH+lH+VF+jB/jx/lxfoKf4Cf6iX6Sn+Qn+8l+qp/qp/vpfqaf6Wf5WX6On+PnFpjr5/l5foFf4Bf5RX6xX+xTfapf6pf6ZX6ZX+FX+FV+lV/j1/h1fp3f4Df4TX6T3+K3+G1+m9/ut/udfqff7Xf7vX6v3+f3+f1+vz/gD/iD/qA/5A/5w/5Lf8R/5Y/6r/0x/40/7r/1J/x3/qQ/5U/77/0Z/4M/68/58/5Hf8H/5C/6n/0lH/yExFuJiYm3E5MS7yQmJ6YkpiamJaYnZiRmJt5NzErMTsxJvJeYm3g/MS8xP7EgsTCxKPFBYnFiSSI18WFiaeKjxLLE8sSKxMrEqsTqRAi5t8chb8gXkuGmkD/cHAqEgqFQKBx8KBKKhltCsVA8lAi3hpLhtlAq3B5KhzKhbHg0NAyNQuPQJDQNj4Vm4fHQPLQILcMToVV4MrQOT4U24enQNjwT2oU/hfbh2dAhPBc6hudDp9A5dAkvhK7hxdAtdA89Qs/QK7wUeoc+oW/oF/qHl8OA8EoYGF4Ng8LgMCS8FoaG18Ow8EYYHkaEkeHNMCqMDmPC2DAujA8TwlthYng7TArvhMlhSpgapoXpYUaYGd4Ns8LsMCe8F+aG98O8MD8sCAvDovBBWByWhNTwYVgaPgrLwvKwIqwMq8LqsCasDevC+rAhbAybwuawJWwN28LHYXvYEXaGXWF32BP2hk/CvvBp2B8+CwfC5+Fg+HM4FL4Ih8OX4Uj4KhwNX4dj4ZtwPHwbToTvwslwKpwO34cz4YdwNpwL58OP4UL4KVwMP4dL8jdrQgghhBD/LVuy/fPjPf/B59Sv67JeAHDtjpxH/va4BoBNv9bto3K1SgDA0907PvTXVblyjx49fn3sMg1RvvkAkLiS/8tvbH6Nl0NLeBLaQAso9g/766M6X+DfqZ+8DSDj3+SkwJX4Sv3i/0X9x54YubhUfD7LP6k/H6BAvis5GeBKfKV+if+ifvZmv9N/hi8mADT/m5xMcCW+Ur8oPA7PQJu/e6QQQgghhBBCCPEXfVTZ9r93/3z5/jyXuZKTHq7Ev3d/LoQQQgghhBBCiKvv2c5dnnqsTZsW7WUjG9n8T21Cd4D/D9r4I5ur/ZNJCCGEEEII8e925aL/ancihBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKkXf8v/p3Y1T5HIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ4mr7XwEAAP//RQ42MA==")
write$binfmt_script(r4, &(0x7f00000008c0), 0xfecc)

18.346903659s ago: executing program 3:
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_CLASS={0x6}}}}]}, 0x38}}, 0x0)

17.832097181s ago: executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, {{0x2, 0x0, @loopback}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000000340)=""/225, &(0x7f0000000140)=0xe1)

17.789816125s ago: executing program 3:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r0, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private1}}, 0x24)

5.976307244s ago: executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0x10000)
ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x10001, 0x0, "59c27c65a78308634e78299ef68057107ea354"})
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000))

5.776290677s ago: executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x1a8, 0x4)
sendto$inet6(r0, 0x0, 0x2, 0x0, &(0x7f0000000300)={0xa, 0xe20, 0x0, @local}, 0x1c)

5.537881417s ago: executing program 2:
socket(0x10, 0x3, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000200)={0x2f, 0x4, 0x0, {0x3, 0xfffffffffffffffb, 0x7, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x2f)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000080), 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(0xffffffffffffffff, 0x1, &(0x7f0000000340)={0x2000}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000100)=0x8b, 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000200)=[@in6={0xa, 0x0, 0x0, @loopback}]}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000280)={0x0, 0xc4, "909a461440f330194253af245296ab7c2cb3b890c53ec902f363aa0f39e82e6f3c1747002966c913d5c229ea72e146601b746bb498b30d73700b3045afb9249fa99bc6c540551bdaf1aed6b100e1a31ff089b20e0b93c046d760821fba95fc03a47c98de9dc88a198603e2b5bb294104c2d9fcfcfd9b40cb0a076a339dd899fabbf45dc3e6915b4550dfccd0b972e127cff64634a7fcef33285884470d9a7fde7a837eff786f145ebdf1695e5fdbc7b5abc7203ed952438ec8b53da62d24d5f647248cdd"}, &(0x7f0000000080)=0xcc)

4.80247097s ago: executing program 4:
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x12, r2, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080))

4.302527045s ago: executing program 2:
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000000c0)=0x2, 0x4)
ioctl$sock_proto_private(r0, 0x89e0, &(0x7f0000001080))

3.825818175s ago: executing program 0:
r0 = openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_script(r0, &(0x7f0000000580)={'#! ', './file0', [{0x20, 'Wx\xbd\x0e\xba-\xef\xdd\xe7\xd5\xce\x10\xc0\xb1K\xbd\xf8y<D\xc7\xca\x99\x9b\x10\xa9k\x98\x98\xd2\xd0\xd4\xa7=\xff\xdbd\xf2\xc5\xcf+\b\x8c\xb7h\xc1#\xe3\xc4\xe3\xd4v\xcf\xa1\\_\xd4\n\xa6l\xba\x90\x82\xd2\x11,k7\xb0N\xfe\x8c\xe0Md<\xec\xa6\xce\x953\xda\x02\xa8{Dj\x98}B4\x8c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbcx[.\xe0\x18\x8f6q\xc7V\xefC\xb4\\]\xa7\x89\xaf\xbe\x89\xc5Hw\x8bd\x05\xd7\xf24\xa8&\xccX\xb6\x16S`g\xb30\x1dQ\xee\xfca\xdf LG\x06\xd4\xe8\xd5\x95a\x96\xa1\x1a\xa4\x86\xb0\xbd8o\x8a\x01\xcd\x9f\xf9{\x17o\x95\x043\xb5J\xd7\xfaJ\xf1\x8f\x19;\xa6yJ\x10#\xf1?\xf1{B\x00O|Uc\xf5\rk\x8f\xea\xe4gz\xacf\xf6\xb1\xe0,p\xf4\xa6C\xf5\xbd`\xb0\xec\xcaH\xc1[$\xe6\xa9\x95\x02\x82P|\xcd%\xfa5y\xdb\xc5\x91\xa1\x9f\x95\x9eQ\xe27\xeaxu\xbb\xb3\xc07\xf7\f\xec\xdb-\xab\xb4ayk\x9c\xa4Z\xde,\xf2\\\x022&!JuL:\xc4\xb8kE\xa1\x0e^>'}]}, 0x136)

3.255732668s ago: executing program 2:
fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000140)='ro\x00\x04\x05j3\xd6\xe3\x1f!9\x15d/\x19\x02E\x91\x14\xca<dBN\x8b\\\x85\xe7\xf3\xae\xa2(P\xdb\xaf\x06\x1c\v\xaa9\x8eL\x17\xa3\x9a\xa8_\xa1b\xca\xf1+\x04I\x13\xb3\xe5\ac\x13\b\x8fG*<\xab\x04\xea\x1e\xdd\xce\xed\x93\xeb\x87x,w\a\x93\\\xfe\xc8\xee\x13>\xfeT\x04\"\x00\xf7\x16\'\xe7\x1e+\x7f\x93\xb2\xe1\xb5\x04i]\xdd\xdd\xc3\xf6\xf7\xc4B\xf8\xd0\xa5+\xc3\x1amJ\x8c\x8aF\xb3\xb1O\xfbL%\xceI\xc7Od\xfe\xa0`I\x1d\xb0\x97\x1a$6\x96\xb8zF/\xd2:\x8fG\x00\x00\x00\x00\x00\x00\x00', 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58c04"])

3.20765243s ago: executing program 0:
r0 = memfd_create(&(0x7f0000000080)='{\x00', 0x0)
fsync(r0)

3.005485701s ago: executing program 0:
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="2c0000003b0007010000000000000000047c0000040000001400018006000600800a000000000000e0000001"], 0x2c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x3, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000016c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff08004900002c0400000000019078ac1414bbac1414bb44100c000000000000000000000000000800907800000000"], 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfb}, 0xc)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000004c0)=0xe)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
fsetxattr(r1, &(0x7f0000000340)=@known='system.posix_acl_access\x00', &(0x7f0000000500)='/\x00', 0x2, 0x1)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYRESDEC=r2], 0x64}}, 0x0)
kexec_load(0x0, 0x2, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x10000}, {0x0, 0x0, 0x3e0000}], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f00000001c0)={0x8, 0x7, 0x6, 0x401, 0x19, "1587bf7f165487b3"})
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r5 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
faccessat2(r4, &(0x7f0000000580)='./file0/file0\x00', 0x15, 0x100)
unlink(0x0)
write$P9_RSTAT(r5, 0x0, 0x1001)

2.893413101s ago: executing program 1:
fsetxattr(0xffffffffffffffff, &(0x7f0000000000)=@random={'security.', 'trusted.overlay.metacopy\x00'}, 0x0, 0x19, 0x0)
r0 = inotify_init()
fcntl$setownex(r0, 0x5, &(0x7f0000000000))

2.832758856s ago: executing program 2:
socket$packet(0x11, 0x2, 0x300)
syz_emit_ethernet(0x2e, &(0x7f0000000280)={@local, @random="7f0a6fa40011", @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@ssrr={0x89, 0x3}]}}, @echo_reply={0x3c}}}}}, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
listen(r0, 0x1000000)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(r2, &(0x7f0000001d80)=[{{&(0x7f0000000980), 0x80, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/43, 0x2b}], 0x1, &(0x7f0000000a00)=""/110, 0x6e}, 0x8}, {{&(0x7f0000000a80)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000000e80)=[{&(0x7f0000000bc0)=""/99, 0x63}, {&(0x7f0000000200)=""/4, 0x4}, {&(0x7f0000000d40)}, {&(0x7f0000000d80)=""/251, 0xfb}], 0x4, &(0x7f0000000ec0)=""/68, 0x44}, 0x3}, {{&(0x7f0000001000)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f0000000f40)}}, {{&(0x7f00000014c0)=@ieee802154, 0x80, &(0x7f0000001600)=[{&(0x7f0000001540)=""/139, 0x8b}], 0x1, &(0x7f0000003140)=""/4096, 0x1000}, 0xec1}, {{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000001640)=""/91, 0x5b}, {&(0x7f0000004140)=""/4096, 0x1000}], 0x2, &(0x7f0000001a40)=""/200, 0xc8}, 0x6e2}], 0x5, 0x40002061, &(0x7f0000001b40)={0x77359400})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000340)})
sendmsg$unix(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000240)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000000cc0)=[{&(0x7f0000000440)="ff915a45d7c5f7c8568ebdc57386a19e302e55f53d1b2a9388fd12ad903c29d3e976d8100612cd0800000000000000d7a274b8c2401413676458fa504e09e887ef6ff0cdd758010df00f564a11c1713dbcabd72ba811021faee1ac8d79bebdc3fe43f43c66e89dd70c176a25738767a6a417a9ef94cf1b85c3d2", 0x7a}, {&(0x7f0000000500)="06bab070b09e636fc7e486e1c1f34a4c06c3a6a3630fbb1ed4b84bb6e674968e67310078013dc9f2503b01004c93ba0f4ca556bae048a362dd2f00"/74, 0x4a}, {&(0x7f0000000c40)="ec32075af1322e1c7e56eb9fcbba3252033944c118ac35c5373bec014f4bdb6c4de024a1b6565077626daaac314db078b7568221bd5e8259c1e32a3af2c680a86a67ff0df9", 0x45}, {&(0x7f00000013c0)="a9ef4d07e893054155829967a251655a0f074e8c92d77db90c391c6fc8e119ad2021b5aa814e26805a1de486be6a34e7d46dfe23ed511e7c000084272cbef991ce0b0b6600e9c680beae8e6bf430af34c60f7b2083256d2d5e91ca2ceb9d2492c2f507bbf77adbfffda6b088582edb495fb2526892750995e30868b8c897cc972329a6ddef3ba1922141981efdd51c2a495a181d1de8a9d0b3f461a1f28506fec8f77e3b222c28090ed3965bf68fd981d18c0400452b83fe05c128995b8a173133c73debd4b410bd328942f0d02c9d05ba14dd87f872d0e35a2652324b", 0xdd}, {&(0x7f00000006c0)="057fd08656a165bd0dccb631c436c81971cae814c374abb2401493d87b7ecdf51e98b91c95c1d78878911c02c326cec93b8bfa168428fce1e9eeed0444eacbe8a3c5992f844221b9651a50fbe693675fcdbabc590979027e059bf227e65108bbb0a9f337a3f110fd12cb4141d126d600cd4b5aeed5019bb1d589523b61ef61cde70d51f84d9d719b300084552c3ba2d9c799de1c75e1049889dc118828b7764e30291077aefb1535d1a1d51dd8beb2435713b5eff84397a4a4c03db093dfc74840835bb91d4dffea1051fdc62f6b81da8336aee50300b2b2922323ed021d", 0xde}, {&(0x7f00000007c0)="a854f23e82daddef695070a2506f0bfc18f4a4c6b07f160b7037122633343c67302980e5bb01c03eb16e705487c7399acc513292", 0x34}], 0x6, &(0x7f0000001780)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="92e58f85c9cb98dbfd140e13c0b2121f1c039f13af64a68d0751135db097479c0d4a925be660c2230e5b49126ed89a8bd98bdab7547eb3048646839bace09a6c97a6167d130a650db45897adce5ea0d4d4776e7c76939526133a873b41544e86d824fe094f0990a528813d68120355d478cb419fc8e96fd023c503000039363f2b9a600a5e844de28fe013976ea65fbcff75cb00"/157, @ANYRES8=r4, @ANYRES32=0xee00, @ANYRES8=r1, @ANYRESHEX=r4, @ANYBLOB="84e4a386d0000000000000c1000000f4afc6f5b822ccd68e74085bd705009f16234970de5b5a6ab0880d2b1bb72dc63c72ecfc629d753e09a854e6d26c7449454e6b830b468663dd3e8c80203352ee597db9e330e4ee9312363d9171b1a5584b1d9b58fdb58bcb766233319815b12a8fecc92bb50b59", @ANYRES64=r0, @ANYRES8=<r5=>0xffffffffffffffff, @ANYBLOB="000000001cf8fe961a00000000000000000000003b23ae645bf1c385a2556f8637d97aef6e4ba95ab8ee31488b4f9bd2e737e5abda190300894ed9dc6dfaaa0ae8564310db9033e45b10ddf8d23b9cdbe6fd26e5fa80322543fd6ac43b818728b6fa8a8bdb79c631e55ae52f26a4c8705b0337bb06a6b806dfcf5ad1a5bf4fc33ea56ef4750ad9c04fc6d06c21a4de8b227c25779633752320db8394189b0d9d3cc610b2d7751d13933baafc7bfd581bec18de092fd9237d9857accfdc12f56f8bea6c4764765bcee38d38325dd2b5efa23424f5d7547733e099c3a2ef4e53f83ed022b78a02e4d089c70985514d17b60bd00000", @ANYRES32=0x0, @ANYRES8=r3, @ANYRESDEC, @ANYRESOCT=r1], 0xa0}, 0x20000041)
setsockopt$inet6_int(r1, 0x29, 0x38, &(0x7f0000000180), 0x4)
syz_extract_tcp_res$synack(&(0x7f0000000000)={<r6=>0x41424344}, 0x1, 0x0)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001c00), 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x2}, 0x38)
pipe(&(0x7f0000001080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001100)={0x18, 0xe, &(0x7f0000000580)=ANY=[@ANYBLOB="086f010005000000b7080000000000007b8af8ff00000000b7080000030000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70085000000a5000010000000000000"], &(0x7f00000004c0)='syzkaller\x00', 0x2, 0x89, &(0x7f0000000b00)=""/137, 0x41100, 0x10, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000f80)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000fc0)={0x2, 0x3, 0x59b, 0xd8}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000010c0)=[0xffffffffffffffff, r8, r9], 0x0, 0x10, 0x4}, 0x90)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x9, 0x0, r4, 0x7, '\x00', 0x0, r9, 0x4}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000016c0)={0x11, 0x11, &(0x7f0000000600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x23}, {{0x18, 0x1, 0x1, 0x0, r11}}, {}, [@map_val={0x18, 0xa, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0x5}], {{}, {}, {0x85, 0x0, 0x0, 0x1}}}, &(0x7f00000001c0)='syzkaller\x00', 0x7, 0xe6, &(0x7f0000000800)=""/230, 0x40f00, 0x4a, '\x00', 0x0, 0x0, r10, 0x8, &(0x7f0000000300)={0xa, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000900)=[{0x2, 0x5, 0xa, 0x2}, {0x0, 0x3, 0xf}, {0x4, 0x1, 0x10}, {0x1, 0x3, 0x4, 0xc}, {0x1, 0x4, 0xb, 0x6}, {0x0, 0x3, 0xa}], 0x10, 0x3}, 0x90)
sendmmsg$inet6(r7, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1=0xe0000010}}, 0x1c, 0x0}}], 0x6c00, 0x0)
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010000100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32=r6, @ANYBLOB="0a001b000000000000000000"], 0x2c}, {&(0x7f0000002bc0)=ANY=[@ANYRES32, @ANYRESDEC, @ANYRESHEX, @ANYRESOCT=r7, @ANYRES32=r0, @ANYRES8=r5, @ANYRESOCT=r6, @ANYRESOCT=r1, @ANYRES64], 0x200}, {&(0x7f00000030c0)=ANY=[@ANYRES8, @ANYRES16=r9, @ANYRESHEX, @ANYRES32=0x0, @ANYBLOB="0400290014007100fcc9000000000000000000000000000000001400560020010000000000000000000000000000d200", @ANYRES32=r7, @ANYRESOCT], 0x3b0}, {&(0x7f00000011c0)=ANY=[@ANYBLOB="6c01001b4971e6a35656afe75d074b437887acc9122b08edd78735e40b661dd47fc0f8970eff8cd61b868901800000000000009db7bd4dad9ca28eb6424af33a078751df7756e14f14e985f9ba15ed68113473eaefae72d7912631fa71dd450114002500000000000000c4d1cbe918706519000108006d00000000000200000000000000000000a10927264953a08d20cc514eaf5e2c", @ANYRES32, @ANYBLOB="0d0007002f5d3a402dd34bcfd20000003c1334834595d3f4e4e63f5d3b7ad1c6d138330cf1e89df2bac44aede49d376ac1cad9609428c0a064dbce92af3f22b51484d8f121b065fc4b5ce25004591bd045208ffebf1a54355ed0712aea727f932e35d97023a78656b8db0b82484b79a61ff29dd0fe1170231abbe632a75af5f43a85e41c401df58a7a2497e3b5231f5a37eee344adfcdd5181569d0a4a195af10d6dd8dcc234469e00b19feeb94b2f72d824e0a2b99e34aaf3d39af4105c4bd413e03a647da81523dfe9333f936010da3278a64a505cd104c8d4f7c41b904804c87e2de405f8f688acfd39991d58caf457dc03e97b2edb2492b32469a2a8228baeb7006114e6379fd0476cbceb1bec9b01babafbfd7d4bee5b76e8e1f42b39f9f84f555ae3a4cbc0f982dee80af161adf46506beeed0bbe67e9a067879a79767698917d6b39bf59332d43ec6b6ec1385182f776ca3d0956b05cbed"], 0x16c}], 0x4}, 0x0)

2.659481834s ago: executing program 1:
r0 = socket$kcm(0x10, 0x2, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = memfd_secret(0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000600)=@bridge_newneigh={0x5c, 0x1c, 0x300, 0x0, 0x27dfdbfd, {0x7, 0x0, 0x0, 0x0, 0x2, 0x43}, [@NDA_DST_IPV6={0x14, 0x1, @empty}, @NDA_PROTOCOL={0x5, 0xc, 0x8}, @NDA_DST_IPV4={0x8, 0x1, @local}, @NDA_DST_IPV6={0x14, 0x1, @remote}, @NDA_PROTOCOL={0x5, 0xc, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000044}, 0x4)
fchown(r4, 0xffffffffffffffff, 0xffffffffffffffff)
r5 = memfd_secret(0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r5, 0x6612)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, 0x0, 0x0)
sendmsg$NL80211_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x8081)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc0189379, &(0x7f00000004c0))
socket$kcm(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r4)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="0401020028000b05d25a806f8c6394f90924fc600d00020004000100ff3582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

1.30310561s ago: executing program 1:
r0 = syz_open_dev$vim2m(&(0x7f0000000340), 0x4000000000001, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000140)={0x0, 0x9, 0x0, "18e889d15b38429faa8ff62438eaed752e68f3a6d09382b392b049e33958b16c"})

1.014070667s ago: executing program 1:
r0 = socket$inet(0x2, 0x3, 0x5)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000080)=0xfffffff7, 0x4)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

927.776483ms ago: executing program 1:
r0 = syz_open_dev$vim2m(&(0x7f0000000680), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000006c0)={0x2, @pix_mp={0x0, 0x0, 0x55595659}})

867.193292ms ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xf, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="1802000000000000000000000000000085b1551db8000000a90000009500d04858e52e850000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000000))
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r3, {0xb, 0x3}, {}, {0x0, 0x5}}}, 0x24}}, 0x0)
unshare(0x20000400)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$802154_dgram(r4, &(0x7f0000000040)={0x24, @long={0x2}}, 0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={r0, 0x58, &(0x7f0000000380)}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r0, 0x58, &(0x7f0000000400)}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000005c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r5, &(0x7f0000000700)={0x0, 0x3000000, &(0x7f00000006c0)={&(0x7f0000000640)={0x1c, r6, 0x703, 0x0, 0x0, {0xb}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}]}, 0x1c}}, 0x0)

490.009913ms ago: executing program 0:
madvise(&(0x7f00004ec000/0x1000)=nil, 0x1000, 0xc)
mremap(&(0x7f00006e8000/0x800000)=nil, 0x800000, 0x4000, 0x0, &(0x7f00001fa000/0x4000)=nil)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)

139.369606ms ago: executing program 0:
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}]}, 0x28}}, 0x0)

0s ago: executing program 0:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7a)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001080)=""/4096, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000002600181100", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x0, 0x8, 0x1}, 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0x20, &(0x7f00000005c0)={&(0x7f00000003c0)=""/121, 0x79, 0x0, &(0x7f00000004c0)=""/237, 0xed}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe2$9p(&(0x7f0000000640), 0x80080)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xb, 0x4, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x11, 0x63, 0xa, 0xff04}, [@call={0x44}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)

kernel console output (not intermixed with test programs):

o keep mac addresses unique to avoid problems!
[  386.945719][   T29] audit: type=1804 audit(1719113977.536:1261): pid=9589 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1275974108/syzkaller.cFJCP3/2/bus" dev="sda1" ino=1935 res=1 errno=0
[  386.957876][ T9598] fuse: Bad value for 'group_id'
[  386.972540][ T9382] batman_adv: batadv0: Interface activated: batadv_slave_0
[  387.018090][   T29] audit: type=1326 audit(1719113977.536:1262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9581 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x0
[  387.020752][ T9150] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.065654][ T9382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.079805][ T9598] Bluetooth: MGMT ver 1.22
[  387.084735][   T29] audit: type=1326 audit(1719113977.556:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9581 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x7ffc0000
[  387.116796][ T9382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.136695][   T29] audit: type=1326 audit(1719113977.556:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9581 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x7ffc0000
[  387.175414][ T9382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.194090][ T9382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.204091][ T9382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.227101][ T9382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.242854][ T9382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  387.254758][ T9382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  387.284940][ T9382] batman_adv: batadv0: Interface activated: batadv_slave_1
[  387.335880][ T9382] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.378179][ T9382] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.407166][ T9382] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.427893][ T9382] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.709051][ T9607] loop3: detected capacity change from 0 to 8192
[  387.718800][ T9607] FAT-fs (loop3): Unrecognized mount option "" or missing value
[  387.747745][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.788994][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.861118][ T2449] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.898244][ T2449] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.579413][ T9647] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  389.051259][ T9630] loop4: detected capacity change from 0 to 40427
[  389.075812][ T9669] mkiss: ax0: crc mode is auto.
[  389.084073][ T9630] F2FS-fs (loop4): invalid crc value
[  389.115976][ T9630] F2FS-fs (loop4): Found nat_bits in checkpoint
[  389.183853][ T9675] mkiss: ax0: crc mode is auto.
[  389.231334][ T9630] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  389.734148][ T9683] syz-executor.4: attempt to access beyond end of device
[  389.734148][ T9683] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  389.750908][ T9683] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  390.703083][ T9700] loop3: detected capacity change from 0 to 2048
[  390.788117][ T9700] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  392.138202][ T9741] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  392.176100][ T9718] loop3: detected capacity change from 0 to 40427
[  392.237303][ T9718] F2FS-fs (loop3): invalid crc value
[  392.353329][ T9718] F2FS-fs (loop3): Found nat_bits in checkpoint
[  393.110815][ T9757] loop0: detected capacity change from 0 to 32768
[  393.263240][ T9757] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  393.272334][ T9757] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  393.329237][ T9757] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  393.346108][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  393.470047][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  393.652423][ T9718] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  393.833513][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 363ms
[  393.870439][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[  393.877690][ T9757] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  394.130052][ T9768] syz-executor.3: attempt to access beyond end of device
[  394.130052][ T9768] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  394.145456][ T9768] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  395.711004][ T9780] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  395.867792][ T9778] loop1: detected capacity change from 0 to 32768
[  395.882787][ T9778] bcachefs (/dev/loop1): error reading superblock: error opening /dev/loop1: EACCES
[  395.932810][ T9784] fuse: Bad value for 'group_id'
[  396.238579][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  396.238605][   T29] audit: type=1804 audit(1719113987.266:1275): pid=9778 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3761750371/syzkaller.QDIo0T/21/bus" dev="sda1" ino=1949 res=1 errno=0
[  397.119632][   T29] audit: type=1800 audit(1719113987.266:1276): pid=9778 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1949 res=0 errno=0
[  397.189802][ T9797] loop0: detected capacity change from 0 to 64
[  397.341514][   T53] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  397.392266][ T9805] loop3: detected capacity change from 0 to 24
[  397.429388][ T9805] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  397.450786][ T9805] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  397.477323][ T9809] loop1: detected capacity change from 0 to 8
[  397.603213][ T9809] loop1: detected capacity change from 0 to 2048
[  397.669795][ T9815] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  397.701969][   T29] audit: type=1800 audit(1719113988.726:1277): pid=9809 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1967 res=0 errno=0
[  397.758369][   T29] audit: type=1326 audit(1719113988.766:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9808 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd71847d0a9 code=0x0
[  398.944641][ T9843] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  399.144352][ T9805] VFS: Lookup of 'file0' in romfs loop3 would have caused loop
[  399.157987][ T9848] delete_channel: no stack
[  399.172127][ T9844] VFS: Lookup of 'file0' in romfs loop3 would have caused loop
[  399.233447][ T9805] VFS: Lookup of 'file0' in romfs loop3 would have caused loop
[  399.706228][ T9836] loop4: detected capacity change from 0 to 32768
[  399.790948][ T9861] loop1: detected capacity change from 0 to 64
[  399.814765][ T9863] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  399.866065][ T9863] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  400.156572][ T9874] delete_channel: no stack
[  400.305766][ T9878] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  400.336014][ T9878] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  400.528269][ T9887] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  400.711754][ T9888] loop2: detected capacity change from 0 to 2048
[  400.928389][ T9896] loop0: detected capacity change from 0 to 2048
[  400.955863][ T9896] NILFS (loop0): invalid segment: Magic number mismatch
[  400.985476][ T9896] NILFS (loop0): trying rollback from an earlier position
[  401.034546][ T9896] NILFS (loop0): recovery complete
[  401.063870][ T9901] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  401.334081][ T9892] loop1: detected capacity change from 0 to 32768
[  401.353520][ T9892] XFS: ikeep mount option is deprecated.
[  401.378769][ T9892] XFS: ikeep mount option is deprecated.
[  401.421798][ T9907] delete_channel: no stack
[  401.511171][ T9909] loop3: detected capacity change from 0 to 128
[  401.546962][ T9909] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  401.570112][ T9909] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  401.726966][   T29] audit: type=1804 audit(1719113992.746:1279): pid=9892 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3761750371/syzkaller.QDIo0T/31/bus" dev="sda1" ino=1966 res=1 errno=0
[  401.758877][   T29] audit: type=1804 audit(1719113992.746:1280): pid=9892 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir3761750371/syzkaller.QDIo0T/31/bus" dev="sda1" ino=1966 res=1 errno=0
[  401.880994][ T9913] loop0: detected capacity change from 0 to 4096
[  402.024788][ T9913] ntfs3: loop0: failed to convert "0080" to cp737
[  402.037213][ T9913] ntfs3: loop0: failed to convert name for inode 1e.
[  402.586937][   T29] audit: type=1400 audit(1719113993.606:1281): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=9943 comm="syz-executor.2" dest=20002 netif=wpan0
[  402.714948][ T9951] delete_channel: no stack
[  402.808226][ T9953] loop0: detected capacity change from 0 to 256
[  403.089526][ T9963] loop1: detected capacity change from 0 to 4096
[  403.360146][ T9981] loop0: detected capacity change from 0 to 256
[  403.369039][ T9981] exfat: Deprecated parameter 'utf8'
[  403.375130][ T9981] exfat: Deprecated parameter 'utf8'
[  403.380811][ T5154] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  403.390099][ T9981] exfat: Deprecated parameter 'utf8'
[  403.412583][ T9981] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  403.572629][ T5154] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  403.583719][ T5154] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  403.609507][ T5154] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  403.621311][ T5154] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  403.634376][ T5154] usb 3-1: Manufacturer: syz
[  403.641872][ T5154] usb 3-1: config 0 descriptor??
[  403.737246][ T5154] rc_core: IR keymap rc-hauppauge not found
[  403.747974][ T5154] Registered IR keymap rc-empty
[  403.754563][ T5154] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  403.767120][ T5154] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input18
[  403.807520][ T9993] loop1: detected capacity change from 0 to 512
[  403.875148][   T29] audit: type=1326 audit(1719113994.896:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9990 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd71847d0a9 code=0x0
[  404.037339][ T9967] loop2: detected capacity change from 0 to 4096
[  404.246365][ T5159] usb 3-1: USB disconnect, device number 7
[  405.043707][T10011] loop0: detected capacity change from 0 to 256
[  405.055064][T10011] exfat: Deprecated parameter 'utf8'
[  405.063818][T10011] exfat: Deprecated parameter 'utf8'
[  405.073100][T10011] exfat: Deprecated parameter 'utf8'
[  405.102721][T10011] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  405.189748][T10017] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  405.521722][T10031] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  405.538635][T10031] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  405.631418][T10040] loop2: detected capacity change from 0 to 512
[  405.666936][T10043] loop1: detected capacity change from 0 to 64
[  405.706690][   T29] audit: type=1326 audit(1719113996.726:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10034 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f291ca7d0a9 code=0x0
[  405.829876][T10049] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  405.928405][T10055] loop3: detected capacity change from 0 to 256
[  405.935927][T10055] exfat: Deprecated parameter 'utf8'
[  405.941946][T10055] exfat: Deprecated parameter 'utf8'
[  405.955612][T10055] exfat: Deprecated parameter 'utf8'
[  405.975544][T10055] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  406.512895][   T29] audit: type=1326 audit(1719113997.536:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291ca7d0a9 code=0x7ffc0000
[  406.542370][T10078] loop0: detected capacity change from 0 to 2048
[  406.571186][   T29] audit: type=1326 audit(1719113997.536:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291ca7d0a9 code=0x7ffc0000
[  406.597278][T10078] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  406.637722][   T29] audit: type=1326 audit(1719113997.536:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f291ca7d0a9 code=0x7ffc0000
[  406.679263][T10079] loop3: detected capacity change from 0 to 4096
[  406.686658][   T29] audit: type=1326 audit(1719113997.536:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291ca7d0a9 code=0x7ffc0000
[  406.711419][T10079] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  406.719399][T10084] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  406.754983][   T29] audit: type=1326 audit(1719113997.536:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291ca7d0a9 code=0x7ffc0000
[  406.792472][   T29] audit: type=1326 audit(1719113997.536:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f291ca7d0a9 code=0x7ffc0000
[  406.829561][   T29] audit: type=1326 audit(1719113997.576:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291ca7d0a9 code=0x7ffc0000
[  406.884777][   T29] audit: type=1326 audit(1719113997.596:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f291ca7a827 code=0x7ffc0000
[  406.938895][   T29] audit: type=1326 audit(1719113997.596:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f291ca404e9 code=0x7ffc0000
[  406.973928][   T29] audit: type=1326 audit(1719113997.596:1293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f291ca7d0a9 code=0x7ffc0000
[  407.010934][   T29] audit: type=1326 audit(1719113997.596:1294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f291ca7a827 code=0x7ffc0000
[  407.062541][   T29] audit: type=1326 audit(1719113997.596:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f291ca404e9 code=0x7ffc0000
[  407.099195][   T29] audit: type=1326 audit(1719113997.596:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291ca7d0a9 code=0x7ffc0000
[  407.201330][   T29] audit: type=1326 audit(1719113997.626:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10080 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f291ca7a827 code=0x7ffc0000
[  407.579809][ T1168] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  407.776809][T10120] [U] 
[  407.786435][ T1168] usb 1-1: config 0 has no interfaces?
[  407.794379][ T1168] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  407.830895][ T1168] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.858145][ T1168] usb 1-1: config 0 descriptor??
[  408.104200][T10129] loop1: detected capacity change from 0 to 4096
[  408.146471][ T5154] usb 1-1: USB disconnect, device number 5
[  408.172307][T10136] loop3: detected capacity change from 0 to 16
[  408.191875][T10136] erofs: (device loop3): mounted with root inode @ nid 36.
[  408.217441][T10136] syz-executor.3: attempt to access beyond end of device
[  408.217441][T10136] loop3: rw=0, sector=8, nr_sectors = 32 limit=16
[  408.591697][T10147] [U] 
[  409.139293][T10153] loop1: detected capacity change from 0 to 32768
[  409.161406][T10153] XFS: ikeep mount option is deprecated.
[  409.170620][T10153] XFS: ikeep mount option is deprecated.
[  409.612357][T10168] loop2: detected capacity change from 0 to 164
[  409.749304][T10168] Unsupported NM flag settings (8)
[  409.784611][ T5114] Bluetooth: Unexpected continuation frame (len 18)
[  410.661128][T10190] loop1: detected capacity change from 0 to 1024
[  410.798229][T10194] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  410.824690][T10194] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  412.801599][T10205] loop3: detected capacity change from 0 to 512
[  412.812524][T10205] EXT4-fs: Ignoring removed oldalloc option
[  412.818637][T10205] journal_path: Lookup failure for './file0'
[  412.824668][T10205] EXT4-fs: error: could not find journal device path
[  414.259134][T10228] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  414.272720][T10228] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  414.504335][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  414.504382][   T29] audit: type=1800 audit(1719114005.376:1303): pid=10230 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1938 res=0 errno=0
[  414.737443][ T5154] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  415.020642][   T29] audit: type=1800 audit(1719114005.406:1304): pid=10230 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1938 res=0 errno=0
[  415.173692][T10234] loop0: detected capacity change from 0 to 1764
[  415.214316][ T5154] usb 4-1: config 0 has no interfaces?
[  415.220529][ T5154] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  415.256408][ T5154] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.276051][ T5154] usb 4-1: config 0 descriptor??
[  415.518010][T10245] loop2: detected capacity change from 0 to 1024
[  415.536748][T10245] EXT4-fs: Ignoring removed nomblk_io_submit option
[  415.586194][ T1168] usb 4-1: USB disconnect, device number 8
[  416.579478][T10251] loop2: detected capacity change from 0 to 128
[  416.788436][   T29] audit: type=1800 audit(1719114007.816:1305): pid=10251 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1941 res=0 errno=0
[  416.821709][   T29] audit: type=1804 audit(1719114007.816:1306): pid=10251 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir68464856/syzkaller.uWhu4H/279/bus" dev="sda1" ino=1941 res=1 errno=0
[  418.485814][T10270] loop1: detected capacity change from 0 to 128
[  418.670890][T10255] loop0: detected capacity change from 0 to 32768
[  418.684780][T10272] loop1: detected capacity change from 0 to 128
[  418.725264][T10255] jfs_rename did not expect dtDelete to return rc = -2
[  418.743194][T10255] ERROR: (device loop0): jfs_rename: 
[  418.743194][T10255] 
[  419.201069][T10278] jfs_mkdir: dtSearch returned -17
[  419.605720][T10277] loop1: detected capacity change from 0 to 1764
[  420.016960][T10282] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  420.049238][T10282] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  420.196373][T10284] loop3: detected capacity change from 0 to 4096
[  420.227090][T10284] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  420.358410][T10284] ntfs3: loop3: failed to convert "c46c" to iso8859-13
[  420.370936][T10284] ntfs3: loop3: failed to convert "c46c" to iso8859-13
[  421.732753][T10288] loop1: detected capacity change from 0 to 32768
[  421.817593][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  422.008417][    T9] usb 4-1: Using ep0 maxpacket: 8
[  422.015128][T10307] loop0: detected capacity change from 0 to 1764
[  422.015929][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  422.062414][    T9] usb 4-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6
[  422.077290][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.099170][    T9] usb 4-1: config 0 descriptor??
[  422.396860][    T9] usb 4-1: USB disconnect, device number 9
[  422.661023][T10316] loop1: detected capacity change from 0 to 512
[  422.678191][T10316] EXT4-fs: Ignoring removed oldalloc option
[  422.684525][T10316] journal_path: Lookup failure for './file0'
[  422.690718][T10316] EXT4-fs: error: could not find journal device path
[  423.544414][T10323] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  423.599008][T10321] loop3: detected capacity change from 0 to 4096
[  423.614039][T10321] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  423.618178][T10325] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
[  423.828816][T10321] ntfs3: loop3: failed to convert "c46c" to iso8859-13
[  423.852498][T10321] ntfs3: loop3: failed to convert "c46c" to iso8859-13
[  424.114334][T10342] loop0: detected capacity change from 0 to 256
[  424.237225][T10339] loop3: detected capacity change from 0 to 8192
[  424.331570][T10339] Dev loop3: RDB in block 1 has bad checksum
[  424.460514][T10353] autofs: Bad value for 'fd'
[  424.681564][T10357] loop2: detected capacity change from 0 to 1764
[  425.090271][ T5154] libceph: connect (1)[c::]:6789 error -101
[  425.200944][ T5154] libceph: mon0 (1)[c::]:6789 connect error
[  425.505670][T10359] ceph: No mds server is up or the cluster is laggy
[  425.750645][T10365] loop3: detected capacity change from 0 to 4096
[  425.767207][T10365] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  425.827996][T10371] netdevsim netdevsim0 @: renamed from netdevsim0 (while UP)
[  425.970242][T10365] ntfs3: loop3: failed to convert "c46c" to iso8859-13
[  425.988239][T10365] ntfs3: loop3: failed to convert "c46c" to iso8859-13
[  426.060969][   T29] audit: type=1326 audit(1719114017.076:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  426.103853][   T29] audit: type=1326 audit(1719114017.076:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  426.161801][   T29] audit: type=1326 audit(1719114017.116:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  426.223128][   T29] audit: type=1326 audit(1719114017.116:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  426.284140][   T29] audit: type=1326 audit(1719114017.116:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  426.338275][   T29] audit: type=1326 audit(1719114017.126:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  426.397233][   T29] audit: type=1326 audit(1719114017.126:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  426.539732][   T29] audit: type=1326 audit(1719114017.126:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2068c7a827 code=0x7ffc0000
[  426.640980][   T29] audit: type=1326 audit(1719114017.126:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2068c404e9 code=0x7ffc0000
[  426.673266][T10367] loop2: detected capacity change from 0 to 40427
[  426.682291][   T29] audit: type=1326 audit(1719114017.126:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  426.737633][T10373] loop1: detected capacity change from 0 to 32768
[  426.876520][T10384] binder: 10380:10384 ioctl 4018620d 0 returned -22
[  427.938411][T10388] loop0: detected capacity change from 0 to 8192
[  427.978924][T10388] Dev loop0: RDB in block 1 has bad checksum
[  428.290909][T10404] loop2: detected capacity change from 0 to 512
[  429.810198][T10428] loop1: detected capacity change from 0 to 64
[  430.212884][T10434] loop1: detected capacity change from 0 to 128
[  430.261011][   T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  430.275519][   T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  430.285912][   T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  430.294300][   T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  430.317694][   T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  430.318000][T10434] Scaler: =================  START STATUS  =================
[  430.342037][   T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  430.377328][T10434] Scaler: ==================  END STATUS  ==================
[  430.750704][T10437] loop3: detected capacity change from 0 to 32768
[  430.783976][T10421] loop0: detected capacity change from 0 to 32768
[  430.798062][T10421] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (10421)
[  430.827168][    T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  430.863985][T10421] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  430.892330][T10421] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  430.906540][T10435] chnl_net:caif_netlink_parms(): no params data found
[  430.922147][T10421] BTRFS info (device loop0): using free-space-tree
[  430.992593][  T113] ERROR: (device loop3): diFree: numfree > numinos
[  430.992593][  T113] 
[  431.037121][    T9] usb 2-1: Using ep0 maxpacket: 16
[  431.049058][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  431.073920][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  431.084267][    T9] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  431.094420][    T9] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  431.109273][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  431.118638][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  431.126858][    T9] usb 2-1: SerialNumber: syz
[  431.145693][    T9] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[  431.156551][    T9] cdc_acm 2-1:1.0: probe with driver cdc_acm failed with error -12
[  431.179251][T10435] bridge0: port 1(bridge_slave_0) entered blocking state
[  431.203989][T10435] bridge0: port 1(bridge_slave_0) entered disabled state
[  431.212116][ T6594] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  431.225285][T10435] bridge_slave_0: entered allmulticast mode
[  431.233601][T10435] bridge_slave_0: entered promiscuous mode
[  431.255288][T10435] bridge0: port 2(bridge_slave_1) entered blocking state
[  431.272737][T10435] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.282949][T10435] bridge_slave_1: entered allmulticast mode
[  431.303510][T10435] bridge_slave_1: entered promiscuous mode
[  431.410147][T10435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  431.441179][T10435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  431.530610][   T45] usb 2-1: USB disconnect, device number 10
[  431.598664][T10435] team0: Port device team_slave_0 added
[  431.626678][T10435] team0: Port device team_slave_1 added
[  431.761173][T10435] batman_adv: batadv0: Adding interface: batadv_slave_0
[  431.793930][T10435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.867164][T10435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  431.899693][T10435] batman_adv: batadv0: Adding interface: batadv_slave_1
[  431.906814][T10435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.988844][T10435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  432.409152][   T53] Bluetooth: hci5: command tx timeout
[  432.490430][T10477] loop3: detected capacity change from 0 to 164
[  432.569796][T10477] Unsupported NM flag settings (8)
[  432.580925][   T53] Bluetooth: Unexpected continuation frame (len 18)
[  433.159005][T10435] hsr_slave_0: entered promiscuous mode
[  433.196850][T10435] hsr_slave_1: entered promiscuous mode
[  433.234744][T10435] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  433.259980][T10435] Cannot create hsr debugfs directory
[  434.115215][T10494] loop3: detected capacity change from 0 to 1024
[  434.495399][   T53] Bluetooth: hci5: command tx timeout
[  434.876381][   T29] kauditd_printk_skb: 43 callbacks suppressed
[  434.876404][   T29] audit: type=1800 audit(1719114025.896:1360): pid=10496 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="file2" dev="sda1" ino=1960 res=0 errno=0
[  435.318486][T10498] binder: 10495:10498 ioctl 4018620d 0 returned -22
[  436.298958][T10502] No such timeout policy "syz0"
[  436.577251][   T53] Bluetooth: hci5: command tx timeout
[  438.651142][   T53] Bluetooth: hci5: command tx timeout
[  439.209082][T10489] netlink: 136 bytes leftover after parsing attributes in process `syz-executor.0'.
[  439.387175][   T29] audit: type=1326 audit(1719114030.406:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10504 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x0
[  439.702576][T10435] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.888498][T10435] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.034626][T10435] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.113421][T10527] loop1: detected capacity change from 0 to 1024
[  440.180809][   T29] audit: type=1800 audit(1719114031.206:1362): pid=10527 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1964 res=0 errno=0
[  440.185573][T10435] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.337820][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  440.344197][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  440.472147][T10530] loop3: detected capacity change from 0 to 1024
[  440.674464][T10435] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  440.711275][T10435] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  440.738125][T10435] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  440.772683][T10435] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  440.842833][   T29] audit: type=1326 audit(1719114031.866:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10533 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  440.950399][   T29] audit: type=1326 audit(1719114031.896:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10533 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  441.028360][   T29] audit: type=1326 audit(1719114031.896:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10533 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  441.063491][   T29] audit: type=1326 audit(1719114031.906:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10533 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  441.101657][   T29] audit: type=1326 audit(1719114031.906:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10533 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  441.293262][   T29] audit: type=1326 audit(1719114031.906:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10533 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  441.468794][T10539] loop0: detected capacity change from 0 to 164
[  441.663689][T10539] Unsupported NM flag settings (8)
[  442.257466][   T29] audit: type=1326 audit(1719114031.916:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10533 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x7ffc0000
[  442.325980][T10435] 8021q: adding VLAN 0 to HW filter on device bond0
[  442.348577][   T29] audit: type=1326 audit(1719114031.916:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10533 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2068c7a827 code=0x7ffc0000
[  442.435217][T10435] 8021q: adding VLAN 0 to HW filter on device team0
[  442.448338][   T29] audit: type=1326 audit(1719114031.916:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10533 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2068c404e9 code=0x7ffc0000
[  442.500121][ T5154] bridge0: port 1(bridge_slave_0) entered blocking state
[  442.510282][ T5154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  442.546611][ T5154] bridge0: port 2(bridge_slave_1) entered blocking state
[  442.546817][ T5154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  442.599301][T10544] netlink: 136 bytes leftover after parsing attributes in process `syz-executor.0'.
[  442.637474][T10435] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  442.715850][T10543] loop3: detected capacity change from 0 to 4096
[  442.795843][T10546] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  443.176474][T10435] 8021q: adding VLAN 0 to HW filter on device batadv0
[  443.387240][ T9150] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 144115188075855872
[  443.417614][ T9150] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=14)
[  443.463787][ T9150] Remounting filesystem read-only
[  443.477215][ T9150] NILFS (loop3): error -5 truncating bmap (ino=14)
[  443.500652][ T9150] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  443.517415][ T9150] NILFS (loop3): discard dirty page: offset=0, ino=2
[  443.525023][ T9150] NILFS (loop3): discard dirty block: blocknr=14, size=4096
[  443.562573][ T9150] NILFS (loop3): discard dirty page: offset=0, ino=6
[  443.576525][ T9150] NILFS (loop3): discard dirty block: blocknr=23, size=4096
[  443.592841][ T9150] NILFS (loop3): discard dirty page: offset=4096, ino=6
[  443.605420][ T9150] NILFS (loop3): discard dirty block: blocknr=24, size=4096
[  443.627671][ T9150] NILFS (loop3): discard dirty page: offset=8192, ino=6
[  443.634953][ T9150] NILFS (loop3): discard dirty block: blocknr=25, size=4096
[  443.657711][ T9150] NILFS (loop3): discard dirty page: offset=0, ino=12
[  443.697095][ T9150] NILFS (loop3): discard dirty block: blocknr=13, size=4096
[  443.706388][ T9150] NILFS (loop3): discard dirty page: offset=663552, ino=3
[  443.728851][T10561] loop0: detected capacity change from 0 to 1024
[  443.744181][ T9150] NILFS (loop3): discard dirty block: blocknr=34, size=4096
[  443.880986][T10435] veth0_vlan: entered promiscuous mode
[  443.937945][T10435] veth1_vlan: entered promiscuous mode
[  444.011644][T10435] veth0_macvtap: entered promiscuous mode
[  444.050506][T10435] veth1_macvtap: entered promiscuous mode
[  444.076732][T10435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.115105][T10435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.138251][T10435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.156038][T10435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.166911][T10435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.217331][T10435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.246000][T10435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.264743][T10568] loop0: detected capacity change from 0 to 4096
[  444.272221][T10435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.297270][T10435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  444.308138][T10435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.317633][   T45] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  444.320551][T10435] batman_adv: batadv0: Interface activated: batadv_slave_0
[  444.374510][T10435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.395460][T10435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.415958][T10435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.435920][T10435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.456148][T10435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.468069][T10435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.507129][T10435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.509294][   T45] usb 4-1: Using ep0 maxpacket: 8
[  444.527082][T10435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.542463][   T45] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  444.557106][T10435] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  444.567197][   T45] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  444.575185][T10435] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  444.598307][   T45] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  444.609787][T10435] batman_adv: batadv0: Interface activated: batadv_slave_1
[  444.616818][   T45] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  444.638755][T10435] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  444.646743][   T45] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  444.657105][T10435] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  444.670769][   T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.702763][T10435] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  444.737315][T10435] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  444.937286][   T45] usb 4-1: GET_CAPABILITIES returned 0
[  444.946458][   T45] usbtmc 4-1:16.0: can't read capabilities
[  445.013740][ T2461] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.044630][ T2461] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.131917][ T5244] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.159127][ T5244] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.409956][T10566] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  445.441365][T10566] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  445.551478][ T5160] usb 4-1: USB disconnect, device number 10
[  446.774267][T10590] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  447.000475][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  447.000496][   T29] audit: type=1326 audit(1719114038.026:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10591 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x7ffc0000
[  447.077093][   T29] audit: type=1326 audit(1719114038.026:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10591 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x7ffc0000
[  447.147108][   T29] audit: type=1326 audit(1719114038.056:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10591 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3970e7d0a9 code=0x7ffc0000
[  447.197189][   T29] audit: type=1326 audit(1719114038.056:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10591 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x7ffc0000
[  447.240401][   T29] audit: type=1326 audit(1719114038.056:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10591 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x7ffc0000
[  447.309059][T10594] loop3: detected capacity change from 0 to 1024
[  447.325726][   T29] audit: type=1326 audit(1719114038.056:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10591 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3970e7d0a9 code=0x7ffc0000
[  447.397100][   T29] audit: type=1326 audit(1719114038.056:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10591 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x7ffc0000
[  447.451966][   T29] audit: type=1326 audit(1719114038.066:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10591 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3970e7a827 code=0x7ffc0000
[  447.507922][   T29] audit: type=1326 audit(1719114038.066:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10591 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3970e404e9 code=0x7ffc0000
[  447.577566][   T29] audit: type=1326 audit(1719114038.066:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10591 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3970e7a827 code=0x7ffc0000
[  447.815178][T10588] loop0: detected capacity change from 0 to 32768
[  447.910492][T10588] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  447.931267][T10588] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  448.011987][T10588] XFS (loop0): Ending clean mount
[  448.023037][T10588] XFS (loop0): Quotacheck needed: Please wait.
[  448.131113][T10588] XFS (loop0): Quotacheck: Done.
[  448.287806][ T6594] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  450.059950][T10626] loop0: detected capacity change from 0 to 1024
[  450.596283][T10634] loop3: detected capacity change from 0 to 1764
[  450.691405][T10634] iso9660: Corrupted directory entry in block 2 of inode 1920
[  451.117229][ T5159] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  451.329439][ T5159] usb 1-1: New USB device found, idVendor=08ca, idProduct=0104, bcdDevice=a6.74
[  451.357168][ T5159] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.396787][ T5159] usb 1-1: config 0 descriptor??
[  451.422580][ T5159] gspca_main: sunplus-2.14.0 probing 08ca:0104
[  451.636048][ T5159] gspca_sunplus: reg_r err -71
[  451.665163][ T5159] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  451.685031][ T5159] usb 1-1: USB disconnect, device number 6
[  452.264900][T10658] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  452.273272][T10658] netlink: 512 bytes leftover after parsing attributes in process `syz-executor.4'.
[  453.153344][   T29] kauditd_printk_skb: 105 callbacks suppressed
[  453.153366][   T29] audit: type=1804 audit(1719114044.176:1501): pid=10672 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1275974108/syzkaller.cFJCP3/119/bus" dev="sda1" ino=1961 res=1 errno=0
[  453.215671][T10672] Invalid ELF header magic: != ELF
[  453.232023][   T29] audit: type=1804 audit(1719114044.216:1502): pid=10672 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir1275974108/syzkaller.cFJCP3/119/bus" dev="sda1" ino=1961 res=1 errno=0
[  453.310637][   T29] audit: type=1804 audit(1719114044.216:1503): pid=10672 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1275974108/syzkaller.cFJCP3/119/bus" dev="sda1" ino=1961 res=1 errno=0
[  454.955907][   T29] audit: type=1804 audit(1719114045.976:1504): pid=10707 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1865966857/syzkaller.GDenlb/314/bus" dev="sda1" ino=1945 res=1 errno=0
[  455.028797][T10707] Invalid ELF header magic: != ELF
[  455.037194][   T29] audit: type=1804 audit(1719114046.016:1505): pid=10707 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1865966857/syzkaller.GDenlb/314/bus" dev="sda1" ino=1945 res=1 errno=0
[  455.084479][   T29] audit: type=1804 audit(1719114046.016:1506): pid=10707 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1865966857/syzkaller.GDenlb/314/bus" dev="sda1" ino=1945 res=1 errno=0
[  455.395347][ T5243] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.482169][T10720] sp0: Synchronizing with TNC
[  455.820445][ T5243] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.856855][ T5114] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  456.870482][ T5114] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  456.880759][ T5114] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  456.900039][ T5243] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.925553][ T5114] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  456.934105][ T5114] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  456.941729][ T5114] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  457.079240][ T5243] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  457.155442][T10740] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  457.404002][ T5243] bridge_slave_1: left allmulticast mode
[  457.414921][ T5243] bridge_slave_1: left promiscuous mode
[  457.427253][ T5243] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.472072][ T5243] bridge_slave_0: left allmulticast mode
[  457.490848][ T5243] bridge_slave_0: left promiscuous mode
[  457.497523][T10748] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  457.513737][ T5243] bridge0: port 1(bridge_slave_0) entered disabled state
[  457.605226][T10741] loop3: detected capacity change from 0 to 32768
[  457.629176][T10750] sctp: [Deprecated]: syz-executor.4 (pid 10750) Use of struct sctp_assoc_value in delayed_ack socket option.
[  457.629176][T10750] Use struct sctp_sack_info instead
[  457.743795][T10741] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  457.932890][T10741] XFS (loop3): Ending clean mount
[  457.941830][T10741] XFS (loop3): Quotacheck needed: Please wait.
[  458.110514][T10741] XFS (loop3): Quotacheck: Done.
[  458.321006][ T9150] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  458.671694][ T5243] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  458.694464][ T5243] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  458.713629][ T5243] bond0 (unregistering): Released all slaves
[  458.752478][ T5243] bond1 (unregistering): Released all slaves
[  459.047624][   T53] Bluetooth: hci4: command tx timeout
[  459.056359][T10776] loop0: detected capacity change from 0 to 8
[  459.098235][T10776] SQUASHFS error: zstd decompression error: 10
[  459.098388][T10776] SQUASHFS error: zstd decompression failed, data probably corrupt
[  459.098446][T10776] SQUASHFS error: Failed to read block 0x91: -5
[  459.098458][T10776] SQUASHFS error: Unable to read metadata cache entry [8f]
[  459.098469][T10776] SQUASHFS error: Unable to read inode 0x11f
[  459.223947][T10776] fuse: Unknown parameter 'fdÿÿÿÿÿÿÿÿ'
[  459.235167][T10776] MTD: Couldn't look up '.': -15
[  459.241825][T10734] chnl_net:caif_netlink_parms(): no params data found
[  459.341719][ T5243] hsr_slave_0: left promiscuous mode
[  459.354600][ T5243] hsr_slave_1: left promiscuous mode
[  459.369582][ T5243] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  459.378429][ T5243] batman_adv: batadv0: Removing interface: batadv_slave_0
[  459.389569][ T5243] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  459.397386][ T5243] batman_adv: batadv0: Removing interface: batadv_slave_1
[  459.446677][ T5243] veth1_macvtap: left promiscuous mode
[  459.456154][ T5243] veth0_macvtap: left promiscuous mode
[  459.457280][ T5159] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  459.464537][ T5243] veth1_vlan: left promiscuous mode
[  459.477324][ T5243] veth0_vlan: left promiscuous mode
[  459.696465][ T5159] usb 5-1: New USB device found, idVendor=08ca, idProduct=0104, bcdDevice=a6.74
[  459.708716][ T5159] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.743148][ T5159] usb 5-1: config 0 descriptor??
[  459.756213][ T5159] gspca_main: sunplus-2.14.0 probing 08ca:0104
[  459.985000][ T5159] gspca_sunplus: reg_r err -71
[  459.992321][ T5159] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  460.005054][ T5159] usb 5-1: USB disconnect, device number 3
[  460.834734][T10781] Falling back ldisc for ptm0.
[  461.009895][T10789] loop0: detected capacity change from 0 to 4096
[  461.020021][T10789] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  461.129390][   T53] Bluetooth: hci4: command tx timeout
[  461.324347][T10791] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  461.539827][ T5243] team0 (unregistering): Port device team_slave_1 removed
[  461.639494][ T5243] team0 (unregistering): Port device team_slave_0 removed
[  462.533563][T10734] bridge0: port 1(bridge_slave_0) entered blocking state
[  462.540923][T10734] bridge0: port 1(bridge_slave_0) entered disabled state
[  462.548354][T10734] bridge_slave_0: entered allmulticast mode
[  462.555818][T10734] bridge_slave_0: entered promiscuous mode
[  462.566436][T10734] bridge0: port 2(bridge_slave_1) entered blocking state
[  462.573871][T10734] bridge0: port 2(bridge_slave_1) entered disabled state
[  462.581946][T10734] bridge_slave_1: entered allmulticast mode
[  462.590463][T10734] bridge_slave_1: entered promiscuous mode
[  462.655223][T10734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  462.678807][T10734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  462.720455][T10734] team0: Port device team_slave_0 added
[  462.741673][T10734] team0: Port device team_slave_1 added
[  462.785296][T10734] batman_adv: batadv0: Adding interface: batadv_slave_0
[  462.793498][T10734] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  462.822588][T10734] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  462.839895][T10734] batman_adv: batadv0: Adding interface: batadv_slave_1
[  462.846864][T10734] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  462.873129][T10734] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  462.924374][T10734] hsr_slave_0: entered promiscuous mode
[  462.933620][T10734] hsr_slave_1: entered promiscuous mode
[  462.940596][T10734] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  462.948907][T10734] Cannot create hsr debugfs directory
[  463.207255][   T53] Bluetooth: hci4: command tx timeout
[  463.422208][T10734] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  463.432361][T10734] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  463.445378][T10734] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  463.462074][T10734] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  463.559325][T10734] 8021q: adding VLAN 0 to HW filter on device bond0
[  463.584331][T10734] 8021q: adding VLAN 0 to HW filter on device team0
[  463.598850][ T5159] bridge0: port 1(bridge_slave_0) entered blocking state
[  463.606018][ T5159] bridge0: port 1(bridge_slave_0) entered forwarding state
[  463.622562][ T5160] bridge0: port 2(bridge_slave_1) entered blocking state
[  463.629790][ T5160] bridge0: port 2(bridge_slave_1) entered forwarding state
[  463.842179][T10734] 8021q: adding VLAN 0 to HW filter on device batadv0
[  463.893858][T10734] veth0_vlan: entered promiscuous mode
[  463.906253][T10734] veth1_vlan: entered promiscuous mode
[  463.950628][T10734] veth0_macvtap: entered promiscuous mode
[  463.961884][T10734] veth1_macvtap: entered promiscuous mode
[  463.981243][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  463.992091][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.004450][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.015397][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.025396][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.039881][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.050098][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.060582][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.070572][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.081059][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.093232][T10734] batman_adv: batadv0: Interface activated: batadv_slave_0
[  464.111370][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  464.122227][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.133316][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  464.143888][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.154319][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  464.165232][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.175349][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  464.186041][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.195955][T10734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  464.206474][T10734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.218914][T10734] batman_adv: batadv0: Interface activated: batadv_slave_1
[  464.233415][T10734] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  464.242768][T10734] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  464.253260][T10734] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  464.263311][T10734] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  464.364913][ T1042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  464.374373][ T1042] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  464.410081][ T1042] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  464.419170][ T1042] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  464.470499][T10807] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  465.289729][   T53] Bluetooth: hci4: command tx timeout
[  465.786795][T10838] loop2: detected capacity change from 0 to 8
[  465.842738][T10838] fuse: Unknown parameter 'fdÿÿÿÿÿÿÿÿ'
[  465.853577][T10838] MTD: Couldn't look up '.': -15
[  465.877543][ T5159] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  466.069269][ T5159] usb 4-1: New USB device found, idVendor=08ca, idProduct=0104, bcdDevice=a6.74
[  466.083786][ T5159] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.120094][ T5159] usb 4-1: config 0 descriptor??
[  466.138068][ T5159] gspca_main: sunplus-2.14.0 probing 08ca:0104
[  466.358627][ T5159] gspca_sunplus: reg_r err -71
[  466.372187][ T5159] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  466.389572][ T5159] usb 4-1: USB disconnect, device number 11
[  467.740883][T10885] loop2: detected capacity change from 0 to 32768
[  470.119376][   T45] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  470.367274][   T45] usb 3-1: Using ep0 maxpacket: 8
[  470.393702][   T45] usb 3-1: config 0 interface 0 has no altsetting 0
[  470.417297][   T45] usb 3-1: New USB device found, idVendor=1bc7, idProduct=1060, bcdDevice=eb.aa
[  470.436870][   T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.472450][   T45] usb 3-1: config 0 descriptor??
[  470.488046][   T45] option 3-1:0.0: GSM modem (1-port) converter detected
[  470.505425][T10896] loop0: detected capacity change from 0 to 32768
[  470.681903][ T5114] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  470.695883][ T5114] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  470.708898][ T5114] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  470.722640][ T5114] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  470.735532][ T5114] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  470.743283][ T5114] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  470.791547][   T29] audit: type=1804 audit(1719114061.816:1507): pid=10908 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1098869807/syzkaller.wlY2md/14/file0" dev="sda1" ino=1941 res=1 errno=0
[  470.831385][ T9557] usb 3-1: USB disconnect, device number 8
[  470.839096][ T9557] option 3-1:0.0: device disconnected
[  471.173328][T10926] chnl_net:caif_netlink_parms(): no params data found
[  471.332596][T10926] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.340371][T10926] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.349024][T10926] bridge_slave_0: entered allmulticast mode
[  471.356695][T10926] bridge_slave_0: entered promiscuous mode
[  471.369222][T10926] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.380038][T10926] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.388318][T10926] bridge_slave_1: entered allmulticast mode
[  471.395930][T10926] bridge_slave_1: entered promiscuous mode
[  471.533108][T10926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  471.553259][T10926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  471.584945][T10943] loop2: detected capacity change from 0 to 2048
[  471.646405][T10926] team0: Port device team_slave_0 added
[  471.692680][T10926] team0: Port device team_slave_1 added
[  471.796122][T10926] batman_adv: batadv0: Adding interface: batadv_slave_0
[  471.809489][T10926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  471.841512][T10926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  471.882123][T10926] batman_adv: batadv0: Adding interface: batadv_slave_1
[  471.894969][T10926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  471.951255][T10926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  471.968881][T10956] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  472.179951][T10926] hsr_slave_0: entered promiscuous mode
[  472.235450][T10926] hsr_slave_1: entered promiscuous mode
[  472.267176][T10926] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  472.296196][T10926] Cannot create hsr debugfs directory
[  472.588492][T10951] loop3: detected capacity change from 0 to 32768
[  472.623950][T10951] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (10951)
[  472.675568][T10951] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  472.706503][T10951] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  472.730929][T10951] BTRFS info (device loop3): using free-space-tree
[  472.817366][ T5114] Bluetooth: hci6: command tx timeout
[  473.120195][T10926] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  473.206352][T10989] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  473.209449][ T9150] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  473.227203][T10989] bond0: option mode: unable to set because the bond device has slaves
[  473.483561][T10926] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  473.617655][T11005] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  473.825726][T10926] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.021678][T11016] 9pnet_fd: Insufficient options for proto=fd
[  474.060507][T11014] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  474.150058][T10926] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.534198][T10926] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  474.603944][T10926] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  474.629425][T11034] 9pnet_fd: Insufficient options for proto=fd
[  474.661050][T10926] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  474.694236][T10926] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  474.820436][T11036] loop0: detected capacity change from 0 to 4096
[  474.828300][T11037] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.4'.
[  474.866482][T11036] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  474.883269][T11037] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.4'.
[  474.886318][T11036] NILFS (loop0): mounting unchecked fs
[  474.897186][ T5114] Bluetooth: hci6: command tx timeout
[  474.917309][T11036] NILFS (loop0): recovery required for readonly filesystem
[  474.924577][T11036] NILFS (loop0): write access will be enabled during recovery
[  475.024242][T11036] NILFS (loop0): recovery complete
[  475.172947][T10926] 8021q: adding VLAN 0 to HW filter on device bond0
[  475.251334][T10926] 8021q: adding VLAN 0 to HW filter on device team0
[  475.285092][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  475.292406][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  475.357418][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  475.364670][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  475.477500][T11025] loop2: detected capacity change from 0 to 32768
[  475.542082][T11042] loop0: detected capacity change from 0 to 64
[  475.753935][T11032] loop3: detected capacity change from 0 to 40427
[  475.788036][T11032] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  475.807126][T11032] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  475.832184][T11032] F2FS-fs (loop3): Unrecognized mount option "noinline_xaiscard" or missing value
[  476.044055][T10926] 8021q: adding VLAN 0 to HW filter on device batadv0
[  476.246950][T10926] veth0_vlan: entered promiscuous mode
[  476.313158][T10926] veth1_vlan: entered promiscuous mode
[  476.514255][T10926] veth0_macvtap: entered promiscuous mode
[  476.535994][T10926] veth1_macvtap: entered promiscuous mode
[  476.575731][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.606110][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.628677][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.640822][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.657222][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.676864][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.689800][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.707864][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.724991][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.753488][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.767845][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.788379][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.814200][T10926] batman_adv: batadv0: Interface activated: batadv_slave_0
[  476.885574][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.900757][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.911720][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.922419][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.934611][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.967332][T11049] Bluetooth: hci6: command tx timeout
[  476.977676][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  477.011193][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  477.074486][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  477.084533][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  477.103225][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  477.123120][T10926] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  477.147157][T10926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  477.168570][T10926] batman_adv: batadv0: Interface activated: batadv_slave_1
[  477.204257][T10926] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  477.246103][T10926] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  477.277340][T10926] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  477.308334][T10926] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  477.635426][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  477.660369][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  477.741650][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  477.756724][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  477.948914][  T928] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  477.973138][T11076] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
[  478.158577][  T928] usb 5-1: Using ep0 maxpacket: 16
[  478.189805][  T928] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  478.253674][T11049] Bluetooth: hci0: command 0x0406 tx timeout
[  478.260702][T11049] Bluetooth: hci1: command 0x0406 tx timeout
[  478.427887][  T928] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  478.437182][  T928] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.449359][  T928] usb 5-1: config 0 descriptor??
[  479.047508][   T53] Bluetooth: hci6: command tx timeout
[  479.236547][T11070] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  479.289784][T11070] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.367752][  T928] hid (null): unknown global tag 0x83
[  479.386878][  T928] hid-generic 0003:0158:0100.0004: unknown main item tag 0x1
[  479.418857][  T928] hid-generic 0003:0158:0100.0004: unexpected long global item
[  479.439820][  T928] hid-generic 0003:0158:0100.0004: probe with driver hid-generic failed with error -22
[  479.624409][  T928] usb 5-1: USB disconnect, device number 4
[  479.856548][   T29] audit: type=1800 audit(1719114070.876:1508): pid=11105 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1965 res=0 errno=0
[  480.052029][T11085] loop1: detected capacity change from 0 to 32768
[  480.202210][T11111] loop2: detected capacity change from 0 to 2048
[  480.500800][T11118] loop2: detected capacity change from 0 to 64
[  480.901756][T11120] loop1: detected capacity change from 0 to 4096
[  480.932812][T11126] netlink: 'syz-executor.2': attribute type 20 has an invalid length.
[  480.959475][T11126] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  480.959820][T11120] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  481.017249][T11120] NILFS (loop1): mounting unchecked fs
[  481.025546][T11120] NILFS (loop1): recovery required for readonly filesystem
[  481.054952][T11120] NILFS (loop1): write access will be enabled during recovery
[  481.832552][T11120] NILFS (loop1): write access unavailable, cannot proceed
[  482.230924][T11153] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  482.378581][T11158] tipc: Started in network mode
[  482.395094][T11161] loop3: detected capacity change from 0 to 512
[  482.395500][T11158] tipc: Node identity fe80000000000000000000000000003, cluster identity 4711
[  482.420331][T11158] tipc: Enabled bearer <udp:syz0>, priority 10
[  482.437646][T11161] ext4: Unexpected value for 'noauto_da_alloc'
[  484.168188][ T5160] tipc: Node number set to 4269801520
[  484.253238][ T5114] Bluetooth: hci7: command 0x1003 tx timeout
[  484.263763][   T53] Bluetooth: hci7: Opcode 0x1003 failed: -110
[  484.413178][T11184] loop3: detected capacity change from 0 to 1024
[  484.450120][T11184] hfsplus: xattr searching failed
[  484.456201][T11184] hfsplus: xattr searching failed
[  484.496853][T11184] hfsplus: xattr searching failed
[  484.685059][T11197] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  484.750383][T11197] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  485.120450][T11168] loop1: detected capacity change from 0 to 32768
[  485.732742][T11213] loop3: detected capacity change from 0 to 512
[  485.745278][T11213] EXT4-fs (loop3): filesystem is read-only
[  486.959160][T11086] Bluetooth: hci7: sending frame failed (-49)
[  486.970430][ T5114] Bluetooth: hci7: Opcode 0x1003 failed: -49
[  487.182518][T11230] loop3: detected capacity change from 0 to 512
[  487.213639][T11230] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  487.243189][T11230] EXT4-fs (loop3): orphan cleanup on readonly fs
[  487.251364][T11230] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor.3: bg 0: block 264: padding at end of block bitmap is not set
[  487.287773][T11230] EXT4-fs (loop3): Remounting filesystem read-only
[  487.309609][T11230] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2856: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  487.323420][T11230] EXT4-fs (loop3): 1 truncate cleaned up
[  487.339301][T11230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  487.421550][T11245] loop0: detected capacity change from 0 to 128
[  487.697189][ T1168] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  487.742534][T11250] loop0: detected capacity change from 0 to 1024
[  487.756127][T11250] EXT4-fs: Ignoring removed orlov option
[  487.764185][T11250] EXT4-fs (loop0): Test dummy encryption mode enabled
[  487.775478][T11250] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  487.805610][ T9150] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  487.837870][T11250] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  487.897088][ T1168] usb 5-1: Using ep0 maxpacket: 16
[  487.906772][ T1168] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  487.918016][T11255] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  487.924996][ T1168] usb 5-1: config 0 has no interface number 0
[  487.939818][ T1168] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  487.950826][ T1168] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  487.961279][T11255] openvswitch: netlink: VXLAN extension message has 2 unknown bytes.
[  487.971205][ T1168] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  487.980600][ T1168] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  487.988789][ T1168] usb 5-1: Product: syz
[  487.995202][ T1168] usb 5-1: SerialNumber: syz
[  488.011581][ T1168] usb 5-1: config 0 descriptor??
[  488.020487][ T1168] cm109 5-1:0.8: invalid payload size 0, expected 4
[  488.056883][ T1168] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input21
[  488.149017][T11250] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  488.435599][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  488.443598][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  488.450657][    C1] hrtimer: interrupt took 15425066 ns
[  488.456186][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  488.463570][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  488.470831][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  488.478074][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  488.485393][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  488.492608][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  488.499927][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  488.499951][ T5114] Bluetooth: hci3: command 0x0405 tx timeout
[  488.507205][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  488.539404][ T1168] usb 5-1: USB disconnect, device number 5
[  488.539478][    C1] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  488.943568][T11248] loop2: detected capacity change from 0 to 32768
[  489.147260][ T1168] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  489.216112][ T6594] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.307839][T11277] loop3: detected capacity change from 0 to 256
[  489.334137][T11282] loop1: detected capacity change from 0 to 128
[  489.417188][   T29] audit: type=1800 audit(1719114080.426:1509): pid=11277 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="loop3" ino=1048781 res=0 errno=0
[  489.475007][   T29] audit: type=1804 audit(1719114080.436:1510): pid=11277 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1275974108/syzkaller.cFJCP3/159/file1/file0" dev="loop3" ino=1048781 res=1 errno=0
[  489.777899][   T29] audit: type=1326 audit(1719114080.796:1511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11291 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  489.860904][   T29] audit: type=1326 audit(1719114080.796:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11291 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  489.958188][   T29] audit: type=1326 audit(1719114080.826:1513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11291 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  490.000829][T11299] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.0'.
[  490.006847][   T29] audit: type=1326 audit(1719114080.846:1514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11291 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  490.054517][T11299] openvswitch: netlink: VXLAN extension message has 2 unknown bytes.
[  490.118005][   T29] audit: type=1326 audit(1719114080.846:1515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11291 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  490.140370][    C1] vkms_vblank_simulate: vblank timer overrun
[  490.227496][   T29] audit: type=1326 audit(1719114080.846:1516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11291 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  490.255341][   T29] audit: type=1326 audit(1719114080.846:1517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11291 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d7f27a827 code=0x7ffc0000
[  490.277447][    C1] vkms_vblank_simulate: vblank timer overrun
[  490.288789][   T29] audit: type=1326 audit(1719114080.846:1518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11291 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d7f2404e9 code=0x7ffc0000
[  490.309227][T11304] loop2: detected capacity change from 0 to 1024
[  490.310963][    C1] vkms_vblank_simulate: vblank timer overrun
[  490.394273][T11304] EXT4-fs: Ignoring removed orlov option
[  490.632924][T11313] loop0: detected capacity change from 0 to 128
[  491.984537][ T5114] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  492.011933][ T5114] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  492.022590][ T5114] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  492.033765][ T5114] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  492.041651][ T5114] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  492.049143][ T5114] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  492.145705][T11334] netlink: 165 bytes leftover after parsing attributes in process `syz-executor.1'.
[  492.214169][ T1042] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.339369][T11338] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.0'.
[  492.366217][T11338] openvswitch: netlink: VXLAN extension message has 2 unknown bytes.
[  492.420517][T11339] loop1: detected capacity change from 0 to 256
[  492.520155][ T1042] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.643390][T11317] loop3: detected capacity change from 0 to 32768
[  492.715557][T11341] loop0: detected capacity change from 0 to 512
[  492.734918][T11341] EXT4-fs (loop0): blocks per group (95) and clusters per group (32768) inconsistent
[  492.753645][ T1042] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.830427][T11317] find_entry called with index = 0
[  492.880589][T11317] read_mapping_page failed!
[  492.885904][ T1042] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.891734][T11317] ERROR: (device loop3): txCommit: 
[  492.891734][T11317] 
[  492.969264][T11343] jfs_unlink: dtDelete returned -116
[  493.057559][T11343] jfs_unlink: dtDelete returned -116
[  493.346946][ T1042] bridge_slave_1: left allmulticast mode
[  493.353175][ T1042] bridge_slave_1: left promiscuous mode
[  493.359071][ T1042] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.374813][ T1042] bridge_slave_0: left allmulticast mode
[  493.380813][ T1042] bridge_slave_0: left promiscuous mode
[  493.386709][ T1042] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.089107][   T53] Bluetooth: hci5: command tx timeout
[  494.114238][T11364] netlink: 165 bytes leftover after parsing attributes in process `syz-executor.2'.
[  494.399386][T11373] loop2: detected capacity change from 0 to 512
[  494.446385][   T29] kauditd_printk_skb: 15 callbacks suppressed
[  494.446407][   T29] audit: type=1326 audit(1719114085.466:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  494.532689][   T29] audit: type=1326 audit(1719114085.466:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  494.575801][   T29] audit: type=1326 audit(1719114085.466:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  494.616482][   T29] audit: type=1326 audit(1719114085.466:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  494.674219][   T29] audit: type=1326 audit(1719114085.496:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  494.770502][   T29] audit: type=1326 audit(1719114085.506:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  494.847143][   T29] audit: type=1326 audit(1719114085.506:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  494.916377][   T29] audit: type=1326 audit(1719114085.506:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  494.949365][T11359] loop3: detected capacity change from 0 to 40427
[  494.972093][ T1042] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  494.972609][   T29] audit: type=1326 audit(1719114085.506:1542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  495.013189][T11359] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  495.028485][ T1042] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  495.040952][T11359] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  495.051007][   T29] audit: type=1326 audit(1719114085.506:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11366 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d7f27d0a9 code=0x7ffc0000
[  495.083256][ T1042] bond0 (unregistering): Released all slaves
[  495.098793][T11359] F2FS-fs (loop3): invalid crc value
[  495.177943][T11359] F2FS-fs (loop3): Found nat_bits in checkpoint
[  495.222497][ T1042] tipc: Disabling bearer <udp:syz0>
[  495.251265][ T1042] tipc: Left network mode
[  495.352607][T11371] loop0: detected capacity change from 0 to 32768
[  495.422016][T11371] find_entry called with index = 0
[  495.432398][T11371] read_mapping_page failed!
[  495.457212][T11371] ERROR: (device loop0): txCommit: 
[  495.457212][T11371] 
[  495.465756][T11359] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  495.491812][T11359] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  495.511581][T11328] chnl_net:caif_netlink_parms(): no params data found
[  495.513106][T11371] jfs_unlink: dtDelete returned -116
[  495.528644][T11371] jfs_unlink: dtDelete returned -116
[  496.168630][ T5114] Bluetooth: hci5: command tx timeout
[  496.571492][ T1042] hsr_slave_0: left promiscuous mode
[  496.645920][ T1042] hsr_slave_1: left promiscuous mode
[  496.649396][T11401] loop2: detected capacity change from 0 to 128
[  496.688205][ T1042] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  496.706088][ T1042] batman_adv: batadv0: Removing interface: batadv_slave_0
[  496.720120][ T1042] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  496.728476][ T1042] batman_adv: batadv0: Removing interface: batadv_slave_1
[  496.773558][T11405] loop1: detected capacity change from 0 to 512
[  496.785882][ T1042] veth1_macvtap: left promiscuous mode
[  496.792022][ T1042] veth0_macvtap: left promiscuous mode
[  496.800936][ T1042] veth1_vlan: left promiscuous mode
[  496.806331][ T1042] veth0_vlan: left promiscuous mode
[  497.297761][ T5243] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  497.327253][ T5243] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  498.018406][T11419] mmap: syz-executor.1 (11419) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  498.253487][ T5114] Bluetooth: hci5: command tx timeout
[  498.287407][T11423] loop3: detected capacity change from 0 to 4096
[  498.326823][T11423] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  498.418276][T11423] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  498.439374][ T1042] team0 (unregistering): Port device team_slave_1 removed
[  498.609132][ T1042] team0 (unregistering): Port device team_slave_0 removed
[  499.047461][T11434] loop3: detected capacity change from 0 to 512
[  499.113758][T11434] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  499.128425][T11434] ext4 filesystem being mounted at /root/syzkaller-testdir1275974108/syzkaller.cFJCP3/165/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  499.918557][T11445] loop1: detected capacity change from 0 to 512
[  499.953683][T11433] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  500.082733][ T9150] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.113217][T11328] bridge0: port 1(bridge_slave_0) entered blocking state
[  500.124916][T11449] loop0: detected capacity change from 0 to 512
[  500.146311][T11328] bridge0: port 1(bridge_slave_0) entered disabled state
[  500.165848][T11328] bridge_slave_0: entered allmulticast mode
[  500.176794][T11449] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #17: comm syz-executor.0: iget: bogus i_mode (0)
[  500.188289][T11328] bridge_slave_0: entered promiscuous mode
[  500.192711][T11449] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 17 (err -117)
[  500.216444][T11449] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  500.234494][T11328] bridge0: port 2(bridge_slave_1) entered blocking state
[  500.251357][T11328] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.278601][T11328] bridge_slave_1: entered allmulticast mode
[  500.309035][T11328] bridge_slave_1: entered promiscuous mode
[  500.327410][ T5114] Bluetooth: hci5: command tx timeout
[  500.470965][T11459] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  500.528053][T11328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  500.574584][T11328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  500.619997][ T6594] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.844855][T11328] team0: Port device team_slave_0 added
[  500.881750][T11328] team0: Port device team_slave_1 added
[  501.030523][T11328] batman_adv: batadv0: Adding interface: batadv_slave_0
[  501.048988][T11328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  501.074950][    C1] vkms_vblank_simulate: vblank timer overrun
[  501.434485][T11328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  501.763360][T11328] batman_adv: batadv0: Adding interface: batadv_slave_1
[  501.780102][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  501.786603][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  501.898051][T11328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  502.057138][T11328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  502.069065][T11447] loop2: detected capacity change from 0 to 40427
[  502.272669][T11328] hsr_slave_0: entered promiscuous mode
[  502.300605][T11328] hsr_slave_1: entered promiscuous mode
[  502.309224][T11328] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  502.328651][T11328] Cannot create hsr debugfs directory
[  502.664279][T11447] loop2: detected capacity change from 0 to 1024
[  503.595345][T11479] loop0: detected capacity change from 0 to 32768
[  503.608164][T11479] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (11479)
[  503.650591][T11479] BTRFS info (device loop0): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  503.673504][T11479] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  503.685457][T11479] BTRFS info (device loop0): using free-space-tree
[  504.049188][ T6594] BTRFS info (device loop0): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  504.511455][T11524] 9pnet_fd: Insufficient options for proto=fd
[  505.583172][T11328] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  505.635713][T11328] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  505.682917][T11328] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  505.749728][T11536] loop0: detected capacity change from 0 to 2048
[  505.790721][T11328] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  505.861774][T11536] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  505.881570][   T29] kauditd_printk_skb: 61 callbacks suppressed
[  505.881593][   T29] audit: type=1800 audit(1719114096.896:1605): pid=11536 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=1367 res=0 errno=0
[  506.171744][T11544] loop2: detected capacity change from 0 to 64
[  506.180259][T11530] 9pnet: p9_errstr2errno: server reported unknown error I;
[  506.345064][T11328] 8021q: adding VLAN 0 to HW filter on device bond0
[  506.409376][T11328] 8021q: adding VLAN 0 to HW filter on device team0
[  506.530653][T11328] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  506.563278][T11328] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  506.611568][  T928] bridge0: port 1(bridge_slave_0) entered blocking state
[  506.618840][  T928] bridge0: port 1(bridge_slave_0) entered forwarding state
[  506.677772][  T928] bridge0: port 2(bridge_slave_1) entered blocking state
[  506.685040][  T928] bridge0: port 2(bridge_slave_1) entered forwarding state
[  507.697404][T11546] netlink: 'syz-executor.2': attribute type 15 has an invalid length.
[  508.012894][T11328] 8021q: adding VLAN 0 to HW filter on device batadv0
[  509.198343][T11564] loop0: detected capacity change from 0 to 4096
[  509.219115][T11564] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  509.265523][T11564] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  509.526314][   T29] audit: type=1804 audit(1719114100.546:1606): pid=11581 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir4243370905/syzkaller.xM31aF/45/bus" dev="sda1" ino=1969 res=1 errno=0
[  511.751484][ T3727] ntfs3: loop0: ino=5, "/" ntfs3_write_inode failed, -22.
[  511.979892][T11328] veth0_vlan: entered promiscuous mode
[  512.005550][T11605] loop2: detected capacity change from 0 to 64
[  512.061129][T11328] veth1_vlan: entered promiscuous mode
[  512.206551][T11328] veth0_macvtap: entered promiscuous mode
[  512.218860][T11328] veth1_macvtap: entered promiscuous mode
[  512.299345][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.314371][   T29] audit: type=1804 audit(1719114103.336:1607): pid=11614 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1865966857/syzkaller.GDenlb/385/bus" dev="sda1" ino=1958 res=1 errno=0
[  512.329468][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.347753][T11615] loop2: detected capacity change from 0 to 1024
[  512.384578][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.408932][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.431457][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.453547][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.476147][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.497953][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.522154][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.544066][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.565273][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.590449][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.616503][T11328] batman_adv: batadv0: Interface activated: batadv_slave_0
[  512.657826][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.687865][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.709189][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.732751][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.754541][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.790263][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.823965][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.860997][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.883391][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.906171][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.933407][T11328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.974520][T11328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  513.023874][T11328] batman_adv: batadv0: Interface activated: batadv_slave_1
[  513.090872][T11328] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  513.122712][T11328] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  513.143080][T11627] openvswitch: netlink: Missing key (keys=200040, expected=2000)
[  513.153654][T11328] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  513.186218][T11328] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  513.547297][T11133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.555634][T11133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.679131][ T3727] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.701292][ T3727] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.942571][T11658] tmpfs: Bad value for 'mpol'
[  514.134063][ T5158] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  514.260295][T11666] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  514.281489][T11668] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  514.327256][ T5158] usb 5-1: Using ep0 maxpacket: 16
[  514.340131][ T5158] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  514.362735][ T5158] usb 5-1: config 0 has no interface number 0
[  514.377105][ T5158] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  514.397428][ T5158] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  514.400219][T11672] iou-wrk-11671 (11672): drop_caches: 0
[  514.427309][ T5158] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  514.436421][ T5158] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  514.467149][ T5158] usb 5-1: Product: syz
[  514.471430][ T5158] usb 5-1: SerialNumber: syz
[  514.492782][ T5158] usb 5-1: config 0 descriptor??
[  514.511349][ T5158] cm109 5-1:0.8: invalid payload size 0, expected 4
[  514.540466][ T5158] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input22
[  514.667558][T11656] loop1: detected capacity change from 0 to 32768
[  514.681577][T11656] btrfs: Deprecated parameter 'usebackuproot'
[  514.699611][T11656] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  515.020838][    C1] cm109_urb_ctl_callback: 133 callbacks suppressed
[  515.020869][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  515.022089][ T9557] usb 5-1: USB disconnect, device number 6
[  515.027464][    C1] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  515.213188][ T9557] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  515.563514][T11686] loop2: detected capacity change from 0 to 4096
[  517.230480][T11704] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  517.247184][   T29] audit: type=1800 audit(1719114108.266:1608): pid=11706 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=1964 res=0 errno=0
[  517.318067][   T29] audit: type=1804 audit(1719114108.266:1609): pid=11706 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1275974108/syzkaller.cFJCP3/197/file0" dev="sda1" ino=1964 res=1 errno=0
[  517.394871][   T29] audit: type=1800 audit(1719114108.316:1610): pid=11710 uid=0 auid=0 ses=1 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file2" dev="sda1" ino=1970 res=0 errno=0
[  517.731305][T11725] loop2: detected capacity change from 0 to 1764
[  519.145680][T11746] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  519.199584][T11747] netlink: 596 bytes leftover after parsing attributes in process `syz-executor.1'.
[  519.377974][T11752] loop2: detected capacity change from 0 to 512
[  519.415805][T11745] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  519.466211][T11745] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  519.519619][T11745] ipvlan2: entered allmulticast mode
[  519.533195][T11745] veth0_vlan: entered allmulticast mode
[  520.367365][ T1168] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  520.679814][ T1168] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 64, changing to 10
[  520.732105][ T1168] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  520.810841][ T1168] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  520.835990][ T1168] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  520.861315][T11768] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  521.193757][   T29] audit: type=1800 audit(1719114112.216:1611): pid=11785 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="file1" dev="overlay" ino=10 res=0 errno=0
[  521.238761][  T928] usb 1-1: USB disconnect, device number 7
[  522.474256][T11802] loop1: detected capacity change from 0 to 512
[  522.492487][T11802] EXT4-fs: Ignoring removed i_version option
[  522.649710][T11783] loop2: detected capacity change from 0 to 32768
[  522.742446][T11814] loop1: detected capacity change from 0 to 164
[  522.818066][T11814] isofs: isofs_export_get_parent(): child directory not normalized!
[  523.061214][T11820] loop3: detected capacity change from 0 to 1024
[  523.186200][   T29] audit: type=1800 audit(1719114114.186:1612): pid=11825 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="overlay" ino=10 res=0 errno=0
[  523.249573][ T2461] hfsplus: b-tree write err: -5, ino 4
[  523.388657][T11837] loop1: detected capacity change from 0 to 512
[  523.418375][T11837] EXT4-fs: Ignoring removed i_version option
[  523.829548][T11855] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  523.999642][T11862] loop3: detected capacity change from 0 to 64
[  524.527652][  T928] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  524.709800][  T928] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 30768, setting to 64
[  524.738836][  T928] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  524.763770][  T928] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.795611][  T928] usb 2-1: config 0 descriptor??
[  524.827569][  T928] hub 2-1:0.0: USB hub found
[  524.858427][T11880] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  525.029414][  T928] hub 2-1:0.0: 1 port detected
[  525.081186][T11884] loop0: detected capacity change from 0 to 256
[  525.271657][T11884] FAT-fs (loop0): codepage cp946 not found
[  525.768125][ T5159] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  525.980996][ T5159] usb 1-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  526.018062][ T5159] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.073105][ T5159] usb 1-1: config 0 descriptor??
[  526.527465][ T9557] usb 2-1.1: new full-speed USB device number 12 using dummy_hcd
[  526.539274][ T9557] dummy_hcd dummy_hcd.1: usb_device address has changed!
[  526.667316][ T9557] usb 2-1-port1: cannot reset (err = -71)
[  526.685059][ T5161] usb 2-1: USB disconnect, device number 11
[  526.714640][ T9557] usb 2-1-port1: cannot reset (err = -71)
[  526.738824][ T9557] usb 2-1-port1: Cannot enable. Maybe the USB cable is bad?
[  526.757296][ T5159] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  526.772764][ T9557] usb 2-1-port1: attempt power cycle
[  526.778469][ T5159] asix 1-1:0.0: probe with driver asix failed with error -71
[  526.795231][ T5159] usb 1-1: USB disconnect, device number 8
[  527.030963][   T29] audit: type=1326 audit(1719114118.056:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11917 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x0
[  527.142654][   T29] audit: type=1326 audit(1719114118.166:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11917 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x0
[  527.164293][    C0] vkms_vblank_simulate: vblank timer overrun
[  527.260557][   T29] audit: type=1326 audit(1719114118.276:1615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11917 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3970e7d0a9 code=0x0
[  527.263818][T11923] loop1: detected capacity change from 0 to 512
[  527.435924][T11923] loop1: detected capacity change from 0 to 256
[  527.501351][T11926] loop0: detected capacity change from 0 to 1024
[  527.530958][   T29] audit: type=1800 audit(1719114118.536:1616): pid=11923 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1970 res=0 errno=0
[  527.691880][ T2461] hfsplus: b-tree write err: -5, ino 4
[  528.166606][T11941] loop0: detected capacity change from 0 to 64
[  528.868260][T11929] loop2: detected capacity change from 0 to 40427
[  528.910649][T11929] F2FS-fs (loop2): heap/no_heap options were deprecated
[  528.944952][T11929] F2FS-fs (loop2): invalid crc value
[  528.955657][T11929] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root
[  528.978877][T11929] F2FS-fs (loop2): Found nat_bits in checkpoint
[  529.177794][T11929] F2FS-fs (loop2): write access unavailable, skipping recovery
[  529.210937][T11929] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  530.102985][T11962] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  530.220347][T11963] loop3: detected capacity change from 0 to 4096
[  530.243919][T11965] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  531.692188][T11984] loop3: detected capacity change from 0 to 512
[  531.751692][T11981] dccp_close: ABORT with 8691 bytes unread
[  533.524566][T11984] EXT4-fs (loop3): 1 truncate cleaned up
[  533.565686][T11984] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  533.795302][ T9150] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.819310][T11997] loop2: detected capacity change from 0 to 1764
[  534.973843][T12016] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd
[  535.338365][T12020] loop2: detected capacity change from 0 to 512
[  535.445570][T12020] loop2: detected capacity change from 0 to 256
[  535.567189][   T29] audit: type=1800 audit(1719114126.586:1617): pid=12020 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1969 res=0 errno=0
[  535.983250][T12027] loop0: detected capacity change from 0 to 1764
[  535.990353][T12003] loop3: detected capacity change from 0 to 32768
[  536.066685][T12003] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (12003)
[  536.207213][T12003] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  536.263711][T12003] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  536.314582][T12003] BTRFS info (device loop3): using free-space-tree
[  537.162309][T12058] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  537.320196][T12003] BTRFS info (device loop3): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[  537.410201][ T9150] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  538.336276][T12068] netem: change failed
[  538.648182][T12076] loop0: detected capacity change from 0 to 1764
[  538.675499][T12080] xt_CT: You must specify a L4 protocol and not use inversions on it
[  538.874702][T12084] ALSA: seq fatal error: cannot create timer (-22)
[  539.069787][T12090] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  539.225171][T12090] batman_adv: batadv0: Adding interface: team0
[  539.260182][T12090] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  539.367214][T12090] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  539.388096][T12097] netlink: 136 bytes leftover after parsing attributes in process `syz-executor.1'.
[  539.795006][T12105] vivid-002: disconnect
[  539.844642][T12103] vivid-002: reconnect
[  540.123509][T12080] loop2: detected capacity change from 0 to 32768
[  540.148662][T12080] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES
[  540.207410][T12113] ALSA: seq fatal error: cannot create timer (-22)
[  540.249266][T12111] loop3: detected capacity change from 0 to 1764
[  540.688928][T12080] loop2: detected capacity change from 0 to 256
[  540.697511][T12080] exfat: Deprecated parameter 'namecase'
[  541.033493][T12129] loop3: detected capacity change from 0 to 128
[  541.727632][T12131] binder: 12130:12131 ioctl c0306201 200011c0 returned -14
[  541.957721][T12080] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  542.078282][T12080] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  543.079367][   T29] audit: type=1804 audit(1719114134.106:1618): pid=12145 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir4243370905/syzkaller.xM31aF/104/bus" dev="sda1" ino=1948 res=1 errno=0
[  543.188484][   T29] audit: type=1804 audit(1719114134.106:1619): pid=12145 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir4243370905/syzkaller.xM31aF/104/bus" dev="sda1" ino=1948 res=1 errno=0
[  543.294712][   T29] audit: type=1804 audit(1719114134.136:1620): pid=12145 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir4243370905/syzkaller.xM31aF/104/bus" dev="sda1" ino=1948 res=1 errno=0
[  544.170339][T12165] usb usb8: usbfs: interface 0 claimed by hub while 'syz-executor.1' sets config #0
[  544.543979][T12171] loop1: detected capacity change from 0 to 2048
[  544.795372][T12158] loop2: detected capacity change from 0 to 32768
[  544.828980][   T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  544.843942][   T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  544.854664][   T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  544.866209][   T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  544.877082][   T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  544.884888][   T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  546.404554][T12158] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=ro,metadata_checksum=none,data_checksum=none,compression=lz4,nochanges,nojournal_transaction_names,read_only
[  546.447911][T12158] bcachefs (loop2): recovering from clean shutdown, journal seq 13
[  546.501546][T12187] binder: 12186:12187 ioctl c0306201 200011c0 returned -14
[  546.530136][T12158] bcachefs (loop2): bch2_journal_reclaim_start(): error creating journal reclaim thread EINTR
[  546.615755][T11133] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.626874][T12158] bcachefs (loop2): bch2_fs_recovery(): error EINTR
[  546.626903][T12158] bcachefs (loop2): bch2_fs_start(): error starting filesystem EINTR
[  546.626934][T12158] bcachefs (loop2): shutting down
[  546.751835][T12158] bcachefs (loop2): shutdown complete
[  546.967244][ T5114] Bluetooth: hci1: command tx timeout
[  547.026833][T11133] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  547.220925][T11133] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  547.350582][T12203] usb usb8: usbfs: interface 0 claimed by hub while 'syz-executor.0' sets config #0
[  547.600588][T11133] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  547.853199][T12173] chnl_net:caif_netlink_parms(): no params data found
[  547.935215][T12212] xt_TCPMSS: Only works on TCP SYN packets
[  548.382370][   T29] audit: type=1326 audit(1719114139.406:1621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12216 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2068c7d0a9 code=0x0
[  548.491573][T12223] loop0: detected capacity change from 0 to 512
[  548.622314][T11133] bridge_slave_1: left allmulticast mode
[  548.647400][T11133] bridge_slave_1: left promiscuous mode
[  548.657332][T11133] bridge0: port 2(bridge_slave_1) entered disabled state
[  548.688658][T12223] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  548.707523][T12223] ext4 filesystem being mounted at /root/syzkaller-testdir1865966857/syzkaller.GDenlb/449/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  548.763205][T11133] bridge_slave_0: left allmulticast mode
[  548.797736][T11133] bridge_slave_0: left promiscuous mode
[  548.811623][T11133] bridge0: port 1(bridge_slave_0) entered disabled state
[  548.813717][T12231] loop2: detected capacity change from 0 to 256
[  548.914837][T12230] loop1: detected capacity change from 0 to 1024
[  549.047435][ T5114] Bluetooth: hci1: command tx timeout
[  549.209259][ T6594] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  551.127173][ T5114] Bluetooth: hci1: command tx timeout
[  552.406830][T11133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  552.431698][T11133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  552.462559][T11133] bond0 (unregistering): Released all slaves
[  552.481717][T12173] bridge0: port 1(bridge_slave_0) entered blocking state
[  552.493531][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805f696800: rx timeout, send abort
[  552.505170][T12173] bridge0: port 1(bridge_slave_0) entered disabled state
[  552.507824][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805f696c00: rx timeout, send abort
[  552.520912][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805f696800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  552.527346][T12173] bridge_slave_0: entered allmulticast mode
[  552.539362][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805f696c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  552.555002][T12173] bridge_slave_0: entered promiscuous mode
[  552.604266][T12235] netlink: 136 bytes leftover after parsing attributes in process `syz-executor.1'.
[  552.657341][T12241] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  552.808576][T12173] bridge0: port 2(bridge_slave_1) entered blocking state
[  552.852737][T12173] bridge0: port 2(bridge_slave_1) entered disabled state
[  552.867424][T12173] bridge_slave_1: entered allmulticast mode
[  552.875047][T12173] bridge_slave_1: entered promiscuous mode
[  553.209148][ T5114] Bluetooth: hci1: command tx timeout
[  553.423625][T12255] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  553.580763][T12255] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  553.595771][T12255] team0: Failed to send options change via netlink (err -105)
[  553.604282][T12255] team0: Port device netdevsim0 added
[  553.619304][T12256] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  554.263548][T12256] bridge0: port 2(bridge_slave_1) entered disabled state
[  554.271444][T12256] bridge0: port 1(bridge_slave_0) entered disabled state
[  554.611081][T12265] loop1: detected capacity change from 0 to 1024
[  555.218319][T12256] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  555.308199][T12256] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  555.788524][   T29] audit: type=1326 audit(1719114146.806:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12302 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b7167d0a9 code=0x7ffc0000
[  555.867368][   T29] audit: type=1326 audit(1719114146.806:1623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12302 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b7167d0a9 code=0x7ffc0000
[  555.932668][   T29] audit: type=1326 audit(1719114146.846:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12302 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7f8b7167d0a9 code=0x7ffc0000
[  556.001024][   T29] audit: type=1326 audit(1719114146.846:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12302 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b7167d0a9 code=0x7ffc0000
[  556.025176][T12256] netdevsim netdevsim0 @: unset [1, 0] type 2 family 0 port 6081 - 0
[  556.057341][T12256] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  556.104410][T12256] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  556.141034][T12256] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  556.167294][   T29] audit: type=1326 audit(1719114146.846:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12302 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8b7167d0a9 code=0x7ffc0000
[  556.247376][   T29] audit: type=1326 audit(1719114146.846:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12302 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b7167d0a9 code=0x7ffc0000
[  556.275362][   T29] audit: type=1326 audit(1719114146.846:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12302 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b7167d0a9 code=0x7ffc0000
[  556.310006][   T29] audit: type=1326 audit(1719114146.846:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12302 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f8b7167d0a9 code=0x7ffc0000
[  556.332877][   T29] audit: type=1326 audit(1719114146.846:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12302 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b7167d0a9 code=0x7ffc0000
[  556.356344][   T29] audit: type=1326 audit(1719114146.846:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12302 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b7167d0a9 code=0x7ffc0000
[  556.558693][T12173] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  556.654121][T12173] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  558.550804][T11133] hsr_slave_0: left promiscuous mode
[  558.560281][T11133] hsr_slave_1: left promiscuous mode
[  558.624338][T11133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  558.651757][T11133] batman_adv: batadv0: Removing interface: batadv_slave_0
[  558.898427][T11133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  558.919717][T11133] batman_adv: batadv0: Removing interface: batadv_slave_1
[  558.970072][T12345] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  558.978270][T12345] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.1'.
[  558.988276][T12345] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  559.860712][T11133] veth1_macvtap: left promiscuous mode
[  559.866271][T11133] veth0_macvtap: left promiscuous mode
[  559.915169][T12334] loop0: detected capacity change from 0 to 1024
[  559.921887][T11133] veth1_vlan: left promiscuous mode
[  559.954787][T11133] veth0_vlan: left promiscuous mode
[  559.982548][   T53] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  560.002304][   T53] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  560.012173][   T53] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  560.038940][   T53] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  560.042709][T12334] EXT4-fs: Ignoring removed orlov option
[  560.056043][   T53] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  560.063602][   T53] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  560.149125][T12334] EXT4-fs (loop0): Test dummy encryption mode enabled
[  560.200620][T12334] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  560.319422][T12334] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.509409][T12334] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[  560.720160][ T6594] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.288709][   T30] INFO: task syz-executor.4:9865 blocked for more than 143 seconds.
[  561.312209][   T30]       Not tainted 6.10.0-rc4-syzkaller-00301-g5f583a3162ff #0
[  561.327259][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  561.346349][   T30] task:syz-executor.4  state:D stack:26136 pid:9865  tgid:9835  ppid:9197   flags:0x00004006
[  561.367228][   T30] Call Trace:
[  561.371282][   T30]  <TASK>
[  561.374294][   T30]  __schedule+0x1796/0x49d0
[  561.389408][   T30]  ? __pfx___schedule+0x10/0x10
2024/06/23 03:42:32 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  561.500151][   T30]  ? __pfx_lock_release+0x10/0x10
[  561.505279][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  561.511448][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  561.530623][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  561.544352][   T30]  ? jfs_flush_journal+0x6df/0xec0
[  561.553737][   T30]  ? schedule+0x90/0x320
[  561.565520][   T30]  schedule+0x14b/0x320
[  561.759211][   T30]  ? jfs_flush_journal+0x6df/0xec0
[  561.987205][   T30]  jfs_flush_journal+0x72c/0xec0
[  562.011298][   T30]  ? __pfx_jfs_flush_journal+0x10/0x10
[  562.278735][   T53] Bluetooth: hci7: command tx timeout
[  562.298803][   T30]  ? __pfx_default_wake_function+0x10/0x10
[  562.304705][   T30]  ? __pfx_dquot_writeback_dquots+0x10/0x10
[  562.310733][   T30]  ? __pfx_dentry_lru_isolate_shrink+0x10/0x10
[  562.317007][   T30]  jfs_sync_fs+0x80/0xa0
[  562.321453][   T30]  sync_filesystem+0x1c8/0x230
[  562.326271][   T30]  jfs_remount+0x136/0x6b0
[  562.331236][   T30]  ? __pfx_jfs_remount+0x10/0x10
[  562.338228][   T30]  ? hook_sb_remount+0x122/0x390
[  562.347103][   T30]  ? legacy_reconfigure+0xca/0x120
[  562.352277][   T30]  reconfigure_super+0x445/0x880
[  562.357350][   T30]  __se_sys_fsconfig+0xab5/0xec0
[  562.362352][   T30]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  562.367929][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  562.374227][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  562.380694][   T30]  ? do_syscall_64+0x100/0x230
[  562.385599][   T30]  ? __x64_sys_fsconfig+0x20/0xc0
[  562.391142][   T30]  do_syscall_64+0xf3/0x230
[  562.395693][   T30]  ? clear_bhb_loop+0x35/0x90
[  562.408182][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.414165][   T30] RIP: 0033:0x7f125607d0a9
[  562.418655][   T30] RSP: 002b:00007f1256e9f0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  562.427193][   T30] RAX: ffffffffffffffda RBX: 00007f12561b4120 RCX: 00007f125607d0a9
[  562.435208][   T30] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000005
[  562.445271][   T30] RBP: 00007f12560ec074 R08: 0000000000000000 R09: 0000000000000000
[  562.453376][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  562.462189][   T30] R13: 000000000000006e R14: 00007f12561b4120 R15: 00007ffd5571d068
[  562.472334][   T30]  </TASK>
[  562.475459][   T30] 
[  562.475459][   T30] Showing all locks held in the system:
[  562.483864][   T30] 1 lock held by khungtaskd/30:
[  562.488813][   T30]  #0: ffffffff8e333fa0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  562.498814][   T30] 2 locks held by getty/4834:
[  562.503531][   T30]  #0: ffff88802f4c10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  562.513513][   T30]  #1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  562.525091][   T30] 2 locks held by syz-fuzzer/5080:
[  562.530423][   T30] 3 locks held by kworker/u8:11/5244:
[  562.537253][   T30] 1 lock held by syz-executor.0/6594:
[  562.544600][   T30]  #0: ffffffff8e339378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  562.555841][   T30] 3 locks held by kworker/0:7/9557:
[  562.561215][   T30]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  562.587044][   T30]  #1: ffffc90003e0fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  562.607004][   T30]  #2: ffffffff8f5d4a08 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  562.636574][   T30] 2 locks held by syz-executor.4/9865:
[  562.676998][   T30]  #0: ffff88802a3b6870 (&fc->uapi_mutex){+.+.}-{3:3}, at: __se_sys_fsconfig+0x8e6/0xec0
[  562.696990][   T30]  #1: ffff88806096e0e0 (&type->s_umount_key#58){++++}-{3:3}, at: __se_sys_fsconfig+0xaab/0xec0
[  562.716996][   T30] 1 lock held by syz-executor.1/10527:
[  562.727117][   T30]  #0: ffff88806096e0e0 (&type->s_umount_key#58){++++}-{3:3}, at: super_lock+0x27c/0x400
[  562.757027][   T30] 5 locks held by kworker/u8:0/11133:
[  562.762584][   T30]  #0: ffff888015ed3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  562.804292][   T30]  #1: ffffc90004d7fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  562.847687][   T30]  #2: ffffffff8f5c81d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  562.868764][   T30]  #3: ffffffff8f5d4a08 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90
[  562.887035][   T30]  #4: ffffffff8e339378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  562.916992][   T30] 1 lock held by syz-executor.4/11904:
[  562.922627][   T30] 1 lock held by syz-executor.3/12173:
[  562.932752][   T30]  #0: ffffffff8f5d4a08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  562.966995][   T30] 1 lock held by syz-executor.2/12339:
[  562.972646][   T30]  #0: ffffffff8f5d4a08 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340
[  562.996989][   T30] 1 lock held by syz-executor.2/12343:
[  563.003091][   T30]  #0: ffffffff8f5d4a08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  563.013258][   T30] 1 lock held by syz-executor.4/12346:
[  563.023393][   T30]  #0: ffffffff8f5d4a08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  563.039952][   T30] 1 lock held by syz-executor.1/12357:
[  563.052356][   T30]  #0: ffffffff8f5d4a08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  563.073117][   T30] 
[  563.075558][   T30] =============================================
[  563.075558][   T30] 
[  563.126811][   T30] NMI backtrace for cpu 1
[  563.131208][   T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc4-syzkaller-00301-g5f583a3162ff #0
[  563.141143][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  563.151243][   T30] Call Trace:
[  563.154653][   T30]  <TASK>
[  563.157615][   T30]  dump_stack_lvl+0x241/0x360
[  563.162341][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  563.167583][   T30]  ? __pfx__printk+0x10/0x10
[  563.172212][   T30]  ? vprintk_emit+0x631/0x770
[  563.176938][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  563.182019][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  563.187097][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  563.192598][   T30]  ? _printk+0xd5/0x120
[  563.196804][   T30]  ? __pfx__printk+0x10/0x10
[  563.201440][   T30]  ? __wake_up_klogd+0xcc/0x110
[  563.206330][   T30]  ? __pfx__printk+0x10/0x10
[  563.210958][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  563.216006][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  563.221998][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  563.227997][   T30]  watchdog+0xfde/0x1020
[  563.232260][   T30]  ? watchdog+0x1ea/0x1020
[  563.236695][   T30]  ? __pfx_watchdog+0x10/0x10
[  563.241386][   T30]  kthread+0x2f0/0x390
[  563.245470][   T30]  ? __pfx_watchdog+0x10/0x10
[  563.250157][   T30]  ? __pfx_kthread+0x10/0x10
[  563.254763][   T30]  ret_from_fork+0x4b/0x80
[  563.259199][   T30]  ? __pfx_kthread+0x10/0x10
[  563.263815][   T30]  ret_from_fork_asm+0x1a/0x30
[  563.268621][   T30]  </TASK>
[  563.273885][   T30] Sending NMI from CPU 1 to CPUs 0:
[  563.280626][    C0] NMI backtrace for cpu 0
[  563.280640][    C0] CPU: 0 PID: 928 Comm: kworker/0:2 Not tainted 6.10.0-rc4-syzkaller-00301-g5f583a3162ff #0
[  563.280660][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  563.280672][    C0] Workqueue: events_power_efficient wg_ratelimiter_gc_entries
[  563.280700][    C0] RIP: 0010:lock_release+0xb8/0x9f0
[  563.280722][    C0] Code: 08 0f 83 d6 05 00 00 89 c3 48 89 d8 48 c1 e8 06 48 8d 3c c5 e8 20 ac 8f be 08 00 00 00 e8 80 ff 85 00 48 0f a3 1d 90 95 39 0e <73> 16 e8 01 c9 09 00 84 c0 75 0d 80 3d 2a 0d 24 0e 00 0f 84 d4 05
[  563.280737][    C0] RSP: 0018:ffffc90003f5fa20 EFLAGS: 00000257
[  563.280752][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff81728b50
[  563.280765][    C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8fac20e8
[  563.280777][    C0] RBP: ffffc90003f5fb48 R08: ffffffff8fac20ef R09: 1ffffffff1f5841d
[  563.280790][    C0] R10: dffffc0000000000 R11: fffffbfff1f5841e R12: 1ffff920007ebf50
[  563.280804][    C0] R13: ffffffff86522a6b R14: 0000008322b6dc1a R15: dffffc0000000000
[  563.280818][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  563.280833][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  563.280846][    C0] CR2: 0000001b2f950000 CR3: 000000000e132000 CR4: 00000000003506f0
[  563.280862][    C0] Call Trace:
[  563.280869][    C0]  <NMI>
[  563.280878][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  563.280898][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  563.280919][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  563.280938][    C0]  ? nmi_handle+0x2a/0x5a0
[  563.280973][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  563.280994][    C0]  ? nmi_handle+0x14f/0x5a0
[  563.281021][    C0]  ? nmi_handle+0x2a/0x5a0
[  563.281048][    C0]  ? lock_release+0xb8/0x9f0
[  563.281066][    C0]  ? default_do_nmi+0x63/0x160
[  563.281086][    C0]  ? exc_nmi+0x123/0x1f0
[  563.281105][    C0]  ? end_repeat_nmi+0xf/0x53
[  563.281131][    C0]  ? wg_ratelimiter_gc_entries+0x3ab/0x470
[  563.281156][    C0]  ? lock_release+0xb0/0x9f0
[  563.281174][    C0]  ? lock_release+0xb8/0x9f0
[  563.281193][    C0]  ? lock_release+0xb8/0x9f0
[  563.281212][    C0]  ? lock_release+0xb8/0x9f0
[  563.281231][    C0]  </NMI>
[  563.281237][    C0]  <TASK>
[  563.281244][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  563.281265][    C0]  ? do_raw_spin_lock+0x14f/0x370
[  563.281291][    C0]  ? __pfx_lock_release+0x10/0x10
[  563.281311][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  563.281337][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  563.281367][    C0]  _raw_spin_unlock+0x16/0x50
[  563.281393][    C0]  wg_ratelimiter_gc_entries+0x3ab/0x470
[  563.281419][    C0]  ? process_scheduled_works+0x945/0x1830
[  563.281437][    C0]  process_scheduled_works+0xa2c/0x1830
[  563.281472][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  563.281503][    C0]  ? assign_work+0x364/0x3d0
[  563.281523][    C0]  worker_thread+0x86d/0xd70
[  563.281547][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  563.281578][    C0]  ? __kthread_parkme+0x169/0x1d0
[  563.281599][    C0]  ? __pfx_worker_thread+0x10/0x10
[  563.281618][    C0]  kthread+0x2f0/0x390
[  563.281639][    C0]  ? __pfx_worker_thread+0x10/0x10
[  563.281658][    C0]  ? __pfx_kthread+0x10/0x10
[  563.281680][    C0]  ret_from_fork+0x4b/0x80
[  563.281703][    C0]  ? __pfx_kthread+0x10/0x10
[  563.281724][    C0]  ret_from_fork_asm+0x1a/0x30
[  563.281759][    C0]  </TASK>
[  563.317081][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  563.317104][   T30] CPU: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc4-syzkaller-00301-g5f583a3162ff #0
[  563.317132][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  563.317147][   T30] Call Trace:
[  563.317159][   T30]  <TASK>
[  563.317171][   T30]  dump_stack_lvl+0x241/0x360
[  563.317217][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  563.317253][   T30]  ? __pfx__printk+0x10/0x10
[  563.317287][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  563.317322][   T30]  ? vscnprintf+0x5d/0x90
[  563.317350][   T30]  panic+0x349/0x860
[  563.317384][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  563.317412][   T30]  ? __pfx_panic+0x10/0x10
[  563.317440][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  563.317476][   T30]  ? __irq_work_queue_local+0x137/0x410
[  563.317511][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  563.317538][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  563.317564][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  563.317594][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  563.317625][   T30]  watchdog+0x101d/0x1020
[  563.317656][   T30]  ? watchdog+0x1ea/0x1020
[  563.317690][   T30]  ? __pfx_watchdog+0x10/0x10
[  563.317716][   T30]  kthread+0x2f0/0x390
[  563.317745][   T30]  ? __pfx_watchdog+0x10/0x10
[  563.317770][   T30]  ? __pfx_kthread+0x10/0x10
[  563.317801][   T30]  ret_from_fork+0x4b/0x80
[  563.317831][   T30]  ? __pfx_kthread+0x10/0x10
[  563.317860][   T30]  ret_from_fork_asm+0x1a/0x30
[  563.317910][   T30]  </TASK>
[  563.319133][   T30] Kernel Offset: disabled
[  563.765026][   T30] Rebooting in 86400 seconds..