last executing test programs:

2m34.639456674s ago: executing program 3 (id=75):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000140), 0x180, 0x0)
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000001c0)={0x28, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff})

2m33.891731013s ago: executing program 3 (id=79):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c00000002030104000000000000000007000000080001000100cd141ab58494f6c28a3ef60000"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000000c0)={0x0, 0xfffffffffffffdc8, &(0x7f0000000040)={&(0x7f0000000000)={0x20, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x8000061, 0x2}}]}, 0x20}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x8}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x81}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x2}]}}}]}, 0x4c}}, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2)
ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f0000000080)={{0x2, 0x4e23, @private=0xa010100}, {0x306, @broadcast}, 0x2e, {0x2, 0x4e21, @empty}, 'ip6gretap0\x00'})
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r3, 0x29, 0x31, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r3, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f0000000200)={0x1, 0x40002, 0x2, {0xe, @pix_mp={0x0, 0x3, 0x20303159, 0x0, 0xb, [{0x0, 0x3}, {}, {}, {0xfffffffd}, {}, {}, {0x0, 0x1}], 0x10, 0x0, 0x0, 0x2, 0x2}}})

2m32.680374997s ago: executing program 3 (id=83):
ioctl$SG_GET_COMMAND_Q(0xffffffffffffffff, 0x2270, &(0x7f0000000000))
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'pimreg1\x00'})
setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f00000000c0)=0x7, 0x4)
r1 = syz_usb_connect$cdc_ecm(0x5, 0x76, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x64, 0x1, 0x1, 0x4c, 0x30, 0x8, [{{0x9, 0x4, 0x0, 0xa, 0x3, 0x2, 0x6, 0x0, 0x9, {{0xb, 0x24, 0x6, 0x0, 0x0, "e57602f9f355"}, {0x5, 0x24, 0x0, 0x7fc}, {0xd, 0x24, 0xf, 0x1, 0xc00, 0x5, 0xbee, 0x2}, [@mbim_extended={0x8, 0x24, 0x1c, 0x8632, 0xd, 0x1ff}, @network_terminal={0x7, 0x24, 0xa, 0x3, 0x1, 0x5, 0x84}, @acm={0x4, 0x24, 0x2, 0x4}, @dmm={0x7, 0x24, 0x14, 0xfffa, 0x8}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x8, 0xd2, 0x12, 0xf7}}], {{0x9, 0x5, 0x82, 0x2, 0x20, 0x4, 0x7f, 0xd}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x8, 0x4, 0xe}}}}}]}}]}}, &(0x7f00000004c0)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x46240f611c2dbc9a, 0x6, 0x2, 0x8, 0x10, 0x4}, 0x8, &(0x7f00000001c0)={0x5, 0xf, 0x8, 0x1, [@ptm_cap={0x3}]}, 0x7, [{0x4, &(0x7f0000000200)=@lang_id={0x4}}, {0x7a, &(0x7f0000000240)=@string={0x7a, 0x3, "40dd0b9397e7d25ace6e99b11d68ea0dfd86d1590ad9db9005ad0c128185fc5465e96df1029d6c24ae9b2c002894ec57c4f4ad9b44c8af2a8e375d93e10cfbc7b9be02ec4b409d7fd9ab9e9ed144f549064b98249a8fdf3886d08762e4d8d663fb297514c9a45aebbff2a69c5a5b469f4113591fadd82d0d"}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x2809}}, {0x3b, &(0x7f0000000300)=@string={0x3b, 0x3, "14431bbef38d9725e69e131b136e08a374b45c7a4938a38ce48996616c006e922515de880105e00c11a6a4ec6764e69123618a7e281e8419b6"}}, {0x27, &(0x7f0000000340)=@string={0x27, 0x3, "b6dc9a998b7aab5a6ff3e759a97ae4a97ee4cecca4d071510fbdbc26188506d865a069d5a6"}}, {0xe5, &(0x7f0000000380)=@string={0xe5, 0x3, "8abfc48dc790d98a4d7a146f29750ffce7f290e8d84cfabc5ce4f6b0bd77be87c6039a9e35abc7701915cefd959d980b6196110aaf084e105af6d873eaeedc503efad67413ed3228bd25ad5846a4eba2402e751a0f7b5bebff3c81d06867c32675a3005307f66cf5110205893ef939e12c8352e5d12043c8d5a2497cb34bca5d6d845c90e29f1356fc76146f8c553f2d3b0d2953c0417e60681bea3df28efe1b354daa4ac5e100057773b90e3670e9c120047fbfc4ff54ec168d2c8f32b593034913aee4c607d0fec796c6160a6482e319dacb6143b2d22cc5114b69e029dacf065cfd"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x3401}}]})
syz_usb_control_io$cdc_ecm(r1, &(0x7f0000000680)={0x14, &(0x7f0000000540)={0x0, 0xf, 0xc1, {0xc1, 0x9, "1a053cefabb420fdde111df14c0bec768ccb426e2e80c6a14b2208affef7f4b91abef6e24348cead5ec994195023ccd7b99daffddab07bf0eaa21cd55b17b37002cb26729a97285a38f151d17616f759d957dfdd2e8b89ac2e5c0a93d5bd7cfcaa2b4ccff96b90605230887a3eee6ef9bbf271a5cc24373d08132e2705fb1b3a36ef0e982126cb94af9a1c03023a0a50c55b74a3878c275b621b906f12689c67bce5e4057129c264dcd739297b542ed5245cc88582ba3e29a96daa3e2bd1dd"}}, &(0x7f0000000640)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000780)={0x1c, &(0x7f00000006c0)={0x20, 0x1, 0xa, "09f59ef36225512ac194"}, &(0x7f0000000700)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000740)={0x0, 0x8, 0x1}})
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f00000007c0), &(0x7f0000000800)=0x4)
syz_usb_connect(0x4, 0x119, &(0x7f0000000840)={{0x12, 0x1, 0x310, 0x37, 0x96, 0x3b, 0x10, 0x1b3d, 0x1e5, 0xd1cd, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x107, 0x1, 0x2, 0xfc, 0x20, 0x4, [{{0x9, 0x4, 0x1b, 0xb, 0x3, 0xbe, 0x1f, 0x33, 0x38, [@generic={0xb5, 0xb, "c614398e2a9ad9a87253292aa935206ed8444c96b90595973ecf70f7e4eba6e6165e09d7d74f7c98c2aefd7c5226e8146cf3e9d224af47ca77bf9b764508677853e31961c739abcbdeb2a22f1d8bacfe41a3b163d3cd6c355005eca436ba312c2bc1a5cc0c514a65479dcf5e9164dd6655398fa45d4490598d693e2aaa5dcc029252f249a5d6402e12a52c31ec46e1b3cca9c1b23498c7eecac4c0b59e93593aececb1733ed4d1cb413cded89cf51f024fe6aa"}, @hid_hid={0x9, 0x21, 0x6, 0x7, 0x1, {0x22, 0x81}}], [{{0x9, 0x5, 0xb, 0x0, 0x40, 0x5e, 0x5c, 0x8}}, {{0x9, 0x5, 0xd, 0x1, 0x20, 0x8, 0x1, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x9, 0x2}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x9, 0xdd}]}}, {{0x9, 0x5, 0x80, 0xa, 0x10, 0x0, 0x5, 0xfb, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x2, 0x9}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0xaa, 0x1}]}}]}}]}}]}}, &(0x7f0000000c00)={0xa, &(0x7f0000000980)={0xa, 0x6, 0x110, 0x81, 0x9, 0x76, 0xff, 0x8}, 0x5, &(0x7f00000009c0)={0x5, 0xf, 0x5}, 0x8, [{0x4, &(0x7f0000000a00)=@lang_id={0x4, 0x3, 0x3801}}, {0x4, &(0x7f0000000a40)=@lang_id={0x4, 0x3, 0x440a}}, {0x4, &(0x7f0000000a80)=@lang_id={0x4, 0x3, 0x423}}, {0x4, &(0x7f0000000ac0)=@lang_id={0x4, 0x3, 0x421}}, {0x25, &(0x7f0000000b00)=@string={0x25, 0x3, "da96d80f23bd55dd9918373f7efadfbde97a94700511981859a76b0e0b500b8cfb5e30"}}, {0x4, &(0x7f0000000b40)=@lang_id={0x4, 0x3, 0x422}}, {0x13, &(0x7f0000000b80)=@string={0x13, 0x3, "714971ff9957b0c5fdaaa79b45e6b6ab03"}}, {0x4, &(0x7f0000000bc0)=@lang_id={0x4, 0x3, 0x42c}}]})
splice(r0, &(0x7f0000000c80)=0x8000, r0, &(0x7f0000000cc0)=0x4, 0x97ef, 0x2)
syz_usb_connect$hid(0x4, 0x3f, &(0x7f0000000d00)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x8, 0x5ac, 0x24a, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x6, 0x60, 0xb, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x1, 0x1, 0x81, {0x9, 0x21, 0x6, 0x8, 0x1, {0x22, 0xe77}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x8, 0x9, 0x9}}, [{{0x9, 0x5, 0x2, 0x3, 0x40, 0x1c, 0x6, 0x3}}]}}}]}}]}}, &(0x7f0000000f80)={0xa, &(0x7f0000000d40)={0xa, 0x6, 0x201, 0x9, 0xb, 0xf, 0x40, 0xa4}, 0x1a, &(0x7f0000000d80)={0x5, 0xf, 0x1a, 0x2, [@wireless={0xb, 0x10, 0x1, 0xc, 0x0, 0x5, 0x0, 0x7fff}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0x6, 0xff, 0x101}]}, 0x3, [{0x9, &(0x7f0000000dc0)=@string={0x9, 0x3, "c5c20f9d8230ac"}}, {0x93, &(0x7f0000000e00)=@string={0x93, 0x3, "4e0d81afe047e14849aa983e8694153fe054d501a3159bc60878b9d1b1e5685458c2a17770c1bcf7fd8c1a5f5c663c5f187d362d3167ff72efe49fe7ed0766f2a193fc0b7d0c2d249d000d92f4c3f7f9feb603287948483c5f4092020099c3240586db2ad289859a7c52b8f1af76b5cf5c95b900af1d6993b0f4ff8cdb4ded058912e68c41b12bab53364ff9eead2931d9"}}, {0x91, &(0x7f0000000ec0)=@string={0x91, 0x3, "27a514e3ddef64e4b207f88340415540601426b3292215097a05e8b52e13f5c6213f984285da8e5002fabfb6d44692a63490d1f957ce4831121578e4db64c4cd76c338abce31140e89384c88b4e4c867b042e5012ef6be133b50e7f3a5a5c376cb43faa6f545f08d1f10f760f33c1d75880d4729cbf17426cd46d2c9b9d890e2423a49096599629675a6d88f6f9889"}}]})
r2 = syz_open_dev$evdev(&(0x7f0000000fc0), 0xa91, 0x20000)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000001140)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001100)={&(0x7f0000001040)={0xbc, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}]}, 0xbc}, 0x1, 0x0, 0x0, 0x4}, 0x40811)
r3 = openat$cgroup_subtree(r0, &(0x7f0000001180), 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f00000011c0)={[{0x2b, 'rlimit'}, {0x2d, 'freezer'}, {0x0, 'rdma'}, {0x2b, 'hugetlb'}, {0x2b, 'pids'}]}, 0x26)
ioctl$VIDIOC_G_OUTPUT(r0, 0x8004562e, &(0x7f0000001200))
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r0, 0x80045301, &(0x7f0000001240))
r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001280), 0x48a00, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f00000012c0)={0x0, 0x0, {0x0, @struct, <r5=>0x0}, {}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_RESIZE(r2, 0x50009403, &(0x7f00000016c0)={{r4}, {@val={r5}, @max}})
accept4$x25(r0, &(0x7f0000001700), &(0x7f0000001740)=0x12, 0x0)
ioctl$KVM_GET_NR_MMU_PAGES(r0, 0xae45, 0xfffffffffffffe00)
io_uring_enter(r0, 0x1a8f, 0xf910, 0x20, &(0x7f0000001780)={[0x2]}, 0x8)
ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f00000017c0)={0x6, 0x6})
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000001800)={<r6=>0x0, 0x10, 0x30}, &(0x7f0000001840)=0xc)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000001880)=@sack_info={r6, 0x7, 0x2}, &(0x7f00000018c0)=0xc)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r0, 0xc05c5340, &(0x7f0000001900)={0x3, 0x4, 0x3, {0xf, 0x7}, 0x60829bf0, 0xb83})
syz_usb_connect$cdc_ecm(0x1, 0xb6, &(0x7f0000001980)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa4, 0x1, 0x1, 0x5, 0x70, 0x3, [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x2, 0x6, 0x0, 0x80, {{0xb, 0x24, 0x6, 0x0, 0x0, "cd38f7a68f02"}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x7, 0x6, 0x7, 0x6}, [@ncm={0x6, 0x24, 0x1a, 0x7, 0x14}, @country_functional={0x12, 0x24, 0x7, 0x9, 0x7, [0x9, 0xfffc, 0x9, 0x736, 0x4, 0x7]}, @ncm={0x6, 0x24, 0x1a, 0xfbff, 0x20}, @mdlm_detail={0x39, 0x24, 0x13, 0x5, "8629605048077ce428ad07031c1df98ecae16547d77cf2aa1284ef786d0b0a9bdaad25851b97dae1cff8aff1a720de8328881f23a6"}, @mbim={0xc, 0x24, 0x1b, 0x1, 0xd475, 0x6, 0x1, 0xd1d5, 0x20}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x8, 0x56, 0x3, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x60, 0xc, 0xa}}}}}]}}]}}, &(0x7f0000001e80)={0xa, &(0x7f0000001a40)={0xa, 0x6, 0x110, 0x9, 0x9, 0x0, 0x40, 0xa}, 0x31, &(0x7f0000001a80)={0x5, 0xf, 0x31, 0x5, [@ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x1a, 0xf, 0x2, 0x3}, @ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x3, "458cff9869040f26c2f5fb66baf9225f"}, @wireless={0xb, 0x10, 0x1, 0x8, 0x1, 0x1, 0xa, 0x2, 0x4}]}, 0x9, [{0x4, &(0x7f0000001ac0)=@lang_id={0x4, 0x3, 0x412}}, {0xd5, &(0x7f0000001b00)=@string={0xd5, 0x3, "b5e8a8cea71580d96b95aad191cc4a93ea3d6ff3be839be7a63b9330c11869af1143e73665e0c4e4e1b5a1e927811c3bb66381941feb73a524cce847f56b9fc1b473ac33697e325f3968c0c92e06c33accc39ebf0958112afb2a741057ddb90e439800dc425d270c4ce28dab9ded2abe6d00c704f9f6fab0c89fa9264a70c206e15402ca79d1de1ff2fdf02cbca541fd58d0fd1ab15fa11a6d1bb9b6e808769fe16314c47376fbfcfde748b79531fdd702b41596a87ccf522be7092a6382736f8513429b210dd04421113d188ea8a0c1f55084"}}, {0x4, &(0x7f0000001c00)=@lang_id={0x4, 0x3, 0x439}}, {0x4, &(0x7f0000001c40)=@lang_id={0x4, 0x3, 0x414}}, {0x4, &(0x7f0000001c80)=@lang_id={0x4, 0x3, 0x4c0a}}, {0x4, &(0x7f0000001cc0)=@lang_id={0x4, 0x3, 0x1c01}}, {0x4, &(0x7f0000001d00)=@lang_id={0x4, 0x3, 0x2409}}, {0xb2, &(0x7f0000001d40)=@string={0xb2, 0x3, "9975fded1ec8ff2068dcc241df484fab23a7f47fc579031ad621d91784c64b30d36d5fd344f4009f06f7d606d7b2d7a05c873203301ede44a09efc3c6d0e5db722257154c78ce05773c69fc04b5f7b5605b709615212a745b4a63e989c593b6d9a4f58c832a22f75de3f2c76d522ae82c61d3597042236ddf851e92568f88c330547ebd00b16cbc19479d6689699e4af8baeccc7d2fd4079998b6eedcc8f500ae31816b1ac97b82f59ac665e1b51f3c6"}}, {0x4e, &(0x7f0000001e00)=@string={0x4e, 0x3, "ddd335bf48b5d6baffd851bf27b9d44ef4536feef8f70cbcd31a13594e3eea6e38bb62a15471911821778f0b5d97b7c13320a38bc359658a62ddb28a3f3a37dc5073e3b14599a19196ab7057"}}]})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000002f80)={r0, &(0x7f0000001f40)="e37e98c189b81e781eaab25418acd6d52fbebe901a6e8add26aa88412b392859f5a448dcb387699b45a817bbf671cad8b918dc0c65b8b1513efd3c602bb0732bfc5f1d72e683ba50d398a8733319a99b516f13686c6a8fe667436fbb4605e40299c46e7909c97c9b6a94a549696d58c9c8c53aa08d0994d15bced95017e7fd8cba3297e7fc4add57fcb6845754b07ab50ec768e03a4efe1b21350d82691d80d67ada9d7b69256f051d24aa05f097010f9105ba8c4302e1b5b3fc5c005e0b0a477fece27e2d5cf9be11b5c915c321eee810b8a87e6883a9745c92f256aefd5a87e37dd962a1e49457803bc27fcdf75bf3edc558ea8293a9ad66040da76c55b124519a19be75c2742eec5aeb668bc242d82546010c310fcb601440b7829839bd14edbd675f510fbe0e43030a8d22f4d7daf9a7056f68df59c6805bda6f4c8d081f62f03ecddd65faa9ef389ad6d5289d91f3fb80854fa9c59a992243cb1b27986f14548ae989468113acb3744229a6d929f799647570e0cf534e413502d19c7088e8a60adb3e8a4602dfb985fc75893bc4199a8a0aae9c0a28b7770c890f5e11cdc7b60d1c8679e69a755ca3a8d2c1e6b378aa4f7cba959b4527cba77123262e0631c7e2b3dd2d284aae3f2f624849db155d4bad76f804c49058f56455c390e8c1e551314209d7707503ac9dd66ec5ae061e9cac320e0743afa973015d56697709d0c0fa1733376a63ac3e56cccf2629ff18a50907b76ccf3002076e44b5c9acb010e0a9a360a3a1e4818bcfc2e030f17e480e61f323ab75487121b694cc5c2bb42a6d8ab7b50181ea5d2bcb323828270c07248dfe8df5bcac1885713130a32380108bbd0a3e6d21e4444b775b78f2fdc72ed3e4a5571424a8be35f4a07c5200cfcd3f7617fdd97b15fc65fc2b739b742aa0c4b26f94f0db84ff1c19b1ace9b43724360c718e68ecdec060eb40a3b8f9633dda1f7a87165f4edee418e9aeb7c47f77e7235945363105d9cd1511de7beff7cb6c676fbc72fe83188890474945d69648f432aac0d65cc146dd4db8053e45f7894d316c9008f292ab112f06f3ee9b29e1bb1715577d0d60d45479f2f55879080f8b4d3e1a14ed1d60093eb5d8d96da9ebfa243764b02be0e5cc1c3166a4b2bd68b95e11260917fd7673e17ebf3ab7d5fc217002d7b702f58433a0838c2850187983570d4b5eafe7ef6ad23887ea4c79a720e203c10223a80703ecfcf4727c48c71197ee190acd3524fbce10953607ea85953336b4162367abc8c21794542cf976d3afdef756a0fc71d6d449b97bbbd71adf9290d58f9acbbc9af2eed94a7aa833a5bc5c1a54038601042b07673c270eb7c8c4a8c008290c015227429087e0bb19db5d9439158a7f470ed0e6ad4f04d79dd648a5f90375de3c9e8405d1840aef30d3fee046cbfe133953675c17170b0cad966ab8e577a367ee4eb902c8d9a114d33138d1abf2c3352c7bc59c18245eabd0f13f2b6b425e9c5d906c87ffb3efcaf499711c3b294184d64a21e0c14e65970e9afb67e9977f1baa144a50446e41d571a8537e0a1b67ac688691f7ec043221d9739a8b45b5c25c264637a25eb1e9651fb0289a70903325b07547a1c6a1228c2870b5f891baee4fc1f4bdae4087b550f8e68956e12a5f9489615d8f74bf085767018a64e07841fe273d090d71e188c2fca8de2085913bb2502dcb2291fccb8b34f0affbc93b3847d17960a3fa640456e29c6d1cbde4b1e741f6f3a3949056aefb90f25a6eb52a86e5443a44822279a59c5045dd95d58774fa554f31ee86bc2f263d448d4932aabf7324930b15117a48e7cc11f1ce45c5814c073867b98c5919fcf78a7d08dcf89d02418ca418081b2a183761fb9e6ac67724edd8b5ccd54937bf274332f397ea87612303271f0746eee440068b70db292b2dd91a3d3edf97229188beabfc177b3b00e2798750660c41ac26b1b59f32d2226665fc0f7ccc5ad55f43e78d4a9b7119f1cda6ad46785e8b458782db02a9b865c3a2737de9f85cb17168e9610de31fe4c82ae5e9b7c4d881dabf0ed5c290603168fa7590f7bd5a2fe3deac9f23a93a42b53d2abf950e45939dccdfc80597715c42a089f5d9014f89eb15d22233e04c5daf030d87f8c08acd81aa6feab10fb19c5db98df4c03dfa94852ee01b6c30a0440eec44297c692fefd4e3995fe14db8abc49f2cfb473d1f3211ac75d1faf751c6d47449c8ef9a4873f45a8bc392935c3fabd3283af31cdfb80060dd5bff13490315a8f3a93ad7c57a0bbe0889fdf1aa23dac8801a3f2a14f4854ff9ec0213431879e7dce317e0f46a53c95a699ec04da8b7c57e92abae11dc32eb511cf8fecf30b2d2ecfbc36b974f6ed16022b68c1f486313ad68fcab0f6d2541ef6b7281c462790df2b7eb2acece59c5e7f37c748f886a5a22d2ede9e5b2f4754a548a84ec8677a09cd441e12279e00c791c3056cfebb7fcdff161b89a6e0352c47083f3e73251004fca7c8f524770746bb34c9274d6be0d9381470018f1ce0b0f4f62f20dd8d967c6fed54800f63c634f66aca7e2f172da0fd62647f563e084de639b19948a24244226604b9302cf7ec833b6abdf93bdc718dd5845484404e7b5fa78bd1a4183e617ab5d6cc27b09463d73308687435964dae230f707ebb7504b52bca7b11e486dd3952bb973fbc19741c731c8958f1fb24e957071f9f161dd476346965d4fea4369969ac6d9291494e7ef87bf75f31d8b88b8d10da35677b20353baa113816c663bcc6f429af4ad2ccc5f479cacf23c944b3197824d60571770e40bf7b08f6ae3e17238fa2b92d9a52aea865da752eb73af19a19cb682bdc799c4b8a270c1b85eaa2569bf43e0f5862ec61a3b59aad5c47d38c3d940c3b059d679976b773d00a4f64a462081f2b0dde1d2dfc32476d34ff7bebc3078e4d5e8037210e7ea972e9c9aa4e46bdb9330bf4de3fa0c76d72bae191c28afd57e17a2a1fb1303088e97ca4f109ee212caee73d166092a5978fb11dad7e8570147aaea61aaa3d1ca96309d8d564b5fe7dcce50af2c9f755375bd75691bd24bec84a737693bbf838f6904697a3e30b8e5ed4beda1d9f6a2d60923127e5db3797fd98af2efe703d0c28b9c1034c2909687ae157f3c014564c5ee4aec817af783362044a618cf728ab526d9187763118ceca02ab1810fa458a06755e8768c204ad75e7e2ac223e9568d5a24d76f738438ec25541dea5050d8ebd4d565c6a6d0792c6922e5f2a148df9ed2b7c77c686391a79a89974c52ee27f3e1972277e4342cd27568fb316b57cb499b167023399fdfaa58f04e0534c9e0d2a1940e8efb5c7ed9dee6f530d0d7e13fc7d77a7996ac7af645f38355ed8e88d9c79c2a4c9610b7d4e1d5fec23459160332dfc20fb020e94e3eabfa510e5185c23c704073b49d41c3c760acb34a4633007799009bc967654dbb03706a1fe79e164c311c47d38379fce9d500e81a9710e45aef3abddbc975f58920c865206d8a141bef76f264b997813ffe60d2f8a8f6830d5b1e82ac346b7ff7b7856e4a98071ad4d828aee7d40a7d4e7e7115c7a502a88aabbf7e1053fa73ecf2661a49e25f49abe5ac904081278f63d75771a4f16359573a103236e96b6eda96ee443a3df4d1da6603f913eab0f1feb2fa7c584a9eb75dc57894afdf60beab1b92e5b8c9fe1e350fc689c4d6566267208a12bdd639a28a003e33f8baa05fce6514bc4a0c308c148c54b23c6fec3ea79fc9fced5905c5da6c927592b691a985beb6d0a2f77d8dd681d780cce098cd2326ae6c62f63b1df1d90ae4571f78d4f386ad90ae56bc0a2b26b31dc4783de4645ea46c7d23f02dad16802de6b69643eb5ca666f144f089df6bca12a632cbbda073827209f1382145b97dcc3ec4a1735090ae8d716efc6c4083c53954f720ef272e20c12dcd27711f3e5366de9fbaf8c83c204b0b697c0bcb9d291c318ad3d4fedee24d1d1aa4eae5bb196f21d608d6a4e31358b609b651a444bc8a2aba208bb281aebeb7c5f21baaf2de660aa0d7501bb0330921b0ea050c463b05b5fab6be3dd6ddb5ce0e5658430c7f3a0efdc37bb6850ada6295c10d77f0c7e50471e70a81b458b5042aaa0244dc08bc15ce1686c73eec1cea144ce75dfde377aabe89071180f022276e4119a347a51020ab8bf1be722ce23542c8ddb1ff670641d6f857bae8b77e67909583e2a5a04ac93f6f82d8e8b491fa05fdb8c9d863173d9d8b7818e91fdbbf08482368a27b7a32908109689ac591c38fb37592852d316a808768d4fc44f8d3a56e7406411e8ea1ba44dcf3979840a9cce373a33b8527ea579ca3cdc8243ae21c4ed6fb065b05e6a77f5cf4c64402baa82fc0d95cae7e29b85848d504b60c01ad8cc4adc2c668be9539184338eff856bfdfc7f3d2a1c53b151d26cf8dc5faaf235974b1cbc54c59b06ea2b0a3f127982d58013df09dbfbb368c27530df6aeccc6ef19488823fdcf6fe0c2a070f992f3f9fb856947d51ca7c6c01539c1bb446689cbaaadd69293560a7d3422a465a8eb268c76286ad16ae7770df2114984eab96fe453deef325fc1e236c7bdcfa5018b971caa103657ddb9b67d1622a2e4a1ea00cbd7245c4df6cecf471036cfbac2d23d961fa53f23475bcb5da43017072787ffaca54e9d6a8451e3547aef818df24f8fb0999aba5ee306de9fa93a9703166399fa918a24686cde819a8700742f167fd2a52e42c5180138b16420d077384df3f3ca74795728ed42ca2ca8d88391277afd1acd4772fc1b5fdf85614763f91dc67e31ff0647397f65f50de563efd8d1642b2e2512dbe8f6d62c846c8193f00f423c173dbd575fbe96c40c310b6766acb88317935d04124db8effb93434e2fb057e614a57847ade0bc7f17dcc56ccbdcf5508fd8f1e9db488d0dc9ba0b005a34b6427ed082a7a4df67abf2c3771b23e77f7b7c5c43a5d537d1a9ecb87b1585a92b369a618619f36dabd03d45550ebecfb637e828d508d3f8b557d6599027f2e230135639664b5043f3e6bc1c165cf93d6a50dd5da4b6a3ac5b493b0f63a600f483e513923e3b04282275617791ee29fe1c6152c36aed3ba60969f9b371204fee1fc7f60ed0bd404b91b9baccbb9508fcdda7685cf9a689926dca3200a51c7b65cde872200e66009dd5a4bc78f8e0a4a2e9aaf1d43b8b6f23d70199daae882abaeeb202292b6de0ce9d56897832c595abb871fdf19a6bd68977ef0ce136c173675a4447c556246dd1e3f2073ecb3247867037ae0878190de9f5daa6e6698a667aff4ec540a4b63535f8fbaf795dfc27f2620f43bcc020675f15f4d246d16ecaf0ad6f94c5e467a3a4a6b16b8c2874a878a327bb04a85b369b336ce576071052245882e295fe679b2a03328cf9fdf6cfde08bd8a7ea337b538bb01d9cd659b46b3ac4ea3bb4dd715648e9211f8df08a88c8ca08f23c99618bedea08b831a769014fee7397620b8e40975507930832ce2222cb5e69b4df3059c17ef5deae3c2bd90fb894cb7f9632bda76c2442182320fcbf47d820ddb6d4a077b744df60ffcf6083ce33b7cf8a3f74da471899a4fdd9ea98d93e144ef446e1880027659f06a13889e82e57649c2591953a398e465c8e8ed6574128f38523fcdb068534ea2c5500d04a136b450b19972de02bf09d6415ccba52e73d71c8cad0c617c67310d4e0c692f7a4d011420defe232226ddad371b8273c503f2caf6b45b93a245afdb5825ff5fb8cd344c563bf31b4a48aae2d2ed4775e85ad47fd9af2937cced98fa", &(0x7f0000002f40)=@udp6=r0, 0x2}, 0x20)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000003140)={&(0x7f0000002fc0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000003100)={&(0x7f0000003000)={0xf8, 0x2d, 0x800, 0x70bd2d, 0x25dfdbfb, {0x11}, [@typed={0x8, 0xa7, 0x0, 0x0, @pid}, @generic, @generic="e6f16d9c0f8724b1d2a8c8832792b00710c048e0956d7cddecdfe538fa12698ea7a66a344a01b69d25fbba9eccbe7183a2b2022f9000d23acf32eff866f03007dfde1dd255c6e386a43d00e02db6d6d79521f638f015716ce14c2e46683ab7f6767140bfd5707477dd6d9100fb4a7ea8589f44fc5b4b62eaf59af7a2fac4da2c6be76deaa955ee2f045c9e209f75c7ba8a5a1737c8984e9be010e222de96360dc1454e593f30cdc131b135494ced963b28fe8ab50fa824e7464a94214b8c9564434e2d8ea72d12b5f496bfb3793036c3ee8f4e04c6b5997907"]}, 0xf8}, 0x1, 0x0, 0x0, 0x880}, 0x4044854)
write$cgroup_subtree(r0, &(0x7f0000003180)={[{0x2b, 'net_cls'}, {0x2d, 'pids'}]}, 0xf)

2m28.79091433s ago: executing program 3 (id=93):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$FIONREAD(r0, 0x541b, 0x0)
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file1\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x6, 0x229, &(0x7f00000005c0)="$eJzsmL9rFEEUx79vbm+9FRFtUthYGDCiucvtoaQ5NIJgJULir0oPs4aYS04uK5iAmGBjo52FkMbCf8AihZWFnf+AoIUKgoVXWNjYjMzO3N7k5s49l+t8n2L4zsybH+/tm1csGIb5b/n65dfnp+dnF04BOIBJ7DPj3wsAkda01bP/9OL+yef1CzuvP756t3bw4Zv+/dQSKfcOlP5yvgfg7VwBcdIT9urfSkyazgJEqq9A4ITR10AoG30LAleNjkC4YfRdS7eUfbl8Z7kZlW+3motKzKimqppQNbX++3W2CYumL6WUZM2vb2yuNJrNqG0Jz8wNmMol0sNWJpz4FeGjMydQt+6nonj9yeNt1e/GZsaKXxUCVeNEDYR5Mz6LnW5sdEgs/494vf0Ljv8DvCWTDECWkyUt6j/HEixbHJ7Ot3xKuXPOnTqEPNfA3lVF9KZUJIcuH5Ze/5Y6ifCyc/Gs+aA5zrrU74V8NPgBPAsAjP0ruyKXF10x0aH37tQ3LcTQfJaUfQSNnj+lUe/cfYj5IxZA+ZWOeGP6FsCHXV0/5EvCcas+eVb9qMSr9yrrG5vTy6uNpWgpWgvD2hkCtk6HlaQQ6dape736HCT1aT+CdP/iEFtf+HjQiON2Vbc++QgQx+0w6YfWs5nfbf24aZbFuAjgmO6okuanOxacM8jXNiKxVWrKNWIYhmEYhmEYhmEYhmEYhsnFUVDyFzSD8HJi/ScAAP//bUVZjQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r1 = creat(&(0x7f0000000200)='./file0\x00', 0x100)
close(r1)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r3 = dup(r2)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0), 0x6df8}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x200400, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})
chdir(&(0x7f00000001c0)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xec3294b766e88361, 0x4)

2m26.961126632s ago: executing program 3 (id=96):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000f80)={{{@in=@private=0xa010101, @in=@private=0xa010101, 0x4e20, 0x8, 0x4e24, 0x0, 0x2, 0xa0, 0x0, 0x3a}, {0xe4, 0x3, 0x8, 0x26, 0x4633, 0x9, 0x0, 0x9}, {0x3, 0x5}, 0x7, 0x6e6bb1, 0x0, 0x1, 0x0, 0x2}, {{@in6=@mcast1, 0x4d2, 0x2b}, 0xa, @in6=@mcast2, 0x3505, 0x2, 0x2, 0x81, 0x1, 0x7fff}}, 0xe8) (fail_nth: 2)

2m26.065802006s ago: executing program 3 (id=99):
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1)

2m21.088210035s ago: executing program 32 (id=99):
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1)

22.986444597s ago: executing program 1 (id=244):
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = signalfd(r0, &(0x7f00000002c0)={[0x4]}, 0xfffffe90)
syz_open_dev$video(&(0x7f0000000000), 0x3, 0xa8c40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000710000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/61, 0x3d, 0x0, &(0x7f0000000180)=""/232, 0xe8}, &(0x7f0000000100)=0x40)
r2 = socket(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd21, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x4}, {}, {0xfff2, 0xffe2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0x5, 0x7, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x80)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)

17.174288964s ago: executing program 1 (id=249):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10408, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
dup2(r2, r0)

15.694549172s ago: executing program 2 (id=251):
socket(0x1e, 0xa, 0x9)
fallocate(0xffffffffffffffff, 0x0, 0x5, 0x2000000002)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
pipe2$watch_queue(0x0, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x40f00}, 0x94)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000240)={0x16, 0x98, 0xfa00, {0x0, 0x2, 0xffffffffffffffff, 0x10, 0x1, @in={0x2, 0x4e20, @remote}}}, 0xa0)

14.31432896s ago: executing program 4 (id=252):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

14.198783308s ago: executing program 1 (id=253):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$binderfs_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x53, 0x3, 0x8, 0x2, 0xb, 0x0, 0x1}, 0x0, &(0x7f0000000280)={0x3ff, 0x252d, 0x0, 0x400d, 0x0, 0x9, 0x466}, 0x0, 0x0)

11.61391382s ago: executing program 0 (id=254):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000080)='D', 0x1)

11.554363299s ago: executing program 4 (id=255):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
recvmsg$kcm(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000008c0)=""/4096, 0x1000}], 0x1}, 0x20)
recvmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)=""/229, 0xd058}], 0x1}}], 0x2, 0x60, 0x0)

9.259857116s ago: executing program 0 (id=256):
timer_create(0x1, &(0x7f0000000340)={0x0, 0x19, 0x1, @tid=0xffffffffffffffff}, &(0x7f0000000380)=<r0=>0x0)
clock_gettime(0x0, &(0x7f00000003c0)={<r1=>0x0, <r2=>0x0})
clock_gettime(0x0, &(0x7f0000000400)={<r3=>0x0, <r4=>0x0})
timer_settime(r0, 0x1, &(0x7f0000000440)={{r1, r2+10000000}, {r3, r4+10000000}}, 0x0)
timer_settime(r0, 0x0, &(0x7f0000000880)={{}, {0x0, 0x989680}}, &(0x7f00000008c0))

9.259529605s ago: executing program 4 (id=257):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4048050}, 0x20000800)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=@newsa={0xfc, 0x16, 0x633, 0x0, 0x80000000, {{@in=@loopback, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in=@remote, 0x4d2, 0x32}, @in6=@loopback, {}, {0x5, 0x3, 0x0, 0x5}, {0x4}, 0x2, 0x2, 0xa, 0x4, 0x18}, [@mark={0xc, 0x15, {0x35075c, 0x1}}]}, 0xfc}}, 0x0)

9.12641153s ago: executing program 1 (id=258):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000100)="1400000052004f7fb3e45f2024d2f1c9fb470000", 0x14)

8.942835759s ago: executing program 2 (id=259):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x3, 0x300)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket(0x10, 0x803, 0x0)
r1 = getpid()
syz_open_procfs$namespace(r1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r2 = socket(0x1, 0x803, 0x0)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MFC(r3, 0x29, 0xcd, 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r4}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_FLAGS={0x8, 0x8, 0x702}]}, 0x34}}, 0x0)

7.965848606s ago: executing program 0 (id=260):
dup(0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r4, 0x0)
accept4$x25(r4, 0x0, 0x0, 0x80800)

7.490910282s ago: executing program 1 (id=261):
listen(0xffffffffffffffff, 0x0)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x80a02, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
sendmsg$tipc(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)="131e186807d1d8bb9bfc9341ac8e4b91c06a958a5e0240bb3a0bf570abce35a553e5a960526e182e33c87b4d8dd5855121da2a67268b832ca844adb097b03df925a5c7cd8cb32d0b17c43d392349812a98", 0x51, 0x851}, 0x4004080)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00')
lseek(r2, 0x10001, 0x0)
syz_usbip_server_init(0x3)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x1800, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x12b36304)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x10000008ebc, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000040)={'syztnl0\x00', <r3=>0x0, 0x2f, 0x3, 0x2, 0xfffffffd, 0x7c, @ipv4={'\x00', '\xff\xff', @broadcast}, @local, 0x20, 0x791, 0x4, 0x10}})
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000140)={0x1, 0x0, 0x3, r3, 0xa}, 0xc)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)

7.19516638s ago: executing program 2 (id=262):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000040)=ANY=[@ANYBLOB="44010000100001000000000800000000fc0100000000000000000000000000000a010100", @ANYRES32=0x0, @ANYBLOB="ffffffff000000000000000000000000000000006c000000ac1414bb0000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000010"], 0x144}}, 0x20000000)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x20, 0x0, 0x201, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.090525736s ago: executing program 4 (id=263):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000004c0)={<r1=>0xffffffffffffffff}, 0x13f, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r1, 0x2, 0x0, 0x30, 0x0, @ib={0x1b, 0x7, 0xfffffffd, {}, 0x1, 0x7e1f, 0x5}, @ib={0x1b, 0xd160, 0x387d, {"382f8d5866dc8450ea081437b9de2da3"}, 0x7fffffff, 0x0, 0x742}}}, 0x118)

5.897506849s ago: executing program 0 (id=264):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r0, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)

4.378450449s ago: executing program 0 (id=265):
syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2000040, &(0x7f0000000100)=ANY=[], 0xfe, 0xc39, &(0x7f0000001b80)="$eJzs3U9sHNd9B/DfGy7FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0AoFUjQwmiLokWldILn4UOTUE9HCQVD0wBYBcjIYzOxbcUWRFi2KEmV9Pjb1nZl9b+a9mfWMLOjNCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg4g9eO3/iZHrUrQAAHqaLo189ccrzHwCeKJf9/z8AAAAAAAAAAAAAAOx3KYp4OlLMXVxL49V6R/1Cu//GzbHhka2rHUxVzb6qfPlTP3nq9JkvvTR0tpsX2jMfUv9B+2y8MXr5fOPV2etz81MLC1OTjbGZ9sTs5NSO97Db+psdq05A4/qbNyavXl1onHrx9B0f3xz86cBTRwbPDT1//Llu2bHhkZHRjSL13vK1+25Ix3YjPA5EEccjxQvf+1lqRUQRuzkXS52GP9xrv9nBqhPHqk6MDY9UHZlut2YWyw8vdU9EEdHoqdTsnqOtr0XU+h9qH7bX7JzlomzwsbJ7o3Ot+daV6anGpdb8YnuxPTtzKXVaW/anEUWcTRHLEbE6cPfu+qOIWqT4zuG1dCUi+rrn4YvVwODt21HsYR93oGxnoz9iuXgMrtk+NhBFvB4pfv7u0ZjI95nqXvOFiNfL/EHErTJfiUjlF+NMxPtbfI94PNWiiL8sr/+5tTRZ3Q+695ULX2t8ZebqbE/Z7n3lIz4f7rpTPKLnw8FN+XDs83tTPYpoVXf8tXT/v9kBAAAAAAAAAAAAAAAA4EE7GEV8JlK89h9/0hm9XY1LP3xu6A8Hf7V3zPiz99hPWfbFiFgqdjYm90AeGHgpXUrpEY8lfpLVo4g/zeP/vvWoGwMAAAAAAAAAAAAAAAAAAPBEK+InkeLl946m5eidU7w9c61xuXVlujMrbHfu3+6c6evr6+uN1MlmzvGcSzmXc67kXM0ZRa6fs5lzPOdSzuWcKzlXc0Zfrp+zmXM851LO5ZwrOVdzRi3Xz9nMOZ5zKedyzpUDuX5ej30ydy8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMdJEUV8ECm+/Y21FCkimhHj0cmVgUfdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNJCK+H6kaPxR8/a2WkSk6t+Oo+UvZ6J5oMxPRnOozFeieT5nq8pa81uPoP3sTn8q4seRYqD+zu0Lnq9/f2ft9tcgbn1zY+2ztU72dT8c/OnAU0cOnxsa+Y1nt1tOWzXg2IX2zI2bjbHhkZHRns21fPRP9mwbzMctHkzXiYiFt95+szU9PTV//wvlV2AX1e+50Ldne/6oC6m2tz21sM8WorYvmvFo+s4ToHz+vx8pfve9/+w+8DvP/3r8Smft9hM+fvFnG8//lzfvaIfP/9rmevn5Xz7Tt3r+P92z7eX8u5H+WkR98fpc/5GI+sJbbx9vX29dm7o2NXPmxIkvDw19+fSJ/gMR9avt6amepQdyugAAAAAAAAAAAAAAAAAenlTE70eK1o/XUiMiblbjtQbPDT1//Lm+6KvGW90xbvuN0cvnG6/OXp+bn1pYmJpsjM20J2Ynp3Z6uHo13GtseGRPOnNPB/e4/Qfrr87OvTXfvvbHi1t+fqh+/srC4nxrYuuP42AUEc3eLceqBo8Nj1SNnm63Zqqql7YcTP/R9aci/itSTJxppM/nbXn8/+YR/neM/1/avKM9Gv//iZ5t5TFTKuIXkeJ3/urZ+HzVzkNx1znL5f4uUhw7+7lcLg6U5bpt6LxXoDMysCz7f5Hinz64s2x3POTTG2VP7vjEPibK6384Unz/L74bv5m33fn+h62v/6HNO9qj6/9Mz7ZDd7yvYNddJ1//45Hilaffid/K2z7s/R/dd28czYVvv59jj67/p3q2Debj/vaD6ToAAAAAAAAAAMBjrT8V8feR4ocjtfRS3raTv/83uXlHe/T3vz7ds23ywcxXdM+FXZ9UAAAAANgn+lMRP4kU1xbfuT2G+s7x3z3jP39vY/zncNr0afXnfL9WvTfgQf75X6/BfNzx3XcbAAAAAAAAAAAAAAAAAAAA9pWUingpz6c+Xo3nn9x2PvWVSPHa/7yQy6UjZbnuPPCD1a/1i7Mzx89PT89OtBZbV6anGqNzrYmpsu4zkWLtbz+X6xbV/Ord+eY7c7xvzMU+HylG/qFbtjMXe3du8mc2yp4sy34iUvz3P95ZtjuP9ac2yp4qy/5NpPj6v2xd9shG2dNl2e9Gih99vdEte6gs230/6qc3yr44MVvswVUBAAAAAAAAAAAAAAAAAADgSdOfivjzSPG/15dvj+XP8//396xWbn2zZ77/TW5W8/wPVvP/b7d8P/P/V+8VWNruqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8PGUooi3I8XcxbW0MlCud9QvtGdu3BwbHtm62sFU1eyrypc/9ZOnTp/50ktDZ7v54fUftM/EG6OXzzdenb0+Nz+1sDA12RibaU/MTk7teA+7rb/ZseoENK6/eWPy6tWFxqkXT3c/ubXeMfDUkcFzQ88ff65bdmx4ZGS0Zxe1/vs++l3SNtsPRBF/HSle+N7P0g8HIorY/bm4x3dnrx2sOnGs6sTY8EjVkel2a2ax/PBS90QUEY2eSs3uOXoI12JXmhFLZfPLBh8ruzc615pvXZmealxqzS+2F9uzM5dSp7VlfxpRxNkUsRwRqwN3764/ingzUnzn8Fr614GIvu55+OLF0a+eOLV9O4o97OMOlO1s9EcsF4/BNdvHBqKIf44UP3/3aPzbQEQtOj/xhYjXy/xBxK3oXO9UfjHORLy/xfeIx1Mtivj/8vqfW0vvDpT3g+595cLXGl+ZuTrbU7Z7X3nsnw8P0z6/N9WjiB9Vd/y19O/+uwYAAAAAAAAAAAAAAADYR4r49Ujx8ntHUzU++PaY4vbMtcbl1pXpzrC+7ti/7pjp9fX19UbqZDPneM6lnMs5V3Ku5owi18/ZLLO+vj6e15dyLudcybmaM/py/ZzNnOM5l3Iu51zJuZozarl+zmaVA+vjeX0p53LOlZyrOWOfjN0DAAAAAAAAAAAAAAAAAAA+XorqnxTf/sZaWh/ozC89Hp1cMR/ox94vAwAA//+JK/3v")
r0 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f00000000c0)=0x282, 0x4)
timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, 0x0)
r1 = signalfd4(0xffffffffffffffff, &(0x7f00000003c0)={[0x1fffffffff]}, 0x8, 0x0)
syz_io_uring_setup(0x1748, &(0x7f0000000080)={0x0, 0x9ae7, 0x10000, 0x6, 0xeb, 0x0, r1}, &(0x7f0000000240), 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r2, 0x5421, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x40}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mknodat$loop(0xffffffffffffffff, &(0x7f00000002c0)='./file1\x00', 0x6000, 0x0)
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000009, 0x13, r4, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r5, &(0x7f0000001480)=[{&(0x7f0000000040)=""/4096, 0x1000}], 0x1, 0x304, 0xfffffffd)

4.078737838s ago: executing program 4 (id=266):
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0x2, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x3)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8000000000000001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff0000000002000000"], 0x7c}}, 0x0)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00')
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0xa82, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x900, 0x12)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x4000000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
ioctl$COMEDI_INSNLIST(0xffffffffffffffff, 0x8010640b, 0x0)

3.810837997s ago: executing program 2 (id=267):
openat$kvm(0xffffff9c, 0x0, 0x800, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x8)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f0000000000))

3.719253985s ago: executing program 1 (id=268):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.954415399s ago: executing program 4 (id=269):
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000180)='./file1\x00', 0x8, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0xfb, 0x6a8, &(0x7f0000001dc0)="$eJzs3c1vHVfdB/DvXN/4Je2TJ0mTNqBKtRoJEBGJEystZkNACGVRVVVZsLYSp7HipMVxkVsh4vC67aJ/QFlkg1ghsWITqbBgQ3fskJdISGzKArPhopk7175vvrluE9sRn08095w558yZ3/xm5r5Z0Q3wP+vquTQfpsjVc6+tl+ubD+ZXNh/M327XX28mmUqykZTVRpLiX61W6+PkSlJsT1P0lQM+XF548y+fbv6tvdasl2p8Y9R2fepxG33NG5222SQTdfk59Mx37XPPV2xHfiXJ2bqEA3ckSavHD/707HZPl5lhW0/vS4zAk1W0XzcHHE+O1jd6+T6g88rb2N/oxjPRCXIM/e8gAAAA4GlTfQZuDjT3tPz/VrayXhzbx7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgqbaRTNY/n1/US6NTn03R+f3/ybotdf1weWlvwx8+qTgAAAAAAAAAYB+9tJWtrOdYZ71VVH/zf7laOVU9PpN3czdLWc35rGcxa1nLai4mOd410eT64traVGdt1JaXhm25eukRgU5tPwAAAAAAAAAAg36Sqzt//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMOgSCbaRYr7Xc3H02gmmU4yWTZsJJ906k+zhwcdAAAAAOyDqWQr6znWWW8VOZXk+eo7gOm8mztZy3LWspKlXK++F2h/6m9sPphf2Xwwf7tcBuf91j/2FEY1Y9rfPQzf85lqxExuZLlqOZ9reTsruZ5GtWXpTB1PZ9a+uO6XMRXfrL06XmTX67I88g/qcsC9PR3sbvb4ZcrxKiNH2hmZSObq2MpsnOicmeFnaI9np2dPWcrFNLaDPdW3p8neg+nN+c6UjVH7O1qX5fH8YrecH4h2Jv7TalvKpa6r7/nROe89isNzSOOZqMtW9TgzeE3Md2XihUdkIl/+3W++f3Plzq2bN+6eO8yZmB5n0FyVidPb61fz3Xwv5zKbN7Ka5fwwi1nLUmbznaq2WJ/8ouuWH56pvpvkjUdFMllfoRP11nuJ6eVq29bUcl7P27mepbxS/buUi3k1l3M5C11n+PToM1zd9Y3Bu77S+r+hwZ/9Sl2ZSfLLujwcyrye6MrrzlU/V+X7RE9LnaWimZNjZGnIc+MozS/WlXIfP33UE+m+6s/Exa7r5bnRmfhV9bRyd+XOrdWbi++Mt7uTH9SV8j76eTJ7eJ5IyuvlZHmyqrWpnquj7Htuu683X2Xfqe2+xkDf6fw+zWZnL8vZ2PVOnazfww3OdKnqe2Fo33zVd6arb9j7LQAOvaNfPTo58/eZP898NPOzmZszr01/e+rrUy9O5sgfjnyjOTfxpcaLxW/zUX688/kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD47O6+9/6txZWVpdW+SqvVuvfJ8K4xK53fq/mMm/dXOr8KNcbgzP71mXLokK6JtO7t0vWkKl94NtmvfR3eyr9brVbdUuwy5td/7E/UVA4odfXv/LUORepGVKYf3/01UDmwpyRgn1xYu/3Ohbvvvf+15duLby29tXRn4fLlhbmFy6/MX7ixvLI013486CiBJ2HnRf+gIwEAAAAAAAAAAADG9Zj/z8DGsK6DPkYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6Xb1XJoPU+Ti3Pm5cn3zwfxKuXTqOyObSRpJih8lxcfJlbSXHO+arthtPx8uL7w5/enmP1tt9XzV+Mao7cazUS+ZTTLRLu8/rvmu1eVIxahDKLaPsEzY2U7i4KD9NwAA//94uwx2")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
linkat(r5, &(0x7f0000000180)='./file1\x00', r5, &(0x7f0000000640)='./bus\x00', 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000001c0)={'wlan1\x00'})
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000000c0)={0x3c, r1, 0x917, 0x0, 0xffffffe4, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4044011}, 0x4000)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x20)
getdents64(r6, &(0x7f00000000c0)=""/55, 0x37)
getdents64(r6, &(0x7f0000000f80)=""/4096, 0x1000)

1.909897249s ago: executing program 2 (id=270):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000001240)='./file2\x00', 0x8410, &(0x7f0000000480)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc0800000000000000f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a2d47aff43355f9d23a606e1a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a808e9a51cc0d73e298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbb16e002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2", @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b061be4d1d842e4a63ec77a08347691f71d1e4132f09405a5b81867a01cf3df73c16fd31622d37a921bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6ab8e225d1"], 0x1, 0x2a0, &(0x7f00000001c0)="$eJzs3T9rA2UYAPDnkjSNOqSIiyJ4oINTaV1dGqWC2EmJoA4abAuShEILASsYO/UTOPo9/AguLn4DwVVwa4fKyeXumtSmf2hjCvb3m57ee8/zPrkX0inPffX6sL97kMTJ2e/RaiVR24qtOE9iLWpR+SEaAQD8f5xnWfyVPSSzUVt8NwDAMhT//wtP3QsAsByffPb5R52dne2P07QVr7ZPR90kIoano26x3tmPb2IQe7ER7biIyC4V8Qcf7mxHI82txVvD8aibZw6//LWs3/kzYpK/Ge1Ym5+/mRYu81+sukujs79S/dGOV+bnv/Pv/BiOo9uMt9+c6X892vHb13EQg9iNPHea//1mmr6f/Xj23Rf5Nnl+Uovu6uS+qay+pCMBAAAAAAAAAAAAAAAAAAAAAOAZWE/TpBjfM5nfk1+azM8ZdesXk/X1tDI732dczQdKqkLFfKAsyhE94yx+qubrbKRpmpU3TvMb8VrDiwUAAAAAAAAAAAAAAAAAAAAgd/Ttcb83GOwdLiSopgFUP+t/aJ2tmStvxHG/V7+54Or995qdNpD3euvN0WjEgh7LXcELeT8Lr7w6PdxPowiqg1noXi+/VxQ97vfScql6yP1ectderergfp5dasYjG2uWHWRXz7R12erVrOaCnkbzpblLf2dZdr867/5RnFF5JZmM2Ljf7itlMPcD5kHr+ln8cnPBG78y6o/+0gEAAAAAAAAAAAAAAAAAAOaa/uh3zuLJram1/6wpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFiy6fv/q6AVEVevXAvGZfJt95RBMw6PnvgjAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Az8EwAA//9I2EsX")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x1a0)
r1 = fanotify_init(0x1, 0x101801)
fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x70)
read$FUSE(r2, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

566.790468ms ago: executing program 0 (id=271):
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000040)={0xbe4, {{0x2, 0x4e23, @multicast2}}, {{0x2, 0x4e21, @remote}}}, 0x108)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0)
r3 = mq_open(&(0x7f0000000000)='batadv_slave_1\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000000000000, 0x8, 0x1, 0xc05})
mq_getsetattr(r3, &(0x7f0000000040)={0x0, 0x40, 0x4, 0x7ff}, 0x0)
mq_timedreceive(r3, &(0x7f0000000440)=""/90, 0x5a, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x5, 0x0)

0s ago: executing program 2 (id=272):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x200214, &(0x7f0000000000)=ANY=[], 0x11, 0x25d, &(0x7f0000000480)="$eJzs2k9rXFUYB+D3TqpJU9MZ8R8tiAddqJtLM2sXDdKCOKBoR6iCdGpvdcglE2aGwIjYrPRruBaX7gTp0k02fgIX7rLJMgvxyiTTNNYpNgYzoX2ezbxwz++ee84c7ryL2X4riyzGhlHLsqhdjs3YzaIRtbhnM958/fovL394/eN3V1qtKx+kdHXl2nIzpXT+lZ8/+eqHV+8Oz3304/mf5mOr8en2TvP3rRe3Lmz/ee2L7iB1793kZq837Nwsi3SrO1jNU3q/LDqDInXXBkV/mDrp4Prtsre+PpqPiKXF9X4xGKTO2iitFqM07KVhf5Q6n3e6aynP87S0GBxH+/vdqlqIiBtRVdXZ7+Lc3Vj6LeqRPZuy5y5nL9zIXtrMLuxUVX3Wj8r/YreqYqd6yvf/hDr0Ul+IKL/daG+09z/3r6/cTuOfhyIuRT3+iPExmdirz05uk1JKjfimvDPJ39loz03y0Y0yiliOejT+ka+u1ibplNLf8/OxeDjfjHo8PyX/TutKc2p+Id547VA+j3r8+ln0ooxbMc7ez3+9nNLb77UeyF/cGwcA8LjJ04Gp/VueP+z6fv6gv5reH+71V5em9mdn4uKZ2a6diMHoy9VOWRb9RyyePsrgYxXjw3FSc/3nYi6OMHjxWHM9dDequdOyGzMuqhOYK2oRjzQ4Fk7Ltvxr8czkXfDASnkC3D8Gs34SAAAAAAAAAAAAjuIk/mA46zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACn218BAAD//6Y9vzY=")
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300020000000904010000020d00000904010102f2e1d507090582030002800000090503"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x2, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x50}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.126' (ED25519) to the list of known hosts.
[  194.823409][ T5797] cgroup: Unknown subsys name 'net'
[  194.960812][ T5797] cgroup: Unknown subsys name 'cpuset'
[  194.977031][ T5797] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  201.952256][ T5797] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  208.109572][ T5815] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  208.121562][ T5817] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  208.130445][ T5817] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  208.142765][ T5817] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  208.153460][ T5817] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  208.196804][   T49] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  208.206953][   T49] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  208.218689][   T49] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  208.230346][ T5821] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  208.239316][ T5821] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  208.257243][ T5826] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  208.267159][ T5826] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  208.283125][ T5826] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  208.295350][ T5826] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  208.297947][ T5821] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  208.312000][ T5825] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  208.321459][ T5825] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  208.333184][ T5825] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  208.345772][ T5829] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  208.347114][ T5821] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  208.365191][ T5821] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  208.366652][ T5826] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  208.379660][ T5821] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  208.401773][ T5821] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  208.406797][ T5826] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  209.675471][ T5816] chnl_net:caif_netlink_parms(): no params data found
[  210.191741][ T5826] Bluetooth: hci0: command tx timeout
[  210.430361][ T5826] Bluetooth: hci3: command tx timeout
[  210.436009][ T5826] Bluetooth: hci1: command tx timeout
[  210.509942][ T5826] Bluetooth: hci2: command tx timeout
[  210.515711][   T49] Bluetooth: hci4: command tx timeout
[  210.559814][ T5813] chnl_net:caif_netlink_parms(): no params data found
[  210.720122][ T5824] chnl_net:caif_netlink_parms(): no params data found
[  210.946925][ T5820] chnl_net:caif_netlink_parms(): no params data found
[  211.013394][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.023578][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.031536][ T5816] bridge_slave_0: entered allmulticast mode
[  211.041888][ T5816] bridge_slave_0: entered promiscuous mode
[  211.154119][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.161904][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.169978][ T5816] bridge_slave_1: entered allmulticast mode
[  211.180186][ T5816] bridge_slave_1: entered promiscuous mode
[  211.190674][ T5818] chnl_net:caif_netlink_parms(): no params data found
[  211.581146][ T5816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.718648][ T5816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.278006][ T5816] team0: Port device team_slave_0 added
[  212.301650][   T49] Bluetooth: hci0: command tx timeout
[  212.387425][ T5813] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.396139][ T5813] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.406771][ T5813] bridge_slave_0: entered allmulticast mode
[  212.416343][ T5813] bridge_slave_0: entered promiscuous mode
[  212.436458][ T5816] team0: Port device team_slave_1 added
[  212.448476][ T5813] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.456516][ T5813] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.464523][ T5813] bridge_slave_1: entered allmulticast mode
[  212.475128][ T5813] bridge_slave_1: entered promiscuous mode
[  212.488789][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.497355][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.505807][ T5824] bridge_slave_0: entered allmulticast mode
[  212.516459][ T5824] bridge_slave_0: entered promiscuous mode
[  212.538440][   T49] Bluetooth: hci1: command tx timeout
[  212.538618][ T5826] Bluetooth: hci3: command tx timeout
[  212.591391][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.599265][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.606964][ T5824] bridge_slave_1: entered allmulticast mode
[  212.617237][ T5824] bridge_slave_1: entered promiscuous mode
[  212.617503][ T5826] Bluetooth: hci4: command tx timeout
[  212.629622][ T5826] Bluetooth: hci2: command tx timeout
[  212.730566][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.738345][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.746672][ T5820] bridge_slave_0: entered allmulticast mode
[  212.757030][ T5820] bridge_slave_0: entered promiscuous mode
[  212.967918][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.976817][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.985519][ T5820] bridge_slave_1: entered allmulticast mode
[  212.994814][ T5820] bridge_slave_1: entered promiscuous mode
[  213.055843][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.068474][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_0
[  213.076241][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.103939][ T5816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  213.128439][ T5813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.140816][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_1
[  213.148233][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.174935][ T5816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.321462][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  213.331418][ T5818] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.339572][ T5818] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.347325][ T5818] bridge_slave_0: entered allmulticast mode
[  213.357522][ T5818] bridge_slave_0: entered promiscuous mode
[  213.386315][ T5813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  213.475418][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.527135][ T5818] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.535181][ T5818] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.543460][ T5818] bridge_slave_1: entered allmulticast mode
[  213.552786][ T5818] bridge_slave_1: entered promiscuous mode
[  213.671853][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  213.832490][ T5813] team0: Port device team_slave_0 added
[  213.860251][ T5818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.930601][ T5824] team0: Port device team_slave_0 added
[  213.951763][ T5824] team0: Port device team_slave_1 added
[  214.104445][ T5813] team0: Port device team_slave_1 added
[  214.132160][ T5818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  214.171818][ T5816] hsr_slave_0: entered promiscuous mode
[  214.183577][ T5816] hsr_slave_1: entered promiscuous mode
[  214.305035][ T5820] team0: Port device team_slave_0 added
[  214.315590][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[  214.323315][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.350310][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  214.363370][ T5826] Bluetooth: hci0: command tx timeout
[  214.486552][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.495365][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.523460][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  214.544874][ T5820] team0: Port device team_slave_1 added
[  214.589337][ T5826] Bluetooth: hci1: command tx timeout
[  214.595126][   T49] Bluetooth: hci3: command tx timeout
[  214.602876][ T5818] team0: Port device team_slave_0 added
[  214.669486][ T5826] Bluetooth: hci4: command tx timeout
[  214.675240][ T5826] Bluetooth: hci2: command tx timeout
[  214.728622][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_0
[  214.736216][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.764405][ T5813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  214.785721][ T5818] team0: Port device team_slave_1 added
[  214.865051][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.872623][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.899933][ T5813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.070940][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.078196][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.104739][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.140812][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.148159][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.175066][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.190201][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.197339][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.223905][ T5818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.250701][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.257984][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.285083][ T5818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.441895][ T5824] hsr_slave_0: entered promiscuous mode
[  215.452613][ T5824] hsr_slave_1: entered promiscuous mode
[  215.461764][ T5824] debugfs: 'hsr0' already exists in 'hsr'
[  215.467771][ T5824] Cannot create hsr debugfs directory
[  215.878468][ T5813] hsr_slave_0: entered promiscuous mode
[  215.887685][ T5813] hsr_slave_1: entered promiscuous mode
[  215.897008][ T5813] debugfs: 'hsr0' already exists in 'hsr'
[  215.903069][ T5813] Cannot create hsr debugfs directory
[  215.983203][ T5820] hsr_slave_0: entered promiscuous mode
[  215.994031][ T5820] hsr_slave_1: entered promiscuous mode
[  216.002686][ T5820] debugfs: 'hsr0' already exists in 'hsr'
[  216.008719][ T5820] Cannot create hsr debugfs directory
[  216.028658][ T5818] hsr_slave_0: entered promiscuous mode
[  216.042832][ T5818] hsr_slave_1: entered promiscuous mode
[  216.051852][ T5818] debugfs: 'hsr0' already exists in 'hsr'
[  216.057852][ T5818] Cannot create hsr debugfs directory
[  216.441415][   T49] Bluetooth: hci0: command tx timeout
[  216.670057][   T49] Bluetooth: hci1: command tx timeout
[  216.675701][   T49] Bluetooth: hci3: command tx timeout
[  216.749552][   T49] Bluetooth: hci4: command tx timeout
[  216.755298][ T5826] Bluetooth: hci2: command tx timeout
[  217.396348][ T5816] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  217.487437][ T5816] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  217.514727][ T5816] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  217.538364][ T5816] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  217.795245][ T5824] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  217.826971][ T5824] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  217.878060][ T5824] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  217.907107][ T5824] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  218.206550][ T5813] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  218.277380][ T5820] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  218.306747][ T5820] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  218.336623][ T5820] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  218.362853][ T5813] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  218.389362][ T5813] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  218.423385][ T5813] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  218.465897][ T5820] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  218.637640][ T5818] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  218.724102][ T5818] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  218.774996][ T5818] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  218.882978][ T5818] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  219.368514][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.662764][ T5816] 8021q: adding VLAN 0 to HW filter on device team0
[  219.875898][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.918113][ T4181] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.925886][ T4181] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.955994][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.017687][ T3751] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.025499][ T3751] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.164353][ T5820] 8021q: adding VLAN 0 to HW filter on device team0
[  220.238242][ T3751] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.246013][ T3751] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.275226][ T5813] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.311407][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[  220.416734][ T4181] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.424472][ T4181] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.577759][ T5813] 8021q: adding VLAN 0 to HW filter on device team0
[  220.598080][ T4181] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.605937][ T4181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.719149][ T5816] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  220.930855][ T4181] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.938747][ T4181] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.956112][ T4181] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.963975][ T4181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.986509][ T4181] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.994171][ T4181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.113749][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.358848][ T5820] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  221.539464][ T5818] 8021q: adding VLAN 0 to HW filter on device team0
[  221.656743][ T5813] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  221.764267][ T4181] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.772096][ T4181] bridge0: port 1(bridge_slave_0) entered forwarding state
[  221.927080][ T4181] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.934893][ T4181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.296728][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0
[  223.986978][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.202357][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.293522][ T5813] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.634940][ T5820] veth0_vlan: entered promiscuous mode
[  224.788691][ T5820] veth1_vlan: entered promiscuous mode
[  224.929989][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0
[  225.023532][ T5813] veth0_vlan: entered promiscuous mode
[  225.048089][ T5824] veth0_vlan: entered promiscuous mode
[  225.195607][ T5824] veth1_vlan: entered promiscuous mode
[  225.228351][ T5813] veth1_vlan: entered promiscuous mode
[  225.278016][ T5820] veth0_macvtap: entered promiscuous mode
[  225.417943][ T5820] veth1_macvtap: entered promiscuous mode
[  225.677573][ T5824] veth0_macvtap: entered promiscuous mode
[  225.707864][ T5818] veth0_vlan: entered promiscuous mode
[  225.778204][ T5813] veth0_macvtap: entered promiscuous mode
[  225.804292][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0
[  225.850167][ T5824] veth1_macvtap: entered promiscuous mode
[  225.892467][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1
[  225.905481][ T5813] veth1_macvtap: entered promiscuous mode
[  225.974893][ T5818] veth1_vlan: entered promiscuous mode
[  226.085626][ T3751] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.139832][ T3751] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.188458][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[  226.220126][ T3751] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.254182][ T3751] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.313493][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_0
[  226.377175][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[  226.436385][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_1
[  226.491842][ T5818] veth0_macvtap: entered promiscuous mode
[  226.534153][ T3075] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.572648][ T3075] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.612999][ T3075] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.674395][ T5818] veth1_macvtap: entered promiscuous mode
[  226.718037][ T3016] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.771841][ T3517] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.850999][ T3517] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.890284][ T3517] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.956273][ T3517] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.998917][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0
[  227.140626][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1
[  227.169689][ T5816] veth0_vlan: entered promiscuous mode
[  227.304744][ T3517] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.323865][ T5816] veth1_vlan: entered promiscuous mode
[  227.359329][ T3517] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.384517][ T3517] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.443665][ T3517] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.748470][ T5816] veth0_macvtap: entered promiscuous mode
[  227.868752][ T5816] veth1_macvtap: entered promiscuous mode
[  228.068672][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0
[  228.184943][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1
[  228.319989][ T1134] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.380239][ T1134] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.435383][ T1134] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  228.532923][ T1134] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.896154][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  229.902987][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  234.396711][ T3647] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.405089][ T3647] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.725568][ T3563] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.734884][ T3563] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.918010][ T3517] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.926381][ T3517] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.150037][ T4366] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.158221][ T4366] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.284130][ T5820] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  235.331486][ T3751] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.339953][ T3751] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.579482][ T3517] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.587547][ T3517] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.751769][ T3075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.760010][ T3075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.049529][ T3075] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.057893][ T3075] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.799421][ T5907] usb 1-1: new low-speed USB device number 2 using dummy_hcd
[  237.156552][ T6002] loop3: detected capacity change from 0 to 32768
[  237.173980][ T5907] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  237.182559][ T5907] usb 1-1: config 0 has no interface number 0
[  237.189397][ T5907] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  237.195686][ T6002] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4 (6002)
[  237.200871][ T5907] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  237.223975][ T5907] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  237.233778][ T5907] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.298664][ T6002] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  237.310226][ T6002] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  237.693112][ T5907] usb 1-1: config 0 descriptor??
[  237.735705][ T3795] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.745057][ T3795] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.903281][ T5907] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  237.995433][ T3016] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.004497][ T3016] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.088532][ T6002] BTRFS info (device loop3): rebuilding free space tree
[  238.162526][ T6002] BTRFS info (device loop3): disabling free space tree
[  238.170507][ T6002] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  238.189275][ T6002] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  238.224544][ T6002] BTRFS info (device loop3): enabling ssd optimizations
[  238.232189][ T6002] BTRFS info (device loop3): force clearing of disk cache
[  238.240112][ T6002] BTRFS info (device loop3): enabling auto defrag
[  238.443546][ T5820] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  238.580672][ T5874] usb 1-1: USB disconnect, device number 2
[  238.637058][ T5907] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  238.880055][ T5907] usb 3-1: Using ep0 maxpacket: 16
[  239.906417][ T6027] infiniband syz2: set active
[  239.911556][ T6027] infiniband syz2: added bond0
[  240.846444][ T6027] RDS/IB: syz2: added
[  240.851261][ T6027] smc: adding ib device syz2 with port count 1
[  240.857943][ T6027] smc:    ib device syz2 port 1 has pnetid 
[  241.104584][ T6043] mkiss: ax0: crc mode is auto.
[  242.022937][ T6051] FAULT_INJECTION: forcing a failure.
[  242.022937][ T6051] name failslab, interval 1, probability 0, space 0, times 1
[  242.055117][ T6051] CPU: 1 UID: 0 PID: 6051 Comm: syz.1.12 Not tainted syzkaller #0 PREEMPT(none) 
[  242.055286][ T6051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  242.055387][ T6051] Call Trace:
[  242.055445][ T6051]  <TASK>
[  242.055503][ T6051]  __dump_stack+0x26/0x30
[  242.055707][ T6051]  dump_stack_lvl+0x1df/0x270
[  242.055912][ T6051]  dump_stack+0x1e/0x25
[  242.056098][ T6051]  should_fail_ex+0x7dc/0x8a0
[  242.056289][ T6051]  should_failslab+0x15b/0x200
[  242.056498][ T6051]  kmem_cache_alloc_noprof+0xf0/0xec0
[  242.056697][ T6051]  ? alloc_empty_file+0x10d/0x5b0
[  242.056853][ T6051]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  242.057050][ T6051]  ? kmsan_get_metadata+0xfb/0x160
[  242.057244][ T6051]  alloc_empty_file+0x10d/0x5b0
[  242.057409][ T6051]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  242.057609][ T6051]  path_openat+0xa1/0x6760
[  242.057783][ T6051]  ? kmsan_get_metadata+0xfb/0x160
[  242.057953][ T6051]  ? kmsan_get_metadata+0xfb/0x160
[  242.058138][ T6051]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  242.058330][ T6051]  ? do_filp_open+0x31/0x660
[  242.058489][ T6051]  ? filter_irq_stacks+0x49/0x190
[  242.058652][ T6051]  ? stack_depot_save_flags+0x35/0x7b0
[  242.058806][ T6051]  ? kmsan_get_metadata+0xfb/0x160
[  242.058998][ T6051]  ? kmsan_get_metadata+0xfb/0x160
[  242.059174][ T6051]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  242.059337][ T6051]  ? kmsan_get_metadata+0xfb/0x160
[  242.059513][ T6051]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  242.059710][ T6051]  do_filp_open+0x280/0x660
[  242.059897][ T6051]  ? stack_depot_save_flags+0x35/0x7b0
[  242.060063][ T6051]  ? kmsan_get_metadata+0xfb/0x160
[  242.060242][ T6051]  ? kmsan_internal_memmove_metadata+0x91/0x230
[  242.060424][ T6051]  ? kmsan_get_metadata+0xfb/0x160
[  242.060623][ T6051]  do_open_execat+0x163/0x8e0
[  242.060837][ T6051]  alloc_bprm+0x45/0xc90
[  242.061013][ T6051]  ? kmsan_get_metadata+0xfb/0x160
[  242.061195][ T6051]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  242.061409][ T6051]  do_execveat_common+0x28b/0xdf0
[  242.061626][ T6051]  ? getname_flags+0x5f4/0xac0
[  242.061867][ T6051]  __x64_sys_execveat+0x144/0x1e0
[  242.062106][ T6051]  x64_sys_call+0x2671/0x3e20
[  242.062317][ T6051]  do_syscall_64+0xd9/0x210
[  242.062479][ T6051]  ? clear_bhb_loop+0x40/0x90
[  242.062662][ T6051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.062831][ T6051] RIP: 0033:0x7f016518eba9
[  242.062959][ T6051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.063102][ T6051] RSP: 002b:00007f0165f9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  242.063262][ T6051] RAX: ffffffffffffffda RBX: 00007f01653d5fa0 RCX: 00007f016518eba9
[  242.063377][ T6051] RDX: 0000200000000300 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  242.063492][ T6051] RBP: 00007f0165f9e090 R08: 0000000000000100 R09: 0000000000000000
[  242.063592][ T6051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  242.063687][ T6051] R13: 00007f01653d6038 R14: 00007f01653d5fa0 R15: 00007ffda775f138
[  242.063839][ T6051]  </TASK>
[  244.206857][ T5907] usb 3-1: unable to get BOS descriptor or descriptor too short
[  244.291408][ T5907] usb 3-1: unable to read config index 0 descriptor/start: -32
[  244.299556][ T5907] usb 3-1: chopping to 0 config(s)
[  244.305030][ T5907] usb 3-1: can't read configurations, error -32
[  244.470015][ T6065] workqueue: name exceeds WQ_NAME_LEN. Truncating to: ¯HcUØîÑË•‚ι+ÕuµJÙ­Vú?zlIèƒ
[  244.571588][ T5907] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  244.749818][ T5907] usb 3-1: device descriptor read/64, error -32
[  244.841041][ T6059] loop0: detected capacity change from 0 to 4096
[  244.872348][ T5907] usb usb3-port1: attempt power cycle
[  244.906507][ T6059] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  245.200353][ T5869] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[  245.316474][ T5907] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  245.406889][ T5869] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  245.415547][ T5869] usb 5-1: config 0 has no interface number 0
[  245.422644][ T5869] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  245.434184][ T5869] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  245.451092][ T5869] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  245.462482][ T5869] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.560263][ T6059] ntfs3(loop0): ino=0, attr_set_size
[  245.590755][ T6059] ntfs3(loop0): ino=0, attr_set_size
[  245.611310][ T6059] ntfs3(loop0): ino=0, attr_set_size
[  245.619686][ T6059] ntfs3(loop0): no free space to extend mft
[  245.640465][ T6063] loop3: detected capacity change from 0 to 8192
[  245.666808][ T5907] usb 3-1: device descriptor read/8, error -32
[  245.736359][ T5869] usb 5-1: config 0 descriptor??
[  245.763589][ T6070] loop1: detected capacity change from 0 to 256
[  245.813309][ T5869] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  245.813579][ T6070] =======================================================
[  245.813579][ T6070] WARNING: The mand mount option has been deprecated and
[  245.813579][ T6070]          and is ignored by this kernel. Remove the mand
[  245.813579][ T6070]          option from the mount to silence this warning.
[  245.813579][ T6070] =======================================================
[  245.929966][ T5907] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  245.971982][ T5907] usb 3-1: device descriptor read/8, error -32
[  246.028788][ T5869] usb 5-1: USB disconnect, device number 2
[  246.093780][ T5907] usb usb3-port1: unable to enumerate USB device
[  246.316013][ T5874] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  246.609482][ T5874] usb 2-1: too many endpoints for config 0 interface 0 altsetting 254: 253, using maximum allowed: 30
[  246.621486][ T5874] usb 2-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.632170][ T5874] usb 2-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  246.646090][ T5874] usb 2-1: config 0 interface 0 has no altsetting 0
[  246.653329][ T5874] usb 2-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  246.663030][ T5874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.194878][ T5874] usb 2-1: config 0 descriptor??
[  248.676032][ T6082] loop3: detected capacity change from 0 to 32768
[  248.676449][ T6070] nbd1: detected capacity change from 0 to 1024
[  248.706107][ T6082] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.21 (6082)
[  248.799775][ T6082] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  248.817193][ T6082] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  248.835398][ T6082] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  248.955152][ T6085] block nbd1: Send control failed (result -89)
[  248.962241][ T6085] block nbd1: Request send failed, requeueing
[  248.973623][   T53] block nbd1: Dead connection, failed to find a fallback
[  248.981210][   T53] block nbd1: shutting down sockets
[  248.986851][   T53] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  248.997356][   T53] Buffer I/O error on dev nbd1, logical block 0, async page read
[  249.006241][ T6083] block nbd1: NBD_DISCONNECT
[  249.011444][ T6083] block nbd1: Send disconnect failed -89
[  249.210968][ T6085] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.221132][ T6085] Buffer I/O error on dev nbd1, logical block 0, async page read
[  249.229946][ T6085] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.245783][ T6085] Buffer I/O error on dev nbd1, logical block 0, async page read
[  249.255720][ T6085] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.265226][ T6085] Buffer I/O error on dev nbd1, logical block 0, async page read
[  249.273965][ T6085] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.283554][ T6085] Buffer I/O error on dev nbd1, logical block 0, async page read
[  249.292136][ T6085] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.301720][ T6085] Buffer I/O error on dev nbd1, logical block 0, async page read
[  249.310222][ T6085] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.319770][ T6085] Buffer I/O error on dev nbd1, logical block 0, async page read
[  249.328268][ T6085] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.344451][ T6085] Buffer I/O error on dev nbd1, logical block 0, async page read
[  249.354218][ T6085] ldm_validate_partition_table(): Disk read failed.
[  249.361464][ T6085] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.371252][ T6085] Buffer I/O error on dev nbd1, logical block 0, async page read
[  249.379618][ T6085] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  249.390129][ T6085] Buffer I/O error on dev nbd1, logical block 0, async page read
[  249.398642][ T6085] Dev nbd1: unable to read RDB block 0
[  249.406595][ T6085]  nbd1: unable to read partition table
[  249.430760][ T5874] hid-alps 0003:044E:120C.0001: unbalanced collection at end of report description
[  249.454030][ T5874] hid-alps 0003:044E:120C.0001: parse failed
[  249.460829][ T5874] hid-alps 0003:044E:120C.0001: probe with driver hid-alps failed with error -22
[  249.573310][ T6008] ldm_validate_partition_table(): Disk read failed.
[  249.581353][ T6008] Dev nbd1: unable to read RDB block 0
[  249.588070][ T6008]  nbd1: unable to read partition table
[  249.662168][ T6082] BTRFS info (device loop3): rebuilding free space tree
[  249.778290][ T6082] BTRFS info (device loop3): disabling free space tree
[  249.789496][ T6082] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  249.800542][ T6082] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  249.864744][ T6082] BTRFS info (device loop3): setting nodatasum
[  249.872387][ T6082] BTRFS info (device loop3): setting nodatacow
[  249.878801][ T6082] BTRFS info (device loop3): enabling ssd optimizations
[  249.886515][ T6082] BTRFS info (device loop3): using spread ssd allocation scheme
[  249.894592][ T6082] BTRFS info (device loop3): turning off barriers
[  249.901591][ T6082] BTRFS info (device loop3): enabling disk space caching
[  249.909267][ T6082] BTRFS info (device loop3): force clearing of disk cache
[  250.217501][   T30] audit: type=1800 audit(1757605847.833:2): pid=6082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.21" name="bus" dev="loop3" ino=263 res=0 errno=0
[  250.338078][ T5874] usb 2-1: USB disconnect, device number 2
[  250.563139][ T6008] ldm_validate_partition_table(): Disk read failed.
[  250.576095][ T6008] Dev nbd1: unable to read RDB block 0
[  250.584455][ T6008]  nbd1: unable to read partition table
[  250.746582][ T6104] loop0: detected capacity change from 0 to 40427
[  250.761574][ T6104] F2FS-fs (loop0): build fault injection rate: 14
[  250.768275][ T6104] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  250.787516][ T6104] F2FS-fs (loop0): invalid crc value
[  250.880812][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of bio_endio+0xeb4/0x1010
[  250.921342][    C1] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of bio_endio+0xeb4/0x1010
[  251.023350][ T5820] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  251.332754][ T6104] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  251.342931][ T6104] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_get_tmp_folio+0x38/0x50
[  251.407155][ T6104] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  252.013586][ T6120] warning: `syz.2.28' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  252.298607][ T6124] process 'syz.4.29' launched './file1' with NULL argv: empty string added
[  252.327109][ T6119] loop1: detected capacity change from 0 to 2048
[  252.383090][ T6119] EXT4-fs: Ignoring removed orlov option
[  252.389633][ T6119] EXT4-fs: Ignoring removed bh option
[  252.595442][ T6124] FAULT_INJECTION: forcing a failure.
[  252.595442][ T6124] name failslab, interval 1, probability 0, space 0, times 0
[  252.609273][ T6124] CPU: 0 UID: 0 PID: 6124 Comm: syz.4.29 Not tainted syzkaller #0 PREEMPT(none) 
[  252.609435][ T6124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  252.609527][ T6124] Call Trace:
[  252.609583][ T6124]  <TASK>
[  252.609640][ T6124]  __dump_stack+0x26/0x30
[  252.609835][ T6124]  dump_stack_lvl+0x1df/0x270
[  252.610048][ T6124]  dump_stack+0x1e/0x25
[  252.610225][ T6124]  should_fail_ex+0x7dc/0x8a0
[  252.610418][ T6124]  should_failslab+0x15b/0x200
[  252.610615][ T6124]  kmem_cache_alloc_noprof+0xf0/0xec0
[  252.610820][ T6124]  ? security_file_alloc+0x7a/0x6e0
[  252.610978][ T6124]  ? kmsan_get_metadata+0xfb/0x160
[  252.611163][ T6124]  ? kmsan_get_metadata+0xfb/0x160
[  252.611363][ T6124]  security_file_alloc+0x7a/0x6e0
[  252.611523][ T6124]  init_file+0x91/0x330
[  252.611684][ T6124]  alloc_empty_file+0x165/0x5b0
[  252.611842][ T6124]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  252.612052][ T6124]  path_openat+0xa1/0x6760
[  252.612222][ T6124]  ? kmsan_get_metadata+0xfb/0x160
[  252.612400][ T6124]  ? kmsan_get_metadata+0xfb/0x160
[  252.612575][ T6124]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  252.612771][ T6124]  ? do_filp_open+0x31/0x660
[  252.612943][ T6124]  ? filter_irq_stacks+0x49/0x190
[  252.613109][ T6124]  ? stack_depot_save_flags+0x35/0x7b0
[  252.613269][ T6124]  ? kmsan_get_metadata+0xfb/0x160
[  252.613451][ T6124]  ? kmsan_get_metadata+0xfb/0x160
[  252.613630][ T6124]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  252.613800][ T6124]  ? kmsan_get_metadata+0xfb/0x160
[  252.613987][ T6124]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  252.614189][ T6124]  do_filp_open+0x280/0x660
[  252.614378][ T6124]  ? stack_depot_save_flags+0x35/0x7b0
[  252.614536][ T6124]  ? kmsan_get_metadata+0xfb/0x160
[  252.614717][ T6124]  ? kmsan_internal_memmove_metadata+0x91/0x230
[  252.614899][ T6124]  ? kmsan_get_metadata+0xfb/0x160
[  252.615103][ T6124]  do_open_execat+0x163/0x8e0
[  252.615303][ T6124]  alloc_bprm+0x45/0xc90
[  252.615473][ T6124]  ? kmsan_get_metadata+0xfb/0x160
[  252.615654][ T6124]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  252.615854][ T6124]  do_execveat_common+0x28b/0xdf0
[  252.616064][ T6124]  ? getname_flags+0x5f4/0xac0
[  252.616300][ T6124]  __x64_sys_execveat+0x144/0x1e0
[  252.616514][ T6124]  x64_sys_call+0x2671/0x3e20
[  252.616722][ T6124]  do_syscall_64+0xd9/0x210
[  252.616874][ T6124]  ? irqentry_exit+0x16/0x60
[  252.617081][ T6124]  ? clear_bhb_loop+0x40/0x90
[  252.617253][ T6124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.617416][ T6124] RIP: 0033:0x7f3e3158eba9
[  252.617522][ T6124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.617649][ T6124] RSP: 002b:00007f3e323d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  252.617793][ T6124] RAX: ffffffffffffffda RBX: 00007f3e317d5fa0 RCX: 00007f3e3158eba9
[  252.617900][ T6124] RDX: 0000200000000300 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  252.618020][ T6124] RBP: 00007f3e323d1090 R08: 0000000000000100 R09: 0000000000000000
[  252.618115][ T6124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.618209][ T6124] R13: 00007f3e317d6038 R14: 00007f3e317d5fa0 R15: 00007fffb4894ec8
[  252.618359][ T6124]  </TASK>
[  253.108763][ T6119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.632570][    C0] F2FS-fs (loop0): inject write IO error in f2fs_write_end_io of bio_endio+0xeb4/0x1010
[  254.642989][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(none) 
[  254.643145][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  254.643232][    C0] Call Trace:
[  254.643285][    C0]  <TASK>
[  254.643340][    C0]  __dump_stack+0x26/0x30
[  254.643527][    C0]  dump_stack_lvl+0x1df/0x270
[  254.643722][    C0]  dump_stack+0x1e/0x25
[  254.643905][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  254.644178][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  254.644407][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  254.644628][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  254.644786][    C0]  bio_endio+0xeb4/0x1010
[  254.644982][    C0]  blk_update_request+0xf4c/0x1a90
[  254.645212][    C0]  blk_mq_end_request+0x50/0xb0
[  254.645385][    C0]  lo_complete_rq+0x188/0x3a0
[  254.645585][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  254.645782][    C0]  blk_done_softirq+0x10f/0x1f0
[  254.646010][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  254.646236][    C0]  handle_softirqs+0x166/0x6e0
[  254.646427][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  254.646605][    C0]  run_ksoftirqd+0x29/0x50
[  254.646774][    C0]  smpboot_thread_fn+0x56c/0xa30
[  254.647033][    C0]  kthread+0xd59/0xf00
[  254.647185][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  254.647430][    C0]  ? __pfx_kthread+0x10/0x10
[  254.647600][    C0]  ret_from_fork+0x1e3/0x310
[  254.647757][    C0]  ? __pfx_kthread+0x10/0x10
[  254.647926][    C0]  ret_from_fork_asm+0x1a/0x30
[  254.648182][    C0]  </TASK>
[  254.648245][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  254.805913][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(none) 
[  254.806081][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  254.806172][    C0] Call Trace:
[  254.806230][    C0]  <TASK>
[  254.806287][    C0]  __dump_stack+0x26/0x30
[  254.806488][    C0]  dump_stack_lvl+0x1df/0x270
[  254.806695][    C0]  dump_stack+0x1e/0x25
[  254.806959][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  254.807236][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  254.807470][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  254.807684][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  254.807850][    C0]  bio_endio+0xeb4/0x1010
[  254.808136][    C0]  blk_update_request+0xf4c/0x1a90
[  254.808367][    C0]  blk_mq_end_request+0x50/0xb0
[  254.808543][    C0]  lo_complete_rq+0x188/0x3a0
[  254.808759][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  254.809022][    C0]  blk_done_softirq+0x10f/0x1f0
[  254.809244][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  254.809459][    C0]  handle_softirqs+0x166/0x6e0
[  254.809636][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  254.809806][    C0]  run_ksoftirqd+0x29/0x50
[  254.809986][    C0]  smpboot_thread_fn+0x56c/0xa30
[  254.810223][    C0]  kthread+0xd59/0xf00
[  254.810370][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  254.810607][    C0]  ? __pfx_kthread+0x10/0x10
[  254.810765][    C0]  ret_from_fork+0x1e3/0x310
[  254.810936][    C0]  ? __pfx_kthread+0x10/0x10
[  254.811096][    C0]  ret_from_fork_asm+0x1a/0x30
[  254.811329][    C0]  </TASK>
[  254.959789][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  254.960396][ T5874] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[  254.966907][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(none) 
[  254.967050][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  254.967132][    C0] Call Trace:
[  254.967185][    C0]  <TASK>
[  254.967238][    C0]  __dump_stack+0x26/0x30
[  254.967416][    C0]  dump_stack_lvl+0x1df/0x270
[  254.967603][    C0]  dump_stack+0x1e/0x25
[  254.967781][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  254.968037][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  254.968247][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  254.968440][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  254.968585][    C0]  bio_endio+0xeb4/0x1010
[  254.968776][    C0]  blk_update_request+0xf4c/0x1a90
[  254.968994][    C0]  blk_mq_end_request+0x50/0xb0
[  254.969152][    C0]  lo_complete_rq+0x188/0x3a0
[  254.969335][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  254.969517][    C0]  blk_done_softirq+0x10f/0x1f0
[  254.969717][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  254.969920][    C0]  handle_softirqs+0x166/0x6e0
[  254.970113][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  254.970275][    C0]  run_ksoftirqd+0x29/0x50
[  254.970436][    C0]  smpboot_thread_fn+0x56c/0xa30
[  254.970663][    C0]  kthread+0xd59/0xf00
[  254.970803][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  254.971032][    C0]  ? __pfx_kthread+0x10/0x10
[  254.971179][    C0]  ret_from_fork+0x1e3/0x310
[  254.971323][    C0]  ? __pfx_kthread+0x10/0x10
[  254.971472][    C0]  ret_from_fork_asm+0x1a/0x30
[  254.971690][    C0]  </TASK>
[  254.971882][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  255.132372][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(none) 
[  255.132531][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  255.132621][    C0] Call Trace:
[  255.132688][    C0]  <TASK>
[  255.132747][    C0]  __dump_stack+0x26/0x30
[  255.132942][    C0]  dump_stack_lvl+0x1df/0x270
[  255.133150][    C0]  dump_stack+0x1e/0x25
[  255.133330][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  255.133598][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  255.133835][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  255.134042][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  255.134197][    C0]  bio_endio+0xeb4/0x1010
[  255.134385][    C0]  blk_update_request+0xf4c/0x1a90
[  255.134604][    C0]  blk_mq_end_request+0x50/0xb0
[  255.134783][    C0]  lo_complete_rq+0x188/0x3a0
[  255.134977][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  255.135166][    C0]  blk_done_softirq+0x10f/0x1f0
[  255.135375][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  255.135589][    C0]  handle_softirqs+0x166/0x6e0
[  255.135786][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  255.135961][    C0]  run_ksoftirqd+0x29/0x50
[  255.136130][    C0]  smpboot_thread_fn+0x56c/0xa30
[  255.136372][    C0]  kthread+0xd59/0xf00
[  255.136516][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  255.136759][    C0]  ? __pfx_kthread+0x10/0x10
[  255.136914][    C0]  ret_from_fork+0x1e3/0x310
[  255.137072][    C0]  ? __pfx_kthread+0x10/0x10
[  255.137231][    C0]  ret_from_fork_asm+0x1a/0x30
[  255.137469][    C0]  </TASK>
[  255.137530][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  255.295855][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(none) 
[  255.296015][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  255.296109][    C0] Call Trace:
[  255.296165][    C0]  <TASK>
[  255.296222][    C0]  __dump_stack+0x26/0x30
[  255.296418][    C0]  dump_stack_lvl+0x1df/0x270
[  255.296622][    C0]  dump_stack+0x1e/0x25
[  255.296808][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  255.297072][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  255.297300][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  255.297511][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  255.297666][    C0]  bio_endio+0xeb4/0x1010
[  255.297861][    C0]  blk_update_request+0xf4c/0x1a90
[  255.298080][    C0]  blk_mq_end_request+0x50/0xb0
[  255.298250][    C0]  lo_complete_rq+0x188/0x3a0
[  255.298448][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  255.298645][    C0]  blk_done_softirq+0x10f/0x1f0
[  255.298868][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  255.299085][    C0]  handle_softirqs+0x166/0x6e0
[  255.299268][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  255.299438][    C0]  run_ksoftirqd+0x29/0x50
[  255.299604][    C0]  smpboot_thread_fn+0x56c/0xa30
[  255.299855][    C0]  kthread+0xd59/0xf00
[  255.300005][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  255.300247][    C0]  ? __pfx_kthread+0x10/0x10
[  255.300408][    C0]  ret_from_fork+0x1e3/0x310
[  255.300565][    C0]  ? __pfx_kthread+0x10/0x10
[  255.300733][    C0]  ret_from_fork_asm+0x1a/0x30
[  255.300972][    C0]  </TASK>
[  255.321305][ T5874] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  255.324281][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  255.327320][ T5874] usb 5-1: config 0 has no interface number 0
[  255.486684][ T5874] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  255.506261][ T5874] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  255.517767][ T5874] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  255.527217][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.579798][ T5874] usb 5-1: config 0 descriptor??
[  255.721936][ T5813] F2FS-fs (loop0): do_checkpoint failed err:-5, stop checkpoint
[  256.396905][ T5874] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  256.576279][ T5874] usb 5-1: USB disconnect, device number 3
[  256.742248][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.579523][ T6145] netlink: 8 bytes leftover after parsing attributes in process `syz.1.36'.
[  257.710436][ T4366] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  257.779959][ T4366] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  257.824582][ T6145] Zero length message leads to an empty skb
[  257.832604][ T4366] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  257.947106][ T4366] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  258.183255][ T6147] 9pnet_fd: Insufficient options for proto=fd
[  258.386459][ T6149] loop2: detected capacity change from 0 to 1024
[  258.470626][ T6149] EXT4-fs: Ignoring removed nobh option
[  258.477969][ T6149] EXT4-fs: quotafile must be on filesystem root
[  259.185396][ T5907] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  259.197559][ T5874] usb 2-1: new low-speed USB device number 3 using dummy_hcd
[  259.479974][ T5907] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  259.491344][ T5907] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  259.513251][ T5874] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  259.523516][ T5874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.545614][ T5907] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  259.556395][ T5907] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  259.565056][ T5907] usb 4-1: Manufacturer: syz
[  259.584326][ T5874] usb 2-1: config 0 descriptor??
[  259.642008][ T5907] usb 4-1: config 0 descriptor??
[  259.857014][ T5874] asix 2-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  260.019742][ T5869] usb 3-1: new low-speed USB device number 6 using dummy_hcd
[  260.152243][ T6160] loop0: detected capacity change from 0 to 256
[  260.202777][ T6160] msdos: Unknown parameter '0x000000000000000d'
[  260.208523][ T5869] usb 3-1: unable to get BOS descriptor or descriptor too short
[  260.265687][ T5874] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  260.278222][ T5874] asix 2-1:0.0: probe with driver asix failed with error -61
[  260.303351][ T5869] usb 3-1: config 7 has an invalid interface number: 67 but max is 0
[  260.312624][ T5869] usb 3-1: config 7 has no interface number 0
[  260.404091][ T6160] netlink: 24 bytes leftover after parsing attributes in process `syz.0.33'.
[  260.439887][    T9] usb 4-1: USB disconnect, device number 2
[  260.470965][ T5869] usb 3-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=6b.16
[  260.481305][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.491137][ T5869] usb 3-1: Product: 㯑
[  260.900984][ T5869] usb 3-1: USB disconnect, device number 6
[  261.797104][ T6167] loop4: detected capacity change from 0 to 1024
[  262.134980][ T6174] loop2: detected capacity change from 0 to 512
[  262.220525][ T5874] usb 2-1: USB disconnect, device number 3
[  262.517171][ T6174] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  262.525202][ T6174] UDF-fs: Scanning with blocksize 512 failed
[  262.673003][ T6174] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  262.680955][ T6174] UDF-fs: Scanning with blocksize 1024 failed
[  262.688954][    C0] hrtimer: interrupt took 433987 ns
[  262.755800][ T6174] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  262.764766][ T6174] UDF-fs: Scanning with blocksize 2048 failed
[  262.882660][ T6174] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  262.962223][ T5869] usb 1-1: new low-speed USB device number 3 using dummy_hcd
[  263.003063][ T6174] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  263.174452][ T5869] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  263.183047][ T5869] usb 1-1: config 0 has no interface number 0
[  263.189738][ T5869] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  263.201284][ T5869] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  263.211751][ T5869] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  263.221481][ T5869] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.295559][ T1134] hfsplus: b-tree write err: -5, ino 4
[  263.316105][ T5869] usb 1-1: config 0 descriptor??
[  263.346844][ T5869] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  263.495179][ T6179] loop1: detected capacity change from 0 to 4096
[  263.533235][ T6179] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  263.539373][ T5869] usb 1-1: USB disconnect, device number 3
[  263.943453][ T6179] ntfs3(loop1): ino=0, attr_set_size
[  264.038594][ T6179] ntfs3(loop1): ino=0, attr_set_size
[  264.295172][ T6179] ntfs3(loop1): ino=0, attr_set_size
[  264.471495][ T6179] ntfs3(loop1): no free space to extend mft
[  264.656081][ T6185] loop4: detected capacity change from 0 to 32768
[  264.950920][ T6185] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  265.275342][ T6193] loop3: detected capacity change from 0 to 256
[  265.374068][ T6194] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  265.528891][ T6185] overlay: ./file0 is not a directory
[  265.662709][ T6193] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  265.778131][ T6197] loop2: detected capacity change from 0 to 256
[  265.851121][ T6197] msdos: Unknown parameter '0x000000000000000d'
[  265.933309][ T5874] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  266.191942][ T5874] usb 5-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.204711][ T5874] usb 5-1: config 0 interface 0 altsetting 64 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.215577][ T5874] usb 5-1: config 0 interface 0 has no altsetting 0
[  266.222719][ T5874] usb 5-1: New USB device found, idVendor=172f, idProduct=0032, bcdDevice= 0.00
[  266.237208][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.326995][ T5874] usb 5-1: config 0 descriptor??
[  266.357914][ T5874] usbhid 5-1:0.0: can't add hid device: -22
[  266.364734][ T5874] usbhid 5-1:0.0: probe with driver usbhid failed with error -22
[  266.452463][ T6193] fuse: Bad value for 'fd'
[  266.559479][ T6185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.570171][ T6185] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  266.660874][ T5874] usb 5-1: USB disconnect, device number 4
[  267.525178][ T6213] 9pnet_fd: Insufficient options for proto=fd
[  267.743833][ T5816] ocfs2: Unmounting device (7,4) on (node local)
[  267.780100][ T6211] netlink: 28 bytes leftover after parsing attributes in process `syz.2.59'.
[  267.841352][ T5869] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  268.029621][ T5869] usb 2-1: device descriptor read/64, error -71
[  268.299319][ T5869] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  268.411083][ T6216] loop3: detected capacity change from 0 to 256
[  268.449468][ T5869] usb 2-1: device descriptor read/64, error -71
[  268.594086][ T5869] usb usb2-port1: attempt power cycle
[  269.040071][ T5869] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  269.119846][ T5869] usb 2-1: device descriptor read/8, error -71
[  269.427321][ T5869] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  269.562126][ T5869] usb 2-1: device descriptor read/8, error -71
[  269.729695][ T5869] usb usb2-port1: unable to enumerate USB device
[  270.278600][ T6222] loop2: detected capacity change from 0 to 512
[  270.334455][ T6224] netlink: 'syz.0.65': attribute type 10 has an invalid length.
[  270.530163][ T6226] binfmt_misc: register: failed to install interpreter file ./file2
[  270.674827][ T6222] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  270.688384][ T6222] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  271.048338][ T6222] fuse: Bad value for 'fd'
[  271.313253][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  271.836130][ T6244] loop3: detected capacity change from 0 to 256
[  271.901615][ T6244] msdos: Unknown parameter '0x000000000000000d'
[  272.005267][ T6244] netlink: 24 bytes leftover after parsing attributes in process `syz.3.69'.
[  272.635823][ T6245] loop4: detected capacity change from 0 to 4096
[  273.088251][ T6256] loop1: detected capacity change from 0 to 2048
[  273.439533][ T6261] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  274.035580][ T6269] netlink: 129704 bytes leftover after parsing attributes in process `syz.0.76'.
[  274.821320][ T6277] loop2: detected capacity change from 0 to 512
[  275.060859][ T6277] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  275.075976][ T6277] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  275.330959][ T6277] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.81: Invalid block bitmap block 0 in block_group 0
[  275.585472][ T6277] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  275.639829][ T6277] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.81: attempt to clear invalid blocks 983261 len 1
[  275.865579][ T6277] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.81: Invalid inode table block 0 in block_group 0
[  275.926922][ T6277] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  275.966708][ T6277] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  276.024844][ T6277] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.81: Invalid inode table block 0 in block_group 0
[  276.057554][ T6277] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  276.088467][ T6277] EXT4-fs error (device loop2): ext4_truncate:4666: inode #11: comm syz.2.81: mark_inode_dirty error
[  276.129911][ T6277] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  276.180824][ T6277] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.81: Invalid inode table block 0 in block_group 0
[  276.219895][ T6277] EXT4-fs (loop2): 1 truncate cleaned up
[  276.228212][ T6277] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.322250][ T5869] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  276.490455][ T5869] usb 4-1: device descriptor read/64, error -71
[  276.701647][ T6291] loop4: detected capacity change from 0 to 256
[  276.751175][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.771382][ T5869] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  276.792175][ T6291] msdos: Unknown parameter '0x000000000000000d'
[  276.893059][ T6291] netlink: 24 bytes leftover after parsing attributes in process `syz.4.85'.
[  277.009644][ T5869] usb 4-1: device descriptor read/64, error -71
[  277.146248][ T5869] usb usb4-port1: attempt power cycle
[  277.636949][ T5869] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  277.879770][ T5869] usb 4-1: device descriptor read/8, error -71
[  278.171630][ T5869] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  278.292140][ T5869] usb 4-1: device descriptor read/8, error -71
[  278.407186][ T5869] usb usb4-port1: unable to enumerate USB device
[  278.691612][ T6296] loop2: detected capacity change from 0 to 2048
[  279.126604][ T6310] loop3: detected capacity change from 0 to 16
[  279.257698][ T6310] erofs (device loop3): mounted with root inode @ nid 36.
[  279.490896][ T6312] 9pnet_fd: Insufficient options for proto=fd
[  279.588899][ T6312] overlayfs: failed to get redirect (-117)
[  280.033375][ T6309] loop4: detected capacity change from 0 to 32768
[  280.044268][ T6309] bcachefs: bch2_fs_parse_param() Error parsing option recovery_pass_last: option_value
[  281.872407][ T1134] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.013714][ T6316] loop0: detected capacity change from 0 to 4096
[  282.061212][ T6316] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  282.132819][ T1134] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.153546][ T6327] netlink: 129704 bytes leftover after parsing attributes in process `syz.2.98'.
[  282.389947][ T1134] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.712735][ T6316] ntfs3(loop0): ino=0, attr_set_size
[  282.755986][ T6316] ntfs3(loop0): ino=0, attr_set_size
[  282.866726][ T1134] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.619759][   T24] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  283.695766][ T1134] bridge_slave_1: left allmulticast mode
[  283.703434][ T1134] bridge_slave_1: left promiscuous mode
[  283.710869][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.728680][ T1134] bridge_slave_0: left allmulticast mode
[  283.735121][ T1134] bridge_slave_0: left promiscuous mode
[  283.747123][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.859156][   T24] usb 1-1: config 0 has an invalid interface number: 235 but max is 0
[  283.867792][   T24] usb 1-1: config 0 has no interface number 0
[  283.874495][   T24] usb 1-1: config 0 interface 235 altsetting 16 endpoint 0x5 has invalid wMaxPacketSize 0
[  283.884967][   T24] usb 1-1: config 0 interface 235 has no altsetting 0
[  284.233296][   T24] usb 1-1: New USB device found, idVendor=06cd, idProduct=0112, bcdDevice=3e.18
[  284.243403][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.252248][   T24] usb 1-1: Product: syz
[  284.260740][   T24] usb 1-1: Manufacturer: syz
[  284.265553][   T24] usb 1-1: SerialNumber: syz
[  284.347756][   T24] usb 1-1: config 0 descriptor??
[  284.620553][   T24] usb 1-1: can't set config #0, error -71
[  284.658223][   T24] usb 1-1: USB disconnect, device number 4
[  285.053253][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  285.104422][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  285.124199][ T1134] bond0 (unregistering): Released all slaves
[  287.515337][ T5869] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  287.628616][ T1134] hsr_slave_0: left promiscuous mode
[  287.679874][ T5869] usb 1-1: device descriptor read/64, error -71
[  287.710234][ T1134] hsr_slave_1: left promiscuous mode
[  287.719498][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  287.727220][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0
[  287.853445][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  287.861476][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1
[  287.966049][ T5869] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  288.061662][ T1134] veth1_macvtap: left promiscuous mode
[  288.067433][ T1134] veth0_macvtap: left promiscuous mode
[  288.073988][ T1134] veth1_vlan: left promiscuous mode
[  288.079918][ T1134] veth0_vlan: left promiscuous mode
[  288.151975][ T5869] usb 1-1: device descriptor read/64, error -71
[  288.579433][ T1704] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  288.740799][ T5869] usb usb1-port1: attempt power cycle
[  288.873579][ T1704] usb 2-1: unable to get BOS descriptor or descriptor too short
[  288.947488][ T1704] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  288.957005][ T1704] usb 2-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  288.973575][ T1704] usb 2-1: config 1 interface 0 has no altsetting 1
[  289.150182][ T5869] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  289.161444][   T49] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  289.178265][   T49] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  289.197257][ T5869] usb 1-1: device descriptor read/8, error -71
[  289.205878][   T49] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  289.234262][ T1704] usb 2-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  289.244071][ T1704] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.252673][ T1704] usb 2-1: Product: syz
[  289.257072][ T1704] usb 2-1: Manufacturer: syz
[  289.262046][ T1704] usb 2-1: SerialNumber: syz
[  289.280014][   T49] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  289.312500][   T49] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  289.471648][ T1704] smsusb:smsusb_probe: board id=8, interface number 0
[  289.494110][ T5869] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  289.697371][ T1134] team0 (unregistering): Port device team_slave_1 removed
[  289.753128][ T1704] smsusb:smsusb_probe: usb_set_interface failed, rc -71
[  289.764377][ T1704] smsusb 2-1:1.0: probe with driver smsusb failed with error -71
[  289.901214][ T1704] usb 2-1: USB disconnect, device number 8
[  289.995055][ T1134] team0 (unregistering): Port device team_slave_0 removed
[  290.611494][ T5869] usb 1-1: device descriptor read/8, error -71
[  290.721109][ T5869] usb usb1-port1: unable to enumerate USB device
[  290.766540][ T6366] loop2: detected capacity change from 0 to 256
[  291.240251][ T6366] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  291.334874][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  291.341841][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  291.391042][   T49] Bluetooth: hci3: command tx timeout
[  291.394808][ T6366] fuse: Bad value for 'fd'
[  291.554172][ T5869] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  291.694469][ T6374] loop4: detected capacity change from 0 to 256
[  291.783227][ T5869] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  291.794018][ T5869] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  291.953900][ T5869] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  291.967017][ T5869] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  291.975565][ T5869] usb 1-1: Manufacturer: syz
[  292.011581][ T6374] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  292.084115][ T5869] usb 1-1: config 0 descriptor??
[  292.221576][ T6374] fuse: Bad value for 'fd'
[  293.186393][ T5869] usb 1-1: USB disconnect, device number 9
[  293.520833][   T49] Bluetooth: hci3: command tx timeout
[  294.301588][ T6389] loop2: detected capacity change from 0 to 32768
[  294.322647][ T6389] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.115 (6389)
[  294.364610][ T6389] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  294.375358][ T6389] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  294.829919][ T6389] BTRFS info (device loop2): setting nodatasum
[  294.836363][ T6389] BTRFS info (device loop2): setting nodatacow
[  294.842945][ T6389] BTRFS info (device loop2): enabling free space tree
[  294.850055][ T6389] BTRFS info (device loop2): max_inline set to 0
[  295.285240][ T5824] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  295.592395][   T49] Bluetooth: hci3: command tx timeout
[  295.644131][ T6357] chnl_net:caif_netlink_parms(): no params data found
[  295.848036][ T6422] netlink: 129704 bytes leftover after parsing attributes in process `syz.1.116'.
[  297.182670][   T24] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  297.914624][   T49] Bluetooth: hci3: command tx timeout
[  298.275776][ T6440] loop0: detected capacity change from 0 to 32768
[  298.319609][   T24] usb 3-1: Using ep0 maxpacket: 16
[  298.364660][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  298.377413][   T24] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  298.390501][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.466194][ T6440] 
[  298.466194][ T6440]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  298.466194][ T6440] 
[  298.605578][ T5813] 
[  298.605578][ T5813]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  298.605578][ T5813] 
[  298.730326][ T5813] 
[  298.730326][ T5813]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  298.730326][ T5813] 
[  298.825626][   T24] usb 3-1: config 0 descriptor??
[  299.622849][   T24] mcp2221 0003:04D8:00DD.0002: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  300.071767][   T24] usb 3-1: USB disconnect, device number 7
[  300.199574][ T5869] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  300.415436][ T6357] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.424194][ T6357] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.432539][ T6357] bridge_slave_0: entered allmulticast mode
[  300.450486][ T6357] bridge_slave_0: entered promiscuous mode
[  300.564723][ T5869] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 8
[  300.574241][ T5869] usb 1-1: can't read configurations, error -22
[  300.675925][ T6357] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.684045][ T6357] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.692945][ T6357] bridge_slave_1: entered allmulticast mode
[  300.703499][ T6357] bridge_slave_1: entered promiscuous mode
[  300.780230][ T5869] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  301.034942][ T5869] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 8
[  301.044217][ T5869] usb 1-1: can't read configurations, error -22
[  301.107725][ T5869] usb usb1-port1: attempt power cycle
[  301.541120][ T6357] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  301.590385][ T5869] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  301.647063][ T5869] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 8
[  301.657353][ T5869] usb 1-1: can't read configurations, error -22
[  301.801565][ T6357] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  301.849295][ T5869] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  302.053039][ T5869] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 8
[  302.062103][ T5869] usb 1-1: can't read configurations, error -22
[  302.240711][ T5869] usb usb1-port1: unable to enumerate USB device
[  302.683617][ T6457] loop2: detected capacity change from 0 to 32768
[  302.757471][ T6457] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section
[  302.757471][ T6457] clean (size 2912):
[  302.757471][ T6457] flags:          0
[  302.757471][ T6457] journal_seq:    10
[  302.757471][ T6457] usage: type=inodes v=8
[  302.757471][ T6457] usage: type=key_version v=0
[  302.757471][ T6457] usage: type=reserved v=0
[  302.757471][ T6457] btree_keys: btree=extents level=0 u64s 8 type deleted 0:2048:0 len 8 ver 1065151889408: 
[  302.757471][ T6457] btree_keys: btree=extents level=0 u64s 1 type deleted POS_MIN len 240 ver 68719476736: 
[  302.757471][ T6457] btree_keys: btree=extents level=0 u64s 16 type deleted POS_MIN len 0 ver 1030792151040: 
[  302.757471][ T6457] clock: read=0
[  302.757471][ T6457] clock: write=1280
[  302.757471][ T6457] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN ptr: 0:6912 gen 0
[  302.757471][ T6457] btree_root: btree=inodes level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN ptr: 0:9728 gen 0
[  302.757471][ T6457] btree_root: btree=dirents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN ptr: 0:10496 gen 0
[  302.757471][ T6457] btree_root: btr
[  302.758577][ T6457] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  302.972676][ T6357] team0: Port device team_slave_0 added
[  303.162303][ T6357] team0: Port device team_slave_1 added
[  303.229650][ T6461] loop1: detected capacity change from 0 to 256
[  303.698590][ T6461] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  303.987385][ T6357] batman_adv: batadv0: Adding interface: batadv_slave_0
[  303.995482][ T6357] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.022236][    C0] vkms_vblank_simulate: vblank timer overrun
[  304.037510][ T6357] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  304.212131][ T6357] batman_adv: batadv0: Adding interface: batadv_slave_1
[  304.220383][ T6357] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.253337][ T6357] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  305.106223][ T6465] loop2: detected capacity change from 0 to 4096
[  305.445025][ T6469] loop4: detected capacity change from 0 to 32768
[  305.597088][ T6474] syz.1.131 uses obsolete (PF_INET,SOCK_PACKET)
[  305.650868][ T6469] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.130 (6469)
[  306.079919][ T6473] loop0: detected capacity change from 0 to 32768
[  306.099499][ T6473] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.132 (6473)
[  306.118007][ T6469] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  306.129234][ T6469] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  306.156362][ T6357] hsr_slave_0: entered promiscuous mode
[  306.174462][ T6357] hsr_slave_1: entered promiscuous mode
[  306.184173][ T6357] debugfs: 'hsr0' already exists in 'hsr'
[  306.190500][ T6357] Cannot create hsr debugfs directory
[  306.229610][ T6473] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  306.240339][ T6473] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  306.279691][ T6465] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.821976][ T6469] BTRFS info (device loop4): setting nodatasum
[  306.828626][ T6469] BTRFS info (device loop4): setting nodatacow
[  306.835516][ T6469] BTRFS info (device loop4): enabling free space tree
[  306.842798][ T6469] BTRFS info (device loop4): max_inline set to 0
[  306.943896][ T6473] BTRFS info (device loop0): rebuilding free space tree
[  306.983956][ T6473] BTRFS info (device loop0): disabling free space tree
[  306.996947][ T6473] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  307.007219][ T6473] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  307.186062][ T6473] BTRFS info (device loop0): enabling ssd optimizations
[  307.200467][ T6473] BTRFS info (device loop0): force clearing of disk cache
[  307.208143][ T6473] BTRFS info (device loop0): enabling auto defrag
[  307.423054][ T5816] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  307.436376][ T5813] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  307.744157][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.442223][ T6521] loop1: detected capacity change from 0 to 64
[  308.826029][ T6357] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  308.840554][ T6521] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  309.008857][ T6357] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  309.063152][ T6528] netlink: 129704 bytes leftover after parsing attributes in process `syz.2.136'.
[  309.182747][ T6357] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  309.296344][ T6357] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  309.919916][ T5869] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  310.199668][ T5869] usb 5-1: too many endpoints for config 0 interface 0 altsetting 254: 253, using maximum allowed: 30
[  310.211402][ T5869] usb 5-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  310.222026][ T5869] usb 5-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  310.236265][ T5869] usb 5-1: config 0 interface 0 has no altsetting 0
[  310.243943][ T5869] usb 5-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  310.253610][ T5869] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.654347][ T5869] usb 5-1: config 0 descriptor??
[  311.240506][ T6542] nbd4: detected capacity change from 0 to 1024
[  311.278725][ T6534] block nbd4: NBD_DISCONNECT
[  311.284133][ T6534] block nbd4: Send disconnect failed -89
[  311.327979][ T5993] block nbd4: Send control failed (result -89)
[  311.334757][ T5993] block nbd4: Request send failed, requeueing
[  311.341639][ T5993] block nbd4: Disconnected due to user request.
[  311.374272][ T6092] blk_print_req_error: 43 callbacks suppressed
[  311.374366][ T6092] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  311.394561][ T6092] buffer_io_error: 43 callbacks suppressed
[  311.394649][ T6092] Buffer I/O error on dev nbd4, logical block 0, async page read
[  311.468413][ T5993] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  311.478389][ T5993] Buffer I/O error on dev nbd4, logical block 0, async page read
[  311.487126][ T5993] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  311.501712][ T5993] Buffer I/O error on dev nbd4, logical block 0, async page read
[  311.511422][ T5993] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  311.521021][ T5993] Buffer I/O error on dev nbd4, logical block 0, async page read
[  311.529480][ T5993] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  311.538861][ T5993] Buffer I/O error on dev nbd4, logical block 0, async page read
[  311.547340][ T5993] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  311.558068][ T5993] Buffer I/O error on dev nbd4, logical block 0, async page read
[  311.566641][ T5993] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  311.576246][ T5993] Buffer I/O error on dev nbd4, logical block 0, async page read
[  311.584720][ T5993] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  311.594226][ T5993] Buffer I/O error on dev nbd4, logical block 0, async page read
[  311.607320][ T5993] ldm_validate_partition_table(): Disk read failed.
[  311.615664][ T5993] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  311.625419][ T5993] Buffer I/O error on dev nbd4, logical block 0, async page read
[  311.634081][ T5993] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  311.644046][ T5993] Buffer I/O error on dev nbd4, logical block 0, async page read
[  311.652760][ T5993] Dev nbd4: unable to read RDB block 0
[  311.659824][ T5993]  nbd4: unable to read partition table
[  311.752261][ T6542] ldm_validate_partition_table(): Disk read failed.
[  311.760468][ T6542] Dev nbd4: unable to read RDB block 0
[  311.767333][ T6542]  nbd4: unable to read partition table
[  311.877069][ T6357] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.134742][ T5869] hid-alps 0003:044E:120C.0003: unbalanced collection at end of report description
[  312.252490][ T5993] ldm_validate_partition_table(): Disk read failed.
[  312.261720][ T5993] Dev nbd4: unable to read RDB block 0
[  312.268567][ T5993]  nbd4: unable to read partition table
[  312.292183][ T6357] 8021q: adding VLAN 0 to HW filter on device team0
[  312.307046][ T5869] hid-alps 0003:044E:120C.0003: parse failed
[  312.322024][ T5869] hid-alps 0003:044E:120C.0003: probe with driver hid-alps failed with error -22
[  312.453529][ T3563] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.461406][ T3563] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.743869][ T3563] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.751788][ T3563] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.801171][ T5869] usb 5-1: USB disconnect, device number 5
[  314.516290][ T6553] loop1: detected capacity change from 0 to 256
[  315.252270][ T6552] block nbd1: shutting down sockets
[  317.190847][ T6571] loop0: detected capacity change from 0 to 128
[  317.257847][ T6571] FAT-fs (loop0): bogus number of reserved sectors
[  317.264891][ T6571] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  317.274697][ T6571] FAT-fs (loop0): Can't find a valid FAT filesystem
[  318.218643][ T6576] loop4: detected capacity change from 0 to 32768
[  318.235167][ T6575] loop2: detected capacity change from 0 to 32768
[  318.323060][ T6576] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.146 (6576)
[  318.392737][ T6576] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  318.404587][ T6576] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  318.594558][ T6575] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  318.660033][ T6568] loop1: detected capacity change from 0 to 4096
[  318.686952][ T6568] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  318.894183][ T6576] BTRFS info (device loop4): rebuilding free space tree
[  318.988315][ T6576] BTRFS info (device loop4): disabling free space tree
[  318.997951][ T6576] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  319.008527][ T6575] overlay: ./file0 is not a directory
[  319.008527][ T6576] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  319.035631][ T6576] BTRFS info (device loop4): enabling ssd optimizations
[  319.043371][ T6576] BTRFS info (device loop4): force clearing of disk cache
[  319.050966][ T6576] BTRFS info (device loop4): enabling auto defrag
[  319.288442][ T6357] 8021q: adding VLAN 0 to HW filter on device batadv0
[  319.391091][ T5816] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  319.498219][ T6568] ntfs3(loop1): ino=19, mi_enum_attr
[  319.504161][ T6568] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  320.193178][ T5824] ocfs2: Unmounting device (7,2) on (node local)
[  320.492888][ T6604] loop6: detected capacity change from 0 to 524287487
[  320.581471][ T6604] buffer_io_error: 43 callbacks suppressed
[  320.581558][ T6604] Buffer I/O error on dev loop6, logical block 0, async page read
[  320.598553][ T6604] Buffer I/O error on dev loop6, logical block 0, async page read
[  320.611722][ T6604] Buffer I/O error on dev loop6, logical block 0, async page read
[  320.621313][ T6604] Buffer I/O error on dev loop6, logical block 0, async page read
[  320.629778][ T6604] Buffer I/O error on dev loop6, logical block 0, async page read
[  320.638074][ T6604] Buffer I/O error on dev loop6, logical block 0, async page read
[  320.646741][ T6604] Buffer I/O error on dev loop6, logical block 0, async page read
[  320.655127][ T6604] Buffer I/O error on dev loop6, logical block 0, async page read
[  320.663647][ T6604] ldm_validate_partition_table(): Disk read failed.
[  320.670682][ T6604] Buffer I/O error on dev loop6, logical block 0, async page read
[  320.678820][ T6604] Buffer I/O error on dev loop6, logical block 0, async page read
[  320.687620][ T6604] Dev loop6: unable to read RDB block 0
[  320.695463][ T6604]  loop6: unable to read partition table
[  320.882336][ T6604] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  321.078748][ T5869] usb 5-1: new low-speed USB device number 6 using dummy_hcd
[  322.703290][ T5869] usb 5-1: device descriptor read/64, error -71
[  322.773315][ T6611] loop2: detected capacity change from 0 to 136
[  323.011544][ T5869] usb 5-1: new low-speed USB device number 7 using dummy_hcd
[  323.217312][ T6611] overlay: ./file0 is not a directory
[  323.284362][ T5869] usb 5-1: device descriptor read/64, error -71
[  323.400679][ T5869] usb usb5-port1: attempt power cycle
[  323.561586][ T6614] netlink: 'syz.0.151': attribute type 39 has an invalid length.
[  323.594841][ T6614] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.636000][ T5826] Bluetooth: Unexpected continuation frame (len 10)
[  323.790032][ T6614] bridge_slave_0 (unregistering): left allmulticast mode
[  323.797509][ T6614] bridge_slave_0 (unregistering): left promiscuous mode
[  323.805300][ T6614] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.872897][ T5869] usb 5-1: new low-speed USB device number 8 using dummy_hcd
[  323.970102][ T5869] usb 5-1: device descriptor read/8, error -71
[  325.355486][ T6637] netlink: 28 bytes leftover after parsing attributes in process `syz.1.155'.
[  325.602428][ T6644] netlink: 129704 bytes leftover after parsing attributes in process `syz.4.154'.
[  326.027571][ T6637] loop1: detected capacity change from 0 to 1024
[  326.146746][ T6651] netlink: 116 bytes leftover after parsing attributes in process `syz.2.157'.
[  326.202880][ T6646] loop0: detected capacity change from 0 to 1024
[  326.667854][ T6637] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.858698][ T6637] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.155: bg 0: block 153: padding at end of block bitmap is not set
[  326.911744][ T6357] veth0_vlan: entered promiscuous mode
[  327.163981][ T6357] veth1_vlan: entered promiscuous mode
[  327.395559][ T6637] ------------[ cut here ]------------
[  327.402872][ T6637] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0x2, 0x0] s64=[0x2, 0x0] u32=[0x2, 0x0] s32=[0x2, 0x0] var_off=(0x0, 0x0)(1)
[  327.420472][ T6637] WARNING: CPU: 0 PID: 6637 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0xb26/0x14b0
[  327.431635][ T6637] Modules linked in:
[  327.435796][ T6637] CPU: 0 UID: 0 PID: 6637 Comm: syz.1.155 Not tainted syzkaller #0 PREEMPT(none) 
[  327.446877][ T6637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  327.457586][ T6637] RIP: 0010:reg_bounds_sanity_check+0xb26/0x14b0
[  327.464722][ T6637] Code: ff ff ff b5 20 ff ff ff ff b5 18 ff ff ff ff b5 48 ff ff ff ff b5 10 ff ff ff ff b5 08 ff ff ff e8 5f 16 02 ff 48 83 c4 38 90 <0f> 0b 90 90 4c 8b bd 70 ff ff ff e9 83 f8 ff ff 8b 3a e8 d3 52 79
[  327.491620][ T6637] RSP: 0018:ffff88805ab36f58 EFLAGS: 00010282
[  327.498038][ T6637] RAX: ffffffff81207e8e RBX: ffff88805aaf3348 RCX: 0000000000080000
[  327.508452][ T6637] RDX: ffffc90009004000 RSI: 000000000000ab26 RDI: 000000000000ab27
[  327.517162][ T6637] RBP: ffff88805ab370d8 R08: ffffea000000000f R09: 0000000000000000
[  327.525677][ T6637] R10: ffff888237b7a028 R11: ffff88823f2635e0 R12: 0000000000000000
[  327.534290][ T6637] R13: ffff8881161d2c20 R14: 0000000000000000 R15: 0000000000000000
[  327.543611][ T6637] FS:  00007f0165f9e6c0(0000) GS:ffff8881aa691000(0000) knlGS:0000000000000000
[  327.553498][ T6637] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  327.560711][ T6637] CR2: 00007ff4d61b3a10 CR3: 000000004dea0000 CR4: 00000000003526f0
[  327.576185][ T6637] Call Trace:
[  327.581617][ T6637]  <TASK>
[  327.584835][ T6637]  ? kmsan_get_metadata+0xfb/0x160
[  327.590694][ T6637]  reg_set_min_max+0x3a8/0x440
[  327.595859][ T6637]  check_cond_jmp_op+0x3187/0x4820
[  327.601835][ T6637]  do_check+0x2374/0x15760
[  327.606549][ T6637]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  327.613097][ T6637]  ? __rcu_read_unlock+0x6d/0xd0
[  327.618353][ T6637]  ? __pfx_verbose+0x10/0x10
[  327.623732][ T6637]  ? __pfx_disasm_kfunc_name+0x10/0x10
[  327.630335][ T6637]  do_check_common+0x2482/0x3740
[  327.635653][ T6637]  bpf_check+0x61f8/0x2a100
[  327.640814][ T6637]  ? kmsan_get_metadata+0xfb/0x160
[  327.646320][ T6637]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  327.652723][ T6637]  ? pcpu_block_update_hint_alloc+0x12df/0x1390
[  327.659628][ T6637]  ? kmsan_get_metadata+0x150/0x160
[  327.665118][ T6637]  ? kmsan_get_metadata+0xfb/0x160
[  327.670861][ T6637]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  327.683703][ T6637]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  327.692272][ T6637]  ? kmsan_get_metadata+0xfb/0x160
[  327.697700][ T6637]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  327.704092][ T6637]  ? kmsan_get_metadata+0xfb/0x160
[  327.709773][ T6637]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  327.715887][ T6637]  ? strncpy_from_user+0xb1/0x470
[  327.721598][ T6637]  ? stack_depot_save_flags+0x35/0x7b0
[  327.727332][ T6637]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  327.734224][ T6637]  ? kmsan_get_metadata+0xfb/0x160
[  327.739899][ T6637]  ? kmsan_get_metadata+0xfb/0x160
[  327.745388][ T6637]  ? kmsan_get_metadata+0xfb/0x160
[  327.751428][ T6637]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  327.758169][ T6637]  ? kmsan_get_metadata+0xfb/0x160
[  327.763988][ T6637]  ? kmsan_get_metadata+0xfb/0x160
[  327.769726][ T6637]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  327.782374][ T6637]  bpf_prog_load+0x28e6/0x2e50
[  327.787500][ T6637]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  327.799771][ T6637]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  327.806252][ T6637]  ? security_bpf+0x88/0x620
[  327.813087][ T6637]  ? _copy_from_user+0xcb/0x100
[  327.818369][ T6637]  __sys_bpf+0x7f4/0xed0
[  327.823384][ T6637]  __x64_sys_bpf+0xa4/0xf0
[  327.828254][ T6637]  x64_sys_call+0x3550/0x3e20
[  327.833675][ T6637]  do_syscall_64+0xd9/0x210
[  327.838475][ T6637]  ? irqentry_exit+0x16/0x60
[  327.843674][ T6637]  ? clear_bhb_loop+0x40/0x90
[  327.848643][ T6637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.855283][ T6637] RIP: 0033:0x7f016518eba9
[  327.860311][ T6637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.887380][ T6637] RSP: 002b:00007f0165f9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  327.898309][ T6637] RAX: ffffffffffffffda RBX: 00007f01653d5fa0 RCX: 00007f016518eba9
[  327.906927][ T6637] RDX: 0000000000000048 RSI: 0000200000000100 RDI: 0000000000000005
[  327.915448][ T6637] RBP: 00007f0165211e19 R08: 0000000000000000 R09: 0000000000000000
[  327.924049][ T6637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  327.932701][ T6637] R13: 00007f01653d6038 R14: 00007f01653d5fa0 R15: 00007ffda775f138
[  327.941371][ T6637]  </TASK>
[  327.944576][ T6637] ---[ end trace 0000000000000000 ]---
[  328.027467][ T6357] veth0_macvtap: entered promiscuous mode
[  328.122115][ T6357] veth1_macvtap: entered promiscuous mode
[  328.308799][ T6664] loop0: detected capacity change from 0 to 136
[  328.576553][ T6664] overlay: ./file0 is not a directory
[  328.843700][ T6357] batman_adv: batadv0: Interface activated: batadv_slave_0
[  329.161893][ T6357] batman_adv: batadv0: Interface activated: batadv_slave_1
[  329.502098][ T6637] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.762213][ T3493] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  329.845699][ T3493] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  329.914900][ T3493] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  330.010844][ T3493] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  330.517369][ T6674] loop0: detected capacity change from 0 to 1024
[  330.792506][ T6679] netlink: 'syz.1.160': attribute type 4 has an invalid length.
[  330.855039][ T6674] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.363169][ T6674] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: comm syz.0.159: inode #808464432: comm syz.0.159: iget: illegal inode #
[  331.464284][ T6674] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.159: error while reading EA inode 808464432 err=-117
[  333.563731][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.104506][ T6706] loop1: detected capacity change from 0 to 256
[  334.300105][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  334.308795][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  334.318265][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  334.350903][ T5829] Bluetooth: hci4: command 0x0406 tx timeout
[  334.357976][ T5114] Bluetooth: hci2: command 0x0406 tx timeout
[  334.358347][ T5825] Bluetooth: hci0: command 0x0406 tx timeout
[  334.366911][ T5114] Bluetooth: hci1: command 0x0406 tx timeout
[  334.750662][ T1704] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  335.006768][ T1704] usb 2-1: too many endpoints for config 0 interface 0 altsetting 254: 253, using maximum allowed: 30
[  335.018325][ T1704] usb 2-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  335.028876][ T1704] usb 2-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  335.042853][ T1704] usb 2-1: config 0 interface 0 has no altsetting 0
[  335.052873][ T1704] usb 2-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  335.063573][ T1704] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.414119][ T1704] usb 2-1: config 0 descriptor??
[  335.721073][ T6706] nbd1: detected capacity change from 0 to 1024
[  335.749255][ T6008] block nbd1: Send control failed (result -89)
[  335.755813][ T6008] block nbd1: Request send failed, requeueing
[  335.781786][ T6723] block nbd1: NBD_DISCONNECT
[  335.786857][ T6723] block nbd1: Send disconnect failed -89
[  335.793575][   T96] block nbd1: Dead connection, failed to find a fallback
[  335.802202][   T96] block nbd1: shutting down sockets
[  335.807597][   T96] blk_print_req_error: 43 callbacks suppressed
[  335.807679][   T96] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  335.823767][   T96] buffer_io_error: 7 callbacks suppressed
[  335.823846][   T96] Buffer I/O error on dev nbd1, logical block 0, async page read
[  335.870617][ T6008] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  335.881931][ T6008] Buffer I/O error on dev nbd1, logical block 0, async page read
[  335.892492][ T6008] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  335.902367][ T6008] Buffer I/O error on dev nbd1, logical block 0, async page read
[  335.912423][ T6008] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  335.922382][ T6008] Buffer I/O error on dev nbd1, logical block 0, async page read
[  335.930901][ T6008] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  335.940351][ T6008] Buffer I/O error on dev nbd1, logical block 0, async page read
[  335.948612][ T6008] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  335.958345][ T6008] Buffer I/O error on dev nbd1, logical block 0, async page read
[  335.973899][ T6008] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  335.985110][ T6008] Buffer I/O error on dev nbd1, logical block 0, async page read
[  335.993444][ T6008] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  336.003157][ T6008] Buffer I/O error on dev nbd1, logical block 0, async page read
[  336.011480][ T6008] ldm_validate_partition_table(): Disk read failed.
[  336.018573][ T6008] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  336.028363][ T6008] Buffer I/O error on dev nbd1, logical block 0, async page read
[  336.036787][ T6008] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  336.046564][ T6008] Buffer I/O error on dev nbd1, logical block 0, async page read
[  336.055158][ T6008] Dev nbd1: unable to read RDB block 0
[  336.062161][ T6008]  nbd1: unable to read partition table
[  336.092024][ T6008] ldm_validate_partition_table(): Disk read failed.
[  336.100384][ T6008] Dev nbd1: unable to read RDB block 0
[  336.107216][ T6008]  nbd1: unable to read partition table
[  336.136491][ T6723] ldm_validate_partition_table(): Disk read failed.
[  336.144770][ T6723] Dev nbd1: unable to read RDB block 0
[  336.151662][ T6723]  nbd1: unable to read partition table
[  336.187839][ T1704] hid-alps 0003:044E:120C.0004: unbalanced collection at end of report description
[  336.231090][ T1704] hid-alps 0003:044E:120C.0004: parse failed
[  336.237788][ T1704] hid-alps 0003:044E:120C.0004: probe with driver hid-alps failed with error -22
[  336.828372][ T5869] usb 2-1: USB disconnect, device number 9
[  336.974017][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  336.988207][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  339.299827][ T6742] smc: net device bond0 applied user defined pnetid SYZ0
[  339.539671][ T6742] smc: net device bond0 erased user defined pnetid SYZ0
[  341.526765][ T6743] netlink: 1319 bytes leftover after parsing attributes in process `syz.2.171'.
[  345.288268][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  345.299897][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  346.209279][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  346.219690][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  346.311635][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  348.270140][ T1704] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  348.509721][ T1704] usb 2-1: Using ep0 maxpacket: 8
[  348.572631][ T1704] usb 2-1: config 0 has an invalid interface number: 246 but max is 0
[  348.582180][ T1704] usb 2-1: config 0 has no interface number 0
[  348.588536][ T1704] usb 2-1: config 0 interface 246 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  348.604589][ T6774] loop2: detected capacity change from 0 to 512
[  348.733983][ T6774] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  348.781477][ T1704] usb 2-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  348.791600][ T1704] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.800341][ T1704] usb 2-1: Product: syz
[  348.804830][ T1704] usb 2-1: Manufacturer: syz
[  348.809905][ T1704] usb 2-1: SerialNumber: syz
[  348.950610][ T6774] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.178: invalid indirect mapped block 4294967295 (level 1)
[  349.033940][ T1704] usb 2-1: config 0 descriptor??
[  349.040282][ T6774] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.178: invalid indirect mapped block 4294967295 (level 1)
[  349.082133][ T6774] EXT4-fs (loop2): 2 truncates cleaned up
[  349.092588][ T6774] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.848028][ T6785] loop0: detected capacity change from 0 to 2048
[  350.865261][ T6785] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=26504, location=26504
[  351.340450][ T6777] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  352.359473][ T6788] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  353.616036][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  353.623576][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  353.723937][ T6785] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  354.232452][ T1704] usb 2-1: can't set config #0, error -110
[  354.425606][ T5869] usb 2-1: USB disconnect, device number 10
[  354.802806][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.980061][ T5817] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  354.999574][ T5817] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  355.435292][ T5817] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  355.553655][ T5817] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  355.787193][ T5817] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  357.175052][ T6798] loop4: detected capacity change from 0 to 2048
[  357.275927][ T6798] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=3932051, location=3932051
[  358.046797][ T5826] Bluetooth: hci5: command tx timeout
[  358.381539][ T6798] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  359.230799][ T6814] loop1: detected capacity change from 0 to 1024
[  359.363490][ T6814] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  359.759378][ T6814] hfsplus: filesystem is marked journaled, leaving read-only.
[  359.991676][ T6794] chnl_net:caif_netlink_parms(): no params data found
[  360.119373][ T5826] Bluetooth: hci5: command tx timeout
[  361.276904][ T6823] loop4: detected capacity change from 0 to 32768
[  361.304245][ T6821] loop0: detected capacity change from 0 to 4096
[  361.397229][ T6821] EXT4-fs (loop0): Test dummy encryption mode enabled
[  361.404971][ T6821] EXT4-fs (loop0): unsupported descriptor size 255
[  361.584445][ T6823] JBD2: Ignoring recovery information on journal
[  362.223220][ T5826] Bluetooth: hci5: command tx timeout
[  364.420925][ T5826] Bluetooth: hci5: command tx timeout
[  364.900791][ T6823] JBD2: journal reset failed
[  364.905626][ T6823] (syz.4.187,6823,0):ocfs2_journal_load:1167 ERROR: Failed to load journal!
[  364.914950][ T6823] (syz.4.187,6823,0):ocfs2_check_volume:2376 ERROR: ocfs2 journal load failed! -4
[  365.341993][ T3647] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.381639][ T6837] capability: warning: `syz.2.190' uses deprecated v2 capabilities in a way that may be insecure
[  365.846153][ T3647] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.153740][ T3647] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.701294][ T3647] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.014485][ T6794] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.022446][ T6794] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.030695][ T6794] bridge_slave_0: entered allmulticast mode
[  369.046034][ T6794] bridge_slave_0: entered promiscuous mode
[  369.309517][ T6855] loop1: detected capacity change from 0 to 256
[  369.663248][ T6855] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  369.674578][ T6855] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  369.734475][ T6794] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.742616][ T6794] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.750871][ T6794] bridge_slave_1: entered allmulticast mode
[  369.767644][ T6794] bridge_slave_1: entered promiscuous mode
[  370.147775][ T6855] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  371.262961][ T3647] bridge_slave_1: left allmulticast mode
[  371.269140][ T3647] bridge_slave_1: left promiscuous mode
[  371.275986][ T3647] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.260316][ T3647] bridge_slave_0: left allmulticast mode
[  372.266423][ T3647] bridge_slave_0: left promiscuous mode
[  372.273922][ T3647] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.688599][ T6871] loop2: detected capacity change from 0 to 128
[  373.434346][ T6873] overlayfs: failed to get inode (-116)
[  373.529437][ T6873] overlayfs: failed to get inode (-116)
[  374.988465][ T3647] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  375.090798][ T3647] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  375.213037][ T3647] bond0 (unregistering): Released all slaves
[  375.750193][ T6794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  375.814499][ T6794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  375.865705][ T6887] tipc: Started in network mode
[  375.871372][ T6887] tipc: Node identity 86f8b7b9be44, cluster identity 4711
[  375.879982][ T6887] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  376.236134][ T6887] tipc: Resetting bearer <eth:syzkaller0>
[  376.529174][ T6794] team0: Port device team_slave_0 added
[  376.682972][ T6882] tipc: Disabling bearer <eth:syzkaller0>
[  376.769602][ T6881] loop2: detected capacity change from 0 to 8192
[  376.792004][ T6794] team0: Port device team_slave_1 added
[  377.660601][ T3647] hsr_slave_0: left promiscuous mode
[  377.711410][ T3647] hsr_slave_1: left promiscuous mode
[  377.721902][ T3647] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  377.729592][ T3647] batman_adv: batadv0: Removing interface: batadv_slave_0
[  377.812600][ T3647] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  377.822168][ T3647] batman_adv: batadv0: Removing interface: batadv_slave_1
[  377.969384][ T3647] veth1_macvtap: left promiscuous mode
[  377.975446][ T3647] veth0_macvtap: left promiscuous mode
[  377.983619][ T3647] veth1_vlan: left promiscuous mode
[  377.989448][ T3647] veth0_vlan: left promiscuous mode
[  379.068444][ T6906] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  379.903107][ T3647] team0 (unregistering): Port device team_slave_1 removed
[  380.095933][ T3647] team0 (unregistering): Port device team_slave_0 removed
[  382.586865][ T6794] batman_adv: batadv0: Adding interface: batadv_slave_0
[  382.594727][ T6794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.621811][ T6794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  382.744737][ T6794] batman_adv: batadv0: Adding interface: batadv_slave_1
[  382.753956][ T6794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.785356][ T6794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  384.193818][ T6794] hsr_slave_0: entered promiscuous mode
[  384.219170][ T6794] hsr_slave_1: entered promiscuous mode
[  384.233855][ T6794] debugfs: 'hsr0' already exists in 'hsr'
[  384.241413][ T6794] Cannot create hsr debugfs directory
[  384.251478][ T1898] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  384.479518][ T1898] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  384.488402][ T1898] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  384.498046][ T1898] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  384.512642][ T1898] usb 3-1: config 220 has no interface number 2
[  384.520611][ T1898] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  384.534577][ T1898] usb 3-1: config 220 interface 0 has no altsetting 0
[  384.541734][ T1898] usb 3-1: config 220 interface 76 has no altsetting 0
[  384.549729][ T1898] usb 3-1: config 220 interface 1 has no altsetting 0
[  384.573664][    C1] vxcan1: j1939_tp_rxtimer: 0xffff88801eaef600: rx timeout, send abort
[  384.807603][ T1898] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  384.821265][ T1898] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.831206][ T1898] usb 3-1: Product: syz
[  384.835617][ T1898] usb 3-1: Manufacturer: syz
[  384.840642][ T1898] usb 3-1: SerialNumber: syz
[  385.082875][    C1] vxcan1: j1939_tp_rxtimer: 0xffff88801eaef600: abort rx timeout. Force session deactivation
[  386.215428][ T1898] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  386.222251][ T1898] usb 3-1: No valid video chain found.
[  386.228179][ T1898] usb 3-1: selecting invalid altsetting 0
[  386.843914][ T1898] usb 3-1: selecting invalid altsetting 0
[  386.850200][ T1898] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  387.159813][ T1898] usb 3-1: USB disconnect, device number 8
[  391.942335][ T6978] loop1: detected capacity change from 0 to 1024
[  392.057828][ T6978] EXT4-fs: Ignoring removed nomblk_io_submit option
[  392.602737][ T6978] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  393.098740][ T6794] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  393.298474][ T6794] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  396.797745][ T6794] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  399.043189][ T6794] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  399.098403][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.809233][ T7005] netlink: 'syz.1.231': attribute type 1 has an invalid length.
[  399.817052][ T7005] netlink: 3 bytes leftover after parsing attributes in process `syz.1.231'.
[  400.127765][ T7009] loop2: detected capacity change from 0 to 512
[  400.374606][ T7009] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.234: bad orphan inode 15
[  400.502631][ T7009] ext4_test_bit(bit=14, block=18) = 1
[  400.508448][ T7009] is_bad_inode(inode)=0
[  400.513441][ T7009] NEXT_ORPHAN(inode)=1023
[  400.518192][ T7009] max_ino=32
[  400.523075][ T7009] i_nlink=0
[  400.652207][ T7009] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2962: inode #15: comm syz.2.234: corrupted xattr block 19: invalid header
[  400.703438][ T6794] 8021q: adding VLAN 0 to HW filter on device bond0
[  400.784156][ T7009] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  400.802597][ T7009] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  400.817844][ T7016] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  400.941447][ T7009] ext4 filesystem being mounted at /49/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  400.975001][ T6794] 8021q: adding VLAN 0 to HW filter on device team0
[  401.132508][ T7009] EXT4-fs (loop2): shut down requested (1)
[  401.154359][ T1134] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.162056][ T1134] bridge0: port 1(bridge_slave_0) entered forwarding state
[  401.315651][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.323713][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[  401.882704][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  403.794612][ T7034] tipc: Started in network mode
[  403.800396][ T7034] tipc: Node identity 26830a96d609, cluster identity 4711
[  403.808749][ T7034] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  404.233211][ T7034] tipc: Resetting bearer <eth:syzkaller0>
[  404.386540][ T7033] tipc: Disabling bearer <eth:syzkaller0>
[  415.895651][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  415.902592][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  416.391623][ T5826] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  416.416281][ T5826] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  416.435411][ T5826] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  416.460194][ T5826] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  416.475806][ T5826] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  418.595517][ T5826] Bluetooth: hci3: command tx timeout
[  419.642873][ T7117] netlink: 4 bytes leftover after parsing attributes in process `syz.4.257'.
[  420.729669][ T5826] Bluetooth: hci3: command tx timeout
[  422.604078][ T7125] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  422.610905][ T7125] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  422.620221][ T7125] vhci_hcd vhci_hcd.0: Device attached
[  422.767094][ T5826] Bluetooth: hci3: command tx timeout
[  422.889509][ T1704] usb 35-1: new high-speed USB device number 2 using vhci_hcd
[  423.700647][ T7092] chnl_net:caif_netlink_parms(): no params data found
[  423.776303][ T7129] vhci_hcd: connection reset by peer
[  423.789729][ T3679] vhci_hcd: stop threads
[  423.794352][ T3679] vhci_hcd: release socket
[  423.799504][ T3679] vhci_hcd: disconnect device
[  423.890537][ T3517] bridge_slave_1: left allmulticast mode
[  423.896637][ T3517] bridge_slave_1: left promiscuous mode
[  423.903802][ T3517] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.001575][ T3517] bridge_slave_0: left allmulticast mode
[  424.007569][ T3517] bridge_slave_0: left promiscuous mode
[  424.014776][ T3517] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.120696][ T7140] loop0: detected capacity change from 0 to 2048
[  424.252644][ T7142] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  424.262920][ T7142] block device autoloading is deprecated and will be removed.
[  424.830297][ T5826] Bluetooth: hci3: command tx timeout
[  424.934584][ T7140] UDF-fs: warning (device loop0): udf_fill_super: No partition found (2)
[  426.344319][ T7158] loop4: detected capacity change from 0 to 1024
[  426.697477][ T3517] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  426.724845][ T7163] loop2: detected capacity change from 0 to 256
[  426.822397][ T7163] vfat: Bad value for 'fmask'
[  427.039861][ T3517] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  427.157125][ T3517] bond0 (unregistering): Released all slaves
[  427.928728][ T7170] =====================================================
[  427.936580][ T7170] BUG: KMSAN: uninit-value in hfsplus_uni2asc+0x9a6/0x27a0
[  427.944354][ T7170]  hfsplus_uni2asc+0x9a6/0x27a0
[  427.949705][ T7170]  hfsplus_readdir+0xd60/0x1a70
[  427.954813][ T7170]  iterate_dir+0x44f/0x620
[  427.959703][ T7170]  __se_sys_getdents64+0x17e/0x550
[  427.965074][ T7170]  __x64_sys_getdents64+0x97/0xe0
[  427.970794][ T7170]  x64_sys_call+0x3a14/0x3e20
[  427.975818][ T7170]  do_syscall_64+0xd9/0x210
[  427.980693][ T7170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.986792][ T7170] 
[  427.989541][ T7170] Uninit was created at:
[  427.994040][ T7170]  __kmalloc_noprof+0x95f/0x1310
[  427.999529][ T7170]  hfsplus_find_init+0x90/0x1d0
[  428.004812][ T7170]  hfsplus_readdir+0x1dc/0x1a70
[  428.010150][ T7170]  iterate_dir+0x44f/0x620
[  428.014754][ T7170]  __se_sys_getdents64+0x17e/0x550
[  428.020275][ T7170]  __x64_sys_getdents64+0x97/0xe0
[  428.029781][ T7170]  x64_sys_call+0x3a14/0x3e20
[  428.034760][ T7170]  do_syscall_64+0xd9/0x210
[  428.041821][ T7170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.047941][ T7170] 
[  428.050549][ T7170] CPU: 1 UID: 0 PID: 7170 Comm: syz.4.269 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  428.061837][ T7170] Tainted: [W]=WARN
[  428.065786][ T7170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  428.076288][ T7170] =====================================================
[  428.083914][ T7170] Disabling lock debugging due to kernel taint
[  428.090451][ T7170] Kernel panic - not syncing: kmsan.panic set ...
[  428.097414][ T7170] CPU: 1 UID: 0 PID: 7170 Comm: syz.4.269 Tainted: G    B   W           syzkaller #0 PREEMPT(none) 
[  428.108451][ T7170] Tainted: [B]=BAD_PAGE, [W]=WARN
[  428.113696][ T7170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  428.124255][ T7170] Call Trace:
[  428.127739][ T7170]  <TASK>
[  428.130809][ T7170]  __dump_stack+0x26/0x30
[  428.135427][ T7170]  dump_stack_lvl+0x53/0x270
[  428.140265][ T7170]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  428.146377][ T7170]  dump_stack+0x1e/0x25
[  428.150861][ T7170]  vpanic+0x361/0xc50
[  428.155098][ T7170]  panic+0x15d/0x160
[  428.159366][ T7170]  kmsan_report+0x31c/0x320
[  428.164214][ T7170]  ? __msan_warning+0x1b/0x30
[  428.169549][ T7170]  ? hfsplus_uni2asc+0x9a6/0x27a0
[  428.174880][ T7170]  ? hfsplus_readdir+0xd60/0x1a70
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  428.180160][ T7170]  ? iterate_dir+0x44f/0x620
[  428.185194][ T7170]  ? __se_sys_getdents64+0x17e/0x550
[  428.191174][ T7170]  ? __x64_sys_getdents64+0x97/0xe0
[  428.196623][ T7170]  ? x64_sys_call+0x3a14/0x3e20
[  428.201733][ T7170]  ? do_syscall_64+0xd9/0x210
[  428.206615][ T7170]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.212896][ T7170]  ? kmsan_internal_memmove_metadata+0x181/0x230
[  428.219443][ T7170]  ? __msan_memcpy+0x108/0x1c0
[  428.224576][ T7170]  ? hfsplus_bnode_read+0x285/0x990
[  428.230040][ T7170]  ? hfsplus_readdir+0xcc7/0x1a70
[  428.235308][ T7170]  ? iterate_dir+0x44f/0x620
[  428.240118][ T7170]  ? __se_sys_getdents64+0x17e/0x550
[  428.245796][ T7170]  ? __x64_sys_getdents64+0x97/0xe0
[  428.251355][ T7170]  ? x64_sys_call+0x3a14/0x3e20
[  428.256482][ T7170]  ? do_syscall_64+0xd9/0x210
[  428.261361][ T7170]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.267756][ T7170]  ? kmsan_get_metadata+0xfb/0x160
[  428.273112][ T7170]  ? kmsan_get_metadata+0xfb/0x160
[  428.278449][ T7170]  ? kmsan_internal_memmove_metadata+0x91/0x230
[  428.284923][ T7170]  ? kmsan_get_metadata+0xfb/0x160
[  428.290325][ T7170]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  428.296543][ T7170]  ? utf32_to_utf8+0x3e4/0x410
[  428.301657][ T7170]  ? kmsan_get_metadata+0xfb/0x160
[  428.307261][ T7170]  __msan_warning+0x1b/0x30
[  428.312057][ T7170]  hfsplus_uni2asc+0x9a6/0x27a0
[  428.317114][ T7170]  ? __msan_memcpy+0x108/0x1c0
[  428.322188][ T7170]  hfsplus_readdir+0xd60/0x1a70
[  428.327332][ T7170]  ? aa_file_perm+0x549/0x2140
[  428.332400][ T7170]  ? __futex_wait+0x3f6/0x450
[  428.337329][ T7170]  ? __pfx_filldir64+0x10/0x10
[  428.342428][ T7170]  ? __pfx_hfsplus_readdir+0x10/0x10
[  428.348030][ T7170]  iterate_dir+0x44f/0x620
[  428.352658][ T7170]  __se_sys_getdents64+0x17e/0x550
[  428.358072][ T7170]  ? __pfx_filldir64+0x10/0x10
[  428.363033][ T7170]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  428.369146][ T7170]  __x64_sys_getdents64+0x97/0xe0
[  428.374601][ T7170]  x64_sys_call+0x3a14/0x3e20
[  428.379706][ T7170]  do_syscall_64+0xd9/0x210
[  428.384494][ T7170]  ? irqentry_exit+0x16/0x60
[  428.389572][ T7170]  ? clear_bhb_loop+0x40/0x90
[  428.394574][ T7170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.400763][ T7170] RIP: 0033:0x7f3e3158eba9
[  428.405412][ T7170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.425302][ T7170] RSP: 002b:00007f3e3238f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  428.434078][ T7170] RAX: ffffffffffffffda RBX: 00007f3e317d6180 RCX: 00007f3e3158eba9
[  428.442387][ T7170] RDX: 0000000000001000 RSI: 0000200000000f80 RDI: 0000000000000008
[  428.450636][ T7170] RBP: 00007f3e31611e19 R08: 0000000000000000 R09: 0000000000000000
[  428.458918][ T7170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  428.467025][ T7170] R13: 00007f3e317d6218 R14: 00007f3e317d6180 R15: 00007fffb4894ec8
[  428.475373][ T7170]  </TASK>
[  428.478972][ T7170] Kernel Offset: disabled
[  428.483715][ T7170] Rebooting in 86400 seconds..