last executing test programs:

43.537199167s ago: executing program 0 (id=1540):
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001040)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}}, 0x0)

43.188513118s ago: executing program 0 (id=1543):
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000040)={0x0, 0x2})
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x0, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007022f00f8ffffffb703000008000000b704000000000000850000000300000095000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000100)="1400000052004f7fb3e45f2024d2f1c9fb470000", 0x14)
recvmmsg(r1, &(0x7f0000005c80), 0x1b, 0x10122, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, 0x0, 0x0)

42.594165462s ago: executing program 0 (id=1545):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000005c0)={r0, 0x0}, 0x20)

41.926472763s ago: executing program 0 (id=1548):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x2001, 0x0, 0x0, 0x2, 0x0, "fee8a2ab78fc179fd1f8a0e91ddaaccabd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c08, 0xffffffffffffffff)

40.950760221s ago: executing program 0 (id=1550):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffa84, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x78, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x30, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @remote}}}]}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @local}}}]}]}, 0x78}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000500)={'erspan0\x00', &(0x7f00000000c0)={'tunl0\x00', 0x0, 0x0, 0x0, 0x408, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @remote, {[@cipso={0x86, 0x10, 0x2, [{0x2, 0xa, "1c3a1b1f1b4bd958"}]}]}}}}})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40)=[{{&(0x7f0000000000)={0xa, 0x4f23, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=[@pktinfo={{0x24, 0x29, 0x2, {@mcast2={0xff, 0x5}}}}], 0x28, 0x7ffffff7}}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r5, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @loopback}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r5, 0x0, 0x30, &(0x7f0000000400)={0x9, {{0x2, 0x0, @multicast2}}, 0x1, 0x1, [{{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0x110)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r6, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, &(0x7f0000000800)={0x9, {{0x2, 0x0, @multicast2}}}, 0x90)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, 0xffffffffffffffff, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3b141, 0x0)

39.664362518s ago: executing program 0 (id=1553):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x84}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

39.046271364s ago: executing program 32 (id=1553):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x84}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

15.249918299s ago: executing program 4 (id=1614):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000003c0)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
listxattr(0x0, 0x0, 0x0)
utimensat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000200))
openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
r5 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
writev(r5, &(0x7f0000000600)=[{0x0}, {0x0}, {&(0x7f0000000440)="34e76df9a21e4c53b6a4", 0xa}, {&(0x7f00000005c0)="6656ed884ceee7c07b", 0x9}, {&(0x7f0000000740)}, {0x0}], 0x6)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x8947, &(0x7f0000000580)="704a164305893a")
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES16, @ANYRES16, @ANYRES8], 0x8, 0xb3, &(0x7f0000000140)="$eJzs1jFKBDEUBuB/o67a7AUsvMGcYT2KbLl2UykDcyKvMkeYG1jY2kQyjoKVYCOy3wd5SQgPUvzFm96eb/a7pI5JrbVuk1zn49w/Ph3vH/ptjmdZXOTT5VfhXyvrukpyu0tKSV7u2ktLQqZW5tfhMG9aKobD9+7+/E8+DQAA/EpJt+z79b5J1/3YNBr7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPxHgAA//85kBh3")
landlock_create_ruleset(&(0x7f0000000000)={0x45f79a271e915f13, 0x6, 0x3}, 0x18, 0x0)

13.707414768s ago: executing program 4 (id=1617):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "ff00f7000000000000000000af88008300"})
r4 = syz_open_pts(r3, 0x141601)
write(r4, &(0x7f0000000000), 0x0)
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0xfe, "78a4a500000003ffff40ffffffdf00"})
semop(0x0, &(0x7f0000001040), 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000000)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230966ff7fc6e5539b9b3b098b9b711b5d31101b080d29308f0e1ac6e7049b3468959b189a242a9b64f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

11.211802415s ago: executing program 4 (id=1622):
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x50009405, &(0x7f0000000180))
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8}, 0x0)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='adfs\x00', 0x0, &(0x7f0000000240))
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
mount(&(0x7f0000000240)=@nullb, &(0x7f0000000280)='./file0\x00', &(0x7f0000000340)='ceph\x00', 0x80000, &(0x7f00000003c0)='\x00')
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffffffff}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0xfc}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

11.091678685s ago: executing program 3 (id=1624):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x0, 0x0, 0x0, 0xfffffa84, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x78, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x30, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @remote}}}]}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @local}}}]}]}, 0x78}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000500)={'erspan0\x00', &(0x7f00000000c0)={'tunl0\x00', 0x0, 0x0, 0x0, 0x408, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @remote, {[@cipso={0x86, 0x10, 0x2, [{0x2, 0xa, "1c3a1b1f1b4bd958"}]}]}}}}})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40)=[{{&(0x7f0000000000)={0xa, 0x4f23, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=[@pktinfo={{0x24, 0x29, 0x2, {@mcast2={0xff, 0x5}}}}], 0x28, 0x7ffffff7}}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r4, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @loopback}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000400)={0x9, {{0x2, 0x0, @multicast2}}, 0x1, 0x1, [{{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0x110)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r5, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r5, 0x0, 0x30, &(0x7f0000000800)={0x9, {{0x2, 0x0, @multicast2}}}, 0x90)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, 0xffffffffffffffff, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3b141, 0x0)

9.131319713s ago: executing program 1 (id=1625):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000002980)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
get_robust_list(0x0, 0x0, &(0x7f0000002900))
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f0000000000)=@e={0xff, 0xa, 0xf, 0x0, @SEQ_CONTROLLER=0xff})
syz_init_net_socket$llc(0x1a, 0x801, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r3, &(0x7f00000001c0), 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x4000010, r3, 0x0)
ioctl$SNDCTL_DSP_RESET(r3, 0x5000, 0x0)
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="757365725f78617474722c61636c2c00abc39e1ba3ee498e1d8c12531462cd5519277b030853d25b421cc41e0b90996e5f28728a3bc9df609ba1a22568735bd5f06e6f25829fce8ee7fdde9d092508e3df606b9036557dfa085395e37c67337d522ef3d3a6a08578f19ed4d0753564c43e"], 0x3, 0x1bf, &(0x7f00000000c0)="$eJzsmE/rEkEYx78zu67Yya4RFCRkh9bdtSKIIE8eugT9o0skuYq1Zqx7SCGwY6deQy8hukeHrt2CoFMJQRePnSdmdnInTXcJheT3fA7jZ2Yex5ln9BEWBEEcWebffn59/vL7cQ7MKqihnA5/+WFlMdyIj99cr5/82Pbf3f9w5fPb9qfV9U4DEKLIJ9tLe9+ykGgX4s931/TrLXDUUFF+Gxzn9PhdMLjaH4DjjvYQDPe0P0qdATOMZLzr9gZR6D4cRV0pnmx82QSyaa7ucvGCoWvsjxnz48n0cSeKwnhdnM1TmwXV9am8LC5aHFcBoa9MmPf1Ozeeyl+KDw5fexMMN7VfRlnnhq+d/4Sdnd8qdv5cmaNwcEl+9bbFvPr3beSJjX2tXFQEi8dsBwk/ZMEslTKyKX7Y2ZDX+R9sY0+S1Q/xmuGsUT9to340kuHTa+PJ9Pxg2OmH/fBJEDQveRc872LQ6NlR6DVUhd5S/yqqPh0z1i9tiHWYg2edJIn9tF32g7T9W8V1VP3jqJ9J+0yPmaifZpXJvz7ULd0nCIIgCIIgCIIgCIIgCILYOafA1FPQHIIbKvpXAAAA//9TUmoV")
mount(0x0, &(0x7f0000000080)='./bus\x00', 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)

9.088363337s ago: executing program 2 (id=1626):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000003c0)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
listxattr(0x0, 0x0, 0x0)
utimensat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000200))
openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
r5 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
writev(r5, &(0x7f0000000600)=[{0x0}, {0x0}, {&(0x7f0000000440)="34e76df9a21e4c53b6a4", 0xa}, {&(0x7f00000005c0)="6656ed884ceee7c07b", 0x9}, {&(0x7f0000000740)}, {0x0}], 0x6)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x8947, &(0x7f0000000580)="704a164305893a")
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES16, @ANYRES16, @ANYRES8], 0x8, 0xb3, &(0x7f0000000140)="$eJzs1jFKBDEUBuB/o67a7AUsvMGcYT2KbLl2UykDcyKvMkeYG1jY2kQyjoKVYCOy3wd5SQgPUvzFm96eb/a7pI5JrbVuk1zn49w/Ph3vH/ptjmdZXOTT5VfhXyvrukpyu0tKSV7u2ktLQqZW5tfhMG9aKobD9+7+/E8+DQAA/EpJt+z79b5J1/3YNBr7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPxHgAA//85kBh3")
landlock_create_ruleset(&(0x7f0000000000)={0x45f79a271e915f13, 0x6, 0x3}, 0x18, 0x0)

9.059497539s ago: executing program 3 (id=1627):
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000040)={0x0, 0x2})
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x0, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007022f00f8ffffffb703000008000000b704000000000000850000000300000095000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000100)="1400000052004f7fb3e45f2024d2f1c9fb470000", 0x14)
recvmmsg(r3, &(0x7f0000005c80), 0x1b, 0x10122, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, 0x0, 0x0)

8.469485523s ago: executing program 2 (id=1628):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='host1x_channel_submitted\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
memfd_create(&(0x7f0000000040)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00J_\xcc\xc43#\xab\xba\xff\xa5\x99\x87<;bWW,\xcf\xc8\xc5\x12\xd4\xbf\xbc\xb4\xee\xb8\xea\xc2^\xc3!\xb6\x13\xf0\x8fe)\xe2\xc1\t\x1c\x1a\xb0=S\x17d@\x04\xe1\x91\x1dt\xce8\xff\x18\x1a', 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(r4, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
bind$can_raw(r4, &(0x7f0000000000), 0x10)
dup3(r3, r4, 0x0)

7.798674884s ago: executing program 3 (id=1629):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x8000280)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000002d80)={0x0, 0x0, 0x0}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001040)=@nat={'nat\x00', 0x8, 0x5, 0x6c0, 0x390, 0xf0, 0xffffffff, 0x2a0, 0x390, 0x5f0, 0x5f0, 0xffffffff, 0x5f0, 0x5f0, 0x5, 0x0, {[{{@uncond, 0xb7030000, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x1d, @ipv6=@private1, @ipv6=@private0, @port, @gre_key}}}, {{@uncond, 0x0, 0x168, 0x1b0, 0x0, {}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@dev, [], @ipv6=@private1, [], @ipv6=@private1, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x1, @ipv4, @ipv6=@local, @icmp_id, @icmp_id}}}, {{@ipv6={@mcast1, @local, [], [], 'wg1\x00', 'virt_wifi0\x00'}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4, @ipv4=@multicast1, @gre_key, @icmp_id}}}, {{@ipv6={@rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @empty}, [], [], 'dummy0\x00', 'syzkaller0\x00'}, 0x0, 0x218, 0x260, 0x0, {}, [@common=@inet=@sctp={{0x148}}, @common=@mh={{0x28}, {"0c06"}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id, @icmp_id}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x720)

7.656403237s ago: executing program 1 (id=1630):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
openat$pfkey(0xffffff9c, 0x0, 0x101000, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFCONF(r1, 0x8912, &(0x7f0000000100)=@req={0x28, &(0x7f0000000000)={'veth0_to_bond\x00', @ifru_names='batadv0\x00'}})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000003c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000100)=ANY=[], 0x32600)
sendfile(r5, r3, 0x0, 0x7ffff000)

6.602390222s ago: executing program 2 (id=1631):
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000004c0)={0x9f547944d0d11a48})

6.524518809s ago: executing program 5 (id=1554):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ftruncate(0xffffffffffffffff, 0x8001)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r2, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000180)={r2, r3})
sendmmsg$inet(r4, &(0x7f0000007fc0)=[{{0x0, 0x0, &(0x7f0000007b40)=[{&(0x7f0000000200)="e2", 0x100000}], 0x1}, 0x700}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)=' ', 0x1}], 0x1}}], 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

6.344311785s ago: executing program 2 (id=1632):
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
open(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000600"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r5, 0x40087703, 0xfffffffe)

4.734635371s ago: executing program 4 (id=1633):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mq_open(&(0x7f0000000080)='!selx\x00\x00 \x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7, 0x1})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)

4.718157783s ago: executing program 1 (id=1634):
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000180)={'ip_vti0\x00', 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$pppoe(0x18, 0x1, 0x0)
r1 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000020c0), 0x40001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
listen(0xffffffffffffffff, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
writev(r1, &(0x7f0000002100)=[{&(0x7f0000002080)='T01\n', 0x4}], 0x1)
ioctl$PPPOEIOCSFWD(r0, 0x4008b100, 0x0)

4.396334422s ago: executing program 3 (id=1635):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
syz_io_uring_setup(0x10d, &(0x7f00000003c0), &(0x7f0000000380)=<r0=>0x0, &(0x7f0000000280)=<r1=>0x0)
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
write$sndseq(r2, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @time, {0x6}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}], 0x68)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r0, r1, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
mount$afs(&(0x7f0000000540)=ANY=[@ANYBLOB='#syz1:'], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)

2.824048004s ago: executing program 1 (id=1636):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x0, 0x0, 0x0, 0xfffffa84, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x78, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x30, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @remote}}}]}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @local}}}]}]}, 0x78}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000500)={'erspan0\x00', &(0x7f00000000c0)={'tunl0\x00', 0x0, 0x0, 0x0, 0x408, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @remote, {[@cipso={0x86, 0x10, 0x2, [{0x2, 0xa, "1c3a1b1f1b4bd958"}]}]}}}}})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40)=[{{&(0x7f0000000000)={0xa, 0x4f23, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=[@pktinfo={{0x24, 0x29, 0x2, {@mcast2={0xff, 0x5}}}}], 0x28, 0x7ffffff7}}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r4, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @loopback}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000400)={0x9, {{0x2, 0x0, @multicast2}}, 0x1, 0x1, [{{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0x110)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r5, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r5, 0x0, 0x30, &(0x7f0000000800)={0x9, {{0x2, 0x0, @multicast2}}}, 0x90)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, 0xffffffffffffffff, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3b141, 0x0)

2.813951045s ago: executing program 4 (id=1637):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, 0x0, &(0x7f00000010c0)=0x28)

2.727541953s ago: executing program 4 (id=1638):
r0 = syz_usb_connect$cdc_ecm(0x2, 0x56, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000020000082505a5a4400000000101090244000101000000090400000302060000052406000005240000000d240f0100000000000000000009058103200000000009058202080000000009050302"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x800448d2, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
close_range(r2, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

2.070539723s ago: executing program 5 (id=1639):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000002980)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
get_robust_list(0x0, 0x0, &(0x7f0000002900))
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f0000000000)=@e={0xff, 0xa, 0xf, 0x0, @SEQ_CONTROLLER=0xff})
syz_init_net_socket$llc(0x1a, 0x801, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r3, &(0x7f00000001c0), 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x4000010, r3, 0x0)
ioctl$SNDCTL_DSP_RESET(r3, 0x5000, 0x0)
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="757365725f78617474722c61636c2c00abc39e1ba3ee498e1d8c12531462cd5519277b030853d25b421cc41e0b90996e5f28728a3bc9df609ba1a22568735bd5f06e6f25829fce8ee7fdde9d092508e3df606b9036557dfa085395e37c67337d522ef3d3a6a08578f19ed4d0753564c43e"], 0x3, 0x1bf, &(0x7f00000000c0)="$eJzsmE/rEkEYx78zu67Yya4RFCRkh9bdtSKIIE8eugT9o0skuYq1Zqx7SCGwY6deQy8hukeHrt2CoFMJQRePnSdmdnInTXcJheT3fA7jZ2Yex5ln9BEWBEEcWebffn59/vL7cQ7MKqihnA5/+WFlMdyIj99cr5/82Pbf3f9w5fPb9qfV9U4DEKLIJ9tLe9+ykGgX4s931/TrLXDUUFF+Gxzn9PhdMLjaH4DjjvYQDPe0P0qdATOMZLzr9gZR6D4cRV0pnmx82QSyaa7ucvGCoWvsjxnz48n0cSeKwnhdnM1TmwXV9am8LC5aHFcBoa9MmPf1Ozeeyl+KDw5fexMMN7VfRlnnhq+d/4Sdnd8qdv5cmaNwcEl+9bbFvPr3beSJjX2tXFQEi8dsBwk/ZMEslTKyKX7Y2ZDX+R9sY0+S1Q/xmuGsUT9to340kuHTa+PJ9Pxg2OmH/fBJEDQveRc872LQ6NlR6DVUhd5S/yqqPh0z1i9tiHWYg2edJIn9tF32g7T9W8V1VP3jqJ9J+0yPmaifZpXJvz7ULd0nCIIgCIIgCIIgCIIgCILYOafA1FPQHIIbKvpXAAAA//9TUmoV")
mount(0x0, &(0x7f0000000080)='./bus\x00', 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)

2.043701775s ago: executing program 3 (id=1640):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x82136000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000540)="eacefc7b5bb73b0166a6861d84cf28e1ee053c67c28858869457840c0ad121db44d2e4509547ad39b71b08e10537fe9f28251041f36af7afce6d7f4f29a378827a8138a6a884531d702ab7e60474e52393e6c3a7994115c6fdc9636c9f0190588d8ab8c4e0c2bb129f4eeaaacbd8c95a80d9600611b8a1a78eff4a7a21ecee964646d93b922a1514af3b06fd93b51e3c3c1f3a5dbff89274b66e8559d3", 0x9d)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x4, @loopback}, 0x1c)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = dup(0xffffffffffffffff)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff)
syz_open_procfs$userns(r0, &(0x7f0000000300))
sendmsg$GTP_CMD_ECHOREQ(r5, &(0x7f0000000500)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0}, 0x40000890)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x39}, @in6=@loopback, 0x0, 0x0, 0x4e20, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x3}, {0x2000000000000000}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x33}, 0x0, @in=@empty, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0)
sendmsg$key(r3, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020100000a0000000600000000000000030006000000000002000000ffffffff0000000000000000030005000000000002000000ac1e00010000000000000000020013"], 0x50}}, 0x0)

1.999170149s ago: executing program 1 (id=1641):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000040)='./file2\x00', 0x1008883, &(0x7f00000000c0)=ANY=[@ANYRES64=0x0], 0x2, 0x1fb, &(0x7f00000008c0)="$eJzsmb1rFEEYxp+Z3dskhxBtLESwMOCJZm93TyVNigiWghBFLQ+zhujGk8sKSao7bGwsLQRb/wELCysLOztbLVQQLLzSUkZmdnZ37nZPvI8FwfcHmTzz9c477x7PFguCIP5bvn75+fnp5bXr5wEcwQoW9Ph3K1/DjfWfnj8692z9yotXH1++w9FiPAZAiL8/3wHwdsMCesuqL8Tw7hXgl0iQWnEDHGe1vgkGN81V5LtDMNzWw/eUZkp3lvRgFLI7nWjr7k4UerLxZRPIpgXkKdgABn2GLQCL+ghm5Ld3cHi/HQHdRERhKmoiPacwNakoKVtvKL8NjnWjBPJ53XryuC/7rh73wLP6+eDwtW6BYVPrNSzAdd28JMb9T9h5fKtw/zlcsgpxbLWiyOntK0xeFnqa7UuorKrprcdMzffQkzNtt/6UDxsdYeajPD54876469u/8HueUijjKjOjD/UoujpDZEeHHZ5q1A1/kLYhloEzmT/VYMPO5pvx7sPm3sHh6s5uezvcDh8EQeuSd8HzLgZNZURJW2KBafxF5U91w/9qY9Y6zMF+O467/j4Qd/2sHySt4bibrzs/1B6u/I+jcTqJwfQ7K3tRjsD0H1f/pWpYY5MnCIIgCIIgCIIgCIIgCIKYiFNg0F/MWPpNrITgmlr9OwAA//883WZ8")
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000080)=ANY=[@ANYBLOB="09000000000000000400000000000000000000000400005399791ae8"])

1.818490145s ago: executing program 2 (id=1642):
r0 = syz_create_resource$binfmt(&(0x7f00000001c0)='./file1\x00')
syz_mount_image$hfsplus(&(0x7f0000000500), &(0x7f0000000100)='./file1\x00', 0xa08800, &(0x7f0000000040)=ANY=[], 0x4, 0x67b, &(0x7f00000010c0)="$eJzs3c1rHOcdB/DvrFay5IKjJHbilkBFDGmpqa0XlFalELeHokMowT2EQi/ClmPhtRIkpSihFPX92kP+gPSgQ6GnQu+GFHpqe8tVp5JS6CUnneoys7PSyvLKu7JerPbzMaN9Zp7X+c3Mszu7mAnwf2v+apoPUmT+6pvr5frW5kxra3PmXJ3dSlKmG0mz/ZJiOSk+SW6kveSL5ca6fNGrn4+W5m5++vnWZ+21Zr1U5RsH1evPRr1kIslQ/brf8KHau9WzvYMt7KSKnT0sA3alEzg4bQ/32Rik+lNet8CzoGi/b+4znpxPMlp/Dkg9OzROdnRHb6BZDgAAAM6o57aznfVcOO1xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFlSP/+/qJdGJz2RovP8/5F6W+r0zcYpj/lpPDjtAQAAAAAAAADAEfjydrazngud9YfVL/v/ebVauVj9/ULez2oWs5JrWc9C1rKWlUwlGe9qaGR9YW1tZSpPrjn92JrTJ7K7AAAAAAAAAPC/6ueZ3/39HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngVFMtR+qZaLnfR4Gs0ko0lGynIbyd876TOieNzGByc/DgAAAHgqo4eo89x2trOeC531h0V1z/9Sdb88mveznLUsZS2tLOZ2fQ9d3vU3tjZnWlubM/e3Nmeqjn/0sK3dznf+PdAwqhbT/u7h8T1frkqM5U6Wqi3XcqsazO00qpqly/V4dpa9nfysHNPYG7U+R3a7fi07+22vbxGOQmPQCuNVpeGdiEzWYysbev7gSDzx6DQP7GkqjZ1vfi4e0FNnl4oBY36+Uy/Jrx+J+Rv/+P0P+2zmGOxEopEqEtNdZ99LB8c8+cqf/vD23dbyvbt3Vq8e22l0Uh49J2a6IvHymY5Ec8Dyk1UkLu2sz+d7+UGuZiJvZSVL+XEWspbF1DNjFurzufw73hWlZF+kbuxZe+tJIxmpj0t7Fu1nTBM5V6UW8mpV90KWUuTd3M5iXq/+TWcq38hsZjPXdYQv9TzC1b5VM21jsKv+yleze6n/ppyp+6uX/KXfgoNrv6WWcX2+K67dc+54lde9ZTdKL/TxfjTg3Nj8Up0o+/jFYd42js2jkZjqisSLB0fid9W1sdpavrdyd+G9Hu1vPLL+2vBu+lfH+c48sPJ8eSGj9Uyy9+wo817cmWX2xmuk/sWlndfYl3epyiuKzpX6/Z5X6kj9GW5/S9NV3sv784Y6I7/clbfn81be/evpxBOAAZ3/2vmRsX+N/W3s47Ffjt0de3P0u+e+ee6VkQz/efhbzcmh1xqvFH/Mx/np7v0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweKsffHhvodVaXHl8otE762gTRf0gn15lmhnLCQzjJBNFsnHkLedIGxw+pn3vPETwadt5+8azcSjPcmIoSWfLUHaz6kN0mIeLAmfC9bX7711f/eDDry/dX3hn8Z3F5eHZ2bnJudnXZ67fWWotTrb/nvYogeOw+3ngtEcCAAAAAAAAAAAA9OsI/hfBt//Zbqpnma7uJk5rPwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICza/5qmsMpMjV5bbJc39qcaZVLJ71bspmk0UiKnyTFJ8mNtJeMdzVX9Orno6W5m59+vvXZblvNTvnGQfX6s1EvmUgyVL/uM3K49m71aq9vxc4elgG70gkcnLb/BgAA///sygN+")
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)

837.259214ms ago: executing program 3 (id=1643):
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x50009405, &(0x7f0000000180))
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8}, 0x0)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='adfs\x00', 0x0, &(0x7f0000000240))
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
mount(&(0x7f0000000240)=@nullb, &(0x7f0000000280)='./file0\x00', &(0x7f0000000340)='ceph\x00', 0x80000, &(0x7f00000003c0)='\x00')
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffffffff}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0xfc}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

712.397065ms ago: executing program 1 (id=1644):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./file0\x00', 0x18418, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRES8], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20f42, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000140)={'\x00', 0x6132})
write$cgroup_subtree(r1, 0x0, 0xfe3a)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f00000013c0)=ANY=[], 0xf, 0x6b3, &(0x7f00000000c0)="$eJzs3c9vHGcdB+DPrNdbb6iC0yZthIqIEqkgRSR2rBTChYAQyqFCVTlwthKnsbJxKttFboXABQQnJA79AwqSb5yQuAeFc7n1anGqhMQl4hBxMZrZWXvtXf+I7dgxPE80ft+Z95133vnOzDs741gb4P/WrctpPkqRW5ffXirnV1emOqsrUy/VxZ0kZb6RNLtJirmkeJzcLMuLvil96YBPZm+8+/mT1S+6c816quo3dlpviCF1l+spF5KM1Omg0b1uYlN7t5O8PFCltde2NlUsg3apTuHYrQ1Y3qH2P05vWfAs1y3wgundnYrufXPAeHIqyVj9OSD16NA4uh4+HzuNcgAAAPC/4rOHx90DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHnq7/8v6qlRp7mQovf9/63esjp/oj067g4AAAAAAAAAwCH42tM8zVJO9+bXiup3/hermbP5z1rypXyQhcxkPleylOksZjHzmUwy3tdQa2l6cXF+cn3N0vA1rw1d89pR7TEAAAAAAAAAnGDtbUt+mVsbv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAXQZGMdJOsJTm7XrDcaHYXp1XNJn/v5U+IYtjCR0ffDwAAADiQsX2s8+WneZqlnO7NrxXVM/9r1fPyWD7IXBYzm8V0MpM79TN0+dTfWF2Z6qyuTD0op8F2v/evZ+pG1WK67x6qLa8/rPe2fL6q0c7dzFZLruR2VedOGtWapfO9/gzv18dln4rv1gb60Bzas2Yd1nJjv9/uLcKheNZXEeN1l3sRmaj7VkbjTDcCRfWiJtkaiV2PTnPrltLI6PqWJtNYf/Nz9kAxH+5UnZb785vnGvMdLA9buB6JRqpIXOs7+17bORLJ1//yp5/c68zdv3d34fKx7NJ+jGyzvI5E7wzLVF8kXj/RkRg+DmxvoorEufX5W/lhfpzLuZB3Mp/Z/DTTWcxM9T61NF2fz+XP8Z0jdXPT3Du79aRVH5fuMdtLny7kB1VuOherdU9nNkUe5k5m8lb171om861cz/Xc6DvC57btd7Vv1VXf2HrV9470X4d2/tI36kw7yW/rdCAGteW1ru3OzsPSHfvLuJ7pi2t3JHyyXutM39g40RelV3rRGR3a+H7GxuZX6ky5jV/V6YthvI5EeQH17hK93r3ajUSzuhcNnud/qK6Nhc7c/fl70+9v0/7WAfnNOi1Pq5Wv7rWXww/F4SrPl1cyVo8km8+OsuzV8kCObC2brMrOro9AjYGyc1VZUfSu1B9te6W26s9wgy1dq8peH1o2VZWd7yvb9HkrD9PJnSOIHwAHNJ5TrfY/25+1P23/un2v/fbY91/69ktvtDL6t9HvNCdG3my8Ufw5n+bnG8//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/i18+NH96U5nZn54prF90S6Z3VrekinqL/TZ17YOMdNKchjtjG1tZ7RccOS70951d9Z+kRx5nHtfIji8zu/KTDN7afDmbnU+3lcPG0mO9zw8usxIhp8AxzwwAc/d1cUH719d+PCjb84+mH5v5r2ZudHr129M3Lj+1tTVu7OdmYnuz+PuJfA8bNz0j7snAAAAAAAAAAAAwF4N+8OAiy8fxt/AtPzPQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBQ3Lqc5qMUmZy4MlHOr65Mdcqpl9+o2UzSaCTFz5LicXIz3Snjfc0V+ePjrA3ZziezN979/MnqFxttNbv1k0adHsByPeVCkpE6Paz2bh+4veLfvT0sA3apFzg4bv8NAAD//wNS+MQ=")
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$cgroup_type(0xffffffffffffffff, 0x0, 0x2, 0x0)
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r4 = open(&(0x7f00000000c0)='./bus\x00', 0x1431c2, 0x0)
pwrite64(r4, &(0x7f0000005680)="a9a7", 0x2, 0x600000fff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0xffff, 0x100, 0x0, 0x29, 0x0, @loopback, @empty}}}})

130.63µs ago: executing program 5 (id=1645):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x8000280)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000002d80)={0x0, 0x0, 0x0}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001040)=@nat={'nat\x00', 0x8, 0x5, 0x6c0, 0x390, 0xf0, 0xffffffff, 0x2a0, 0x390, 0x5f0, 0x5f0, 0xffffffff, 0x5f0, 0x5f0, 0x5, 0x0, {[{{@uncond, 0xb7030000, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x1d, @ipv6=@private1, @ipv6=@private0, @port, @gre_key}}}, {{@uncond, 0x0, 0x168, 0x1b0, 0x0, {}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@dev, [], @ipv6=@private1, [], @ipv6=@private1, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x1, @ipv4, @ipv6=@local, @icmp_id, @icmp_id}}}, {{@ipv6={@mcast1, @local, [], [], 'wg1\x00', 'virt_wifi0\x00'}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4, @ipv4=@multicast1, @gre_key, @icmp_id}}}, {{@ipv6={@rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @empty}, [], [], 'dummy0\x00', 'syzkaller0\x00'}, 0x0, 0x218, 0x260, 0x0, {}, [@common=@inet=@sctp={{0x148}}, @common=@mh={{0x28}, {"0c06"}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id, @icmp_id}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x720)

0s ago: executing program 2 (id=1646):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc)
splice(r1, 0x0, r3, 0x0, 0xbfcd, 0x0)

kernel console output (not intermixed with test programs):

uota mode: writeback.
[  198.017899][ T4259] kernel write not supported for file bpf-prog (pid: 4259 comm: kworker/0:7)
[  198.044445][ T5581] loop0: detected capacity change from 0 to 2048
[  198.174752][ T5581] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  198.262142][ T5574] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6
[  198.545398][ T5592] loop3: detected capacity change from 0 to 1024
[  198.784828][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  198.784844][   T26] audit: type=1804 audit(1730511443.239:13): pid=5592 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.392" name="/newroot/76/file0/file1" dev="loop3" ino=20 res=1 errno=0
[  199.636572][   T21] Bluetooth: hci3: command 0x0406 tx timeout
[  200.121699][ T5623] loop1: detected capacity change from 0 to 64
[  201.200485][ T5631] loop3: detected capacity change from 0 to 1024
[  202.133773][ T5631] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  203.093838][ T5650] loop4: detected capacity change from 0 to 40427
[  203.792831][ T5650] F2FS-fs (loop4): Unrecognized mount option "fsyns_mode=posix" or missing value
[  203.806942][ T5656] loop3: detected capacity change from 0 to 128
[  203.827597][ T5652] netlink: 'syz.0.406': attribute type 10 has an invalid length.
[  203.860366][ T5652] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.869645][ T5652] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.053879][ T5656] FAT-fs (loop3): Unrecognized mount option "0x0000000000000000" or missing value
[  204.421609][ T5652] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.426670][ T5664] loop3: detected capacity change from 0 to 256
[  204.428749][ T5652] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.444220][ T5652] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.451371][ T5652] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.497730][ T5664] exfat: Bad value for 'allow_utime'
[  204.885550][ T5656] loop3: detected capacity change from 0 to 512
[  204.934018][ T5652] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  204.943376][ T5668] IPv6: NLM_F_REPLACE set, but no existing node found!
[  206.211675][ T5689] overlayfs: failed to resolve './file0': -2
[  206.942227][ T5697] loop1: detected capacity change from 0 to 512
[  208.267211][ T5712] IPv6: NLM_F_REPLACE set, but no existing node found!
[  208.831259][ T5697] EXT4-fs (loop1): Test dummy encryption mode enabled
[  208.891446][ T5697] EXT4-fs error (device loop1): __ext4_iget:4872: inode #11: block 1: comm syz.1.419: invalid block
[  208.933947][ T5697] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.419: couldn't read orphan inode 11 (err -117)
[  208.954331][ T5722] loop3: detected capacity change from 0 to 4096
[  208.961868][ T5697] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none.
[  209.459721][ T5732] fscrypt (loop1): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  209.767458][ T5739] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  210.195600][ T5745] overlayfs: failed to resolve './file0': -2
[  210.439597][ T5752] usb usb7: usbfs: process 5752 (syz.0.434) did not claim interface 0 before use
[  210.509407][ T5749] loop4: detected capacity change from 0 to 4096
[  210.551513][   T26] audit: type=1326 audit(1730511455.009:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5750 comm="syz.0.434" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f99fb640719 code=0x0
[  210.624392][ T5749] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512)
[  210.966166][ T5760] IPv6: NLM_F_REPLACE set, but no existing node found!
[  211.879354][ T5597] Bluetooth: hci3: command 0x0405 tx timeout
[  212.770407][ T5747] loop1: detected capacity change from 0 to 32768
[  213.015469][ T5747] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.432 (5747)
[  213.053601][ T5756] loop3: detected capacity change from 0 to 32768
[  213.075567][ T5782] loop4: detected capacity change from 0 to 2364
[  213.103906][ T5747] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  213.130481][ T5747] BTRFS info (device loop1): using free space tree
[  213.147421][ T5747] BTRFS info (device loop1): has skinny extents
[  213.535053][ T5770] loop0: detected capacity change from 0 to 32768
[  213.650709][ T5756] XFS (loop3): Mounting V5 Filesystem
[  213.721872][ T5776] loop2: detected capacity change from 0 to 40427
[  213.739458][ T5756] XFS (loop3): log mount failed
[  213.750911][ T5747] BTRFS error (device loop1): open_ctree failed
[  213.770591][ T5770] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.439 (5770)
[  213.795631][ T5776] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  213.806213][ T5776] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  213.913070][ T5818] loop4: detected capacity change from 0 to 64
[  214.179587][ T5776] F2FS-fs (loop2): invalid crc value
[  214.571972][ T5776] F2FS-fs (loop2): Found nat_bits in checkpoint
[  214.631853][ T5770] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  214.677256][ T5770] BTRFS info (device loop0): enabling auto defrag
[  214.683743][ T5770] BTRFS info (device loop0): doing ref verification
[  214.728630][ T5770] BTRFS info (device loop0): max_inline at 0
[  214.743470][ T5770] BTRFS info (device loop0): force clearing of disk cache
[  214.751515][ T5770] BTRFS info (device loop0): turning on sync discard
[  214.752716][ T5776] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  214.796250][ T5776] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  214.821364][ T5770] BTRFS info (device loop0): disabling free space tree
[  214.866192][ T5770] BTRFS info (device loop0): has skinny extents
[  215.024551][ T5770] BTRFS error (device loop0): open_ctree failed
[  215.417892][ T5843] attempt to access beyond end of device
[  215.417892][ T5843] loop2: rw=10241, want=45208, limit=40427
[  218.879839][ T5870] loop1: detected capacity change from 0 to 1024
[  219.409732][ T5878] IPv6: NLM_F_REPLACE set, but no existing node found!
[  220.363562][ T5884] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  223.888149][ T5927] IPv6: NLM_F_REPLACE set, but no existing node found!
[  224.844440][ T5925] loop2: detected capacity change from 0 to 2048
[  224.914354][ T4321] hfsplus: b-tree write err: -5, ino 4
[  224.941479][ T5931] loop4: detected capacity change from 0 to 256
[  224.991929][ T5925] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  225.055858][ T5920] loop0: detected capacity change from 0 to 4096
[  225.071545][ T5933] loop3: detected capacity change from 0 to 128
[  225.108514][   T26] audit: type=1804 audit(1730511469.569:15): pid=5925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.468" name=2F6E6577726F6F742F39302F66696C65302FE91F7189591E9233614B dev="loop2" ino=1367 res=1 errno=0
[  225.133304][ T5925] Process accounting resumed
[  225.197443][ T5931] FAT-fs (loop4): Directory bread(block 64) failed
[  225.240017][ T5931] FAT-fs (loop4): Directory bread(block 65) failed
[  225.283945][ T5931] FAT-fs (loop4): Directory bread(block 66) failed
[  225.300206][ T5931] FAT-fs (loop4): Directory bread(block 67) failed
[  225.342405][ T5931] FAT-fs (loop4): Directory bread(block 68) failed
[  225.351805][ T5933] netlink: 'syz.3.470': attribute type 10 has an invalid length.
[  225.401011][ T5931] FAT-fs (loop4): Directory bread(block 69) failed
[  225.418601][ T5931] FAT-fs (loop4): Directory bread(block 70) failed
[  225.428238][ T5933] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.436216][ T5933] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.458958][ T5931] FAT-fs (loop4): Directory bread(block 71) failed
[  225.562404][ T5931] FAT-fs (loop4): Directory bread(block 72) failed
[  225.569228][ T5931] FAT-fs (loop4): Directory bread(block 73) failed
[  225.592226][ T5933] bridge0: port 2(bridge_slave_1) entered blocking state
[  225.599618][ T5933] bridge0: port 2(bridge_slave_1) entered forwarding state
[  225.607135][ T5933] bridge0: port 1(bridge_slave_0) entered blocking state
[  225.614818][ T5933] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.358279][ T5933] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  226.851105][ T5955] netlink: 'syz.3.476': attribute type 4 has an invalid length.
[  226.923732][ T5955] device veth1_macvtap left promiscuous mode
[  227.076064][ T5963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.479'.
[  227.116265][ T5963] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  227.230917][ T5963] batman_adv: batadv0: Removing interface: batadv_slave_0
[  227.298042][ T5963] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  227.542631][ T5963] batman_adv: batadv0: Removing interface: batadv_slave_1
[  227.749100][ T5972] loop3: detected capacity change from 0 to 128
[  227.829466][ T5972] FAT-fs (loop3): Unrecognized mount option "0x0000000000000000" or missing value
[  228.074207][ T5958] loop4: detected capacity change from 0 to 32768
[  228.404762][ T5980] loop3: detected capacity change from 0 to 256
[  228.416986][ T5980] exfat: Bad value for 'allow_utime'
[  229.156685][ T5958] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  230.105850][ T5996] loop0: detected capacity change from 0 to 256
[  230.193108][ T5986] loop1: detected capacity change from 0 to 4096
[  230.223524][ T4171] ocfs2: Unmounting device (7,4) on (node local)
[  233.014384][ T6005] loop1: detected capacity change from 0 to 1024
[  233.191357][ T6005] overlayfs: missing 'lowerdir'
[  234.829428][ T1412] hfsplus: b-tree write err: -5, ino 4
[  235.069063][ T6024] loop4: detected capacity change from 0 to 128
[  235.127879][ T6024] FAT-fs (loop4): Unrecognized mount option "0x0000000000000000" or missing value
[  235.157080][ T6029] loop1: detected capacity change from 0 to 8
[  235.808768][ T6023] loop4: detected capacity change from 0 to 256
[  235.816130][ T6029] SQUASHFS error: xz decompression failed, data probably corrupt
[  235.824621][ T6029] SQUASHFS error: Failed to read block 0x108: -5
[  235.863955][ T6029] SQUASHFS error: Unable to read metadata cache entry [106]
[  235.871726][ T6029] SQUASHFS error: Unable to read inode 0x11f
[  235.897038][ T6023] exfat: Bad value for 'allow_utime'
[  236.942843][ T6024] loop4: detected capacity change from 0 to 512
[  238.128042][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.195681][ T6059] loop3: detected capacity change from 0 to 1024
[  242.000059][ T6059] hfsplus: request for non-existent node -709361664 in B*Tree
[  242.065918][ T6059] hfsplus: request for non-existent node -709361664 in B*Tree
[  242.076214][ T6059] hfsplus: b-tree write err: -5, ino 8
[  243.195086][ T6092] loop4: detected capacity change from 0 to 128
[  243.288227][ T6092] FAT-fs (loop4): Unrecognized mount option "0x0000000000000000" or missing value
[  243.562203][ T6092] loop4: detected capacity change from 0 to 256
[  244.101141][ T6106] loop2: detected capacity change from 0 to 512
[  244.856019][ T6092] exfat: Bad value for 'allow_utime'
[  245.005322][ T6096] loop1: detected capacity change from 0 to 32768
[  245.077495][ T6106] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodelalloc,grpid,auto_da_alloc,,errors=continue. Quota mode: writeback.
[  245.101970][ T6121] loop0: detected capacity change from 0 to 1024
[  245.101958][ T6106] ext4 filesystem being mounted at /99/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  245.358412][ T6121] hfsplus: request for non-existent node -709361664 in B*Tree
[  245.490428][ T6096] XFS (loop1): Mounting V5 Filesystem
[  245.568754][ T6121] hfsplus: request for non-existent node -709361664 in B*Tree
[  245.757451][ T6121] hfsplus: b-tree write err: -5, ino 8
[  245.896707][ T6138] loop3: detected capacity change from 0 to 64
[  245.904771][ T6096] XFS (loop1): Ending clean mount
[  246.097031][ T6144] loop2: detected capacity change from 0 to 64
[  246.131781][ T4167] XFS (loop1): Unmounting Filesystem
[  249.905619][ T6175] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  250.036807][ T6179] loop2: detected capacity change from 0 to 128
[  250.658678][ T6182] loop1: detected capacity change from 0 to 1024
[  251.114661][ T6179] FAT-fs (loop2): Unrecognized mount option "0x0000000000000000" or missing value
[  251.167156][ T6182] hfsplus: request for non-existent node -709361664 in B*Tree
[  251.168013][ T6186] loop4: detected capacity change from 0 to 256
[  251.180430][ T6182] hfsplus: request for non-existent node -709361664 in B*Tree
[  251.202604][ T6182] hfsplus: b-tree write err: -5, ino 8
[  251.232904][ T6186] FAT-fs (loop4): Directory bread(block 64) failed
[  251.276174][ T6186] FAT-fs (loop4): Directory bread(block 65) failed
[  251.282447][ T6179] loop2: detected capacity change from 0 to 256
[  251.288139][ T6186] FAT-fs (loop4): Directory bread(block 66) failed
[  251.305794][ T6186] FAT-fs (loop4): Directory bread(block 67) failed
[  251.312757][ T6186] FAT-fs (loop4): Directory bread(block 68) failed
[  251.340265][ T6186] FAT-fs (loop4): Directory bread(block 69) failed
[  251.356574][ T6186] FAT-fs (loop4): Directory bread(block 70) failed
[  251.366454][ T6186] FAT-fs (loop4): Directory bread(block 71) failed
[  251.373065][ T6186] FAT-fs (loop4): Directory bread(block 72) failed
[  251.380624][ T6179] exfat: Bad value for 'allow_utime'
[  251.400268][ T6186] FAT-fs (loop4): Directory bread(block 73) failed
[  251.434660][ T6163] loop0: detected capacity change from 0 to 40427
[  251.494963][ T6163] F2FS-fs (loop0): Unrecognized mount option "memory=low" or missing value
[  255.642198][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  255.648890][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  255.714941][ T6231] loop0: detected capacity change from 0 to 128
[  255.822523][ T6231] FAT-fs (loop0): Unrecognized mount option "0x0000000000000000" or missing value
[  256.677872][ T6242] loop0: detected capacity change from 0 to 256
[  256.838609][ T6242] exfat: Bad value for 'allow_utime'
[  257.438016][ T1106] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  257.455765][ T1106] Bluetooth: hci3: Injecting HCI hardware error event
[  257.570123][ T4183] Bluetooth: hci3: hardware error 0x00
[  259.236894][ T6275] loop2: detected capacity change from 0 to 1024
[  260.137020][ T6288] loop4: detected capacity change from 0 to 8
[  260.498867][ T6288] SQUASHFS error: zstd decompression error: 2
[  260.520894][ T6288] SQUASHFS error: zstd decompression failed, data probably corrupt
[  260.596024][ T6295] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  260.729503][ T6288] SQUASHFS error: Failed to read block 0x62b: -5
[  260.865338][ T6288] SQUASHFS error: Unable to read metadata cache entry [629]
[  261.312628][ T6288] SQUASHFS error: Unable to read directory block [629:ff26]
[  261.684033][ T6303] loop0: detected capacity change from 0 to 1024
[  261.880690][ T6303] hfsplus: request for non-existent node -709361664 in B*Tree
[  261.888252][ T6303] hfsplus: request for non-existent node -709361664 in B*Tree
[  261.896174][ T6303] hfsplus: b-tree write err: -5, ino 8
[  262.572567][ T6318] loop0: detected capacity change from 0 to 128
[  263.318296][ T6318] FAT-fs (loop0): Unrecognized mount option "0x0000000000000000" or missing value
[  264.211885][ T6334] loop0: detected capacity change from 0 to 256
[  264.219294][ T6334] exfat: Bad value for 'allow_utime'
[  269.150911][ T6392] IPv6: NLM_F_REPLACE set, but no existing node found!
[  270.270464][ T6399] loop3: detected capacity change from 0 to 256
[  271.184650][   T26] audit: type=1804 audit(1730511515.269:16): pid=6413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.592" name="/newroot/114/bus/file0" dev="loop3" ino=1048605 res=1 errno=0
[  274.507365][ T6449] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.602'.
[  274.848870][ T6451] IPv6: NLM_F_REPLACE set, but no existing node found!
[  277.685176][ T6489] netlink: 4 bytes leftover after parsing attributes in process `syz.1.610'.
[  277.741215][ T6475] loop2: detected capacity change from 0 to 4096
[  277.808923][ T6486] netlink: 4 bytes leftover after parsing attributes in process `syz.3.609'.
[  277.972884][ T6475] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  278.646535][ T6475] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  279.845226][ T6511] loop2: detected capacity change from 0 to 1024
[  282.681924][ T6511] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000082,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,data=ordered,init_itable=0x0000000000000003,usrquota,max_dir_size_kb=0x00000000000040d2,,errors=continue. Quota mode: writeback.
[  283.644854][ T6521] loop0: detected capacity change from 0 to 40427
[  283.922263][ T6521] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  284.058188][ T6521] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  284.125442][ T6521] F2FS-fs (loop0): invalid crc value
[  284.381015][ T6521] F2FS-fs (loop0): Found nat_bits in checkpoint
[  285.501873][ T6521] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  285.517007][ T6521] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  286.402681][ T6521] attempt to access beyond end of device
[  286.402681][ T6521] loop0: rw=2049, want=45208, limit=40427
[  286.849352][ T6579] loop4: detected capacity change from 0 to 32768
[  286.906909][ T6579] XFS: ikeep mount option is deprecated.
[  287.032182][ T6579] XFS (loop4): Mounting V5 Filesystem
[  287.206499][ T6579] XFS (loop4): Ending clean mount
[  287.221238][ T6579] XFS (loop4): Quotacheck needed: Please wait.
[  287.283505][ T6589] loop3: detected capacity change from 0 to 4096
[  287.410381][ T6579] XFS (loop4): Quotacheck: Done.
[  288.291615][ T4171] XFS (loop4): Unmounting Filesystem
[  292.797677][ T6665] loop0: detected capacity change from 0 to 4096
[  293.084203][ T6675] loop3: detected capacity change from 0 to 1024
[  293.217011][ T6675] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  295.239755][ T6706] IPv6: NLM_F_REPLACE set, but no existing node found!
[  297.636506][ T6720] loop3: detected capacity change from 0 to 1024
[  298.301966][ T6720] hfsplus: request for non-existent node -709361664 in B*Tree
[  298.309606][ T6720] hfsplus: request for non-existent node -709361664 in B*Tree
[  298.318078][ T6720] hfsplus: b-tree write err: -5, ino 8
[  299.312451][ T6712] loop0: detected capacity change from 0 to 32768
[  299.829678][ T6712] XFS (loop0): Mounting V5 Filesystem
[  300.344402][ T6712] XFS (loop0): log mount failed
[  300.885870][ T6757] IPv6: NLM_F_REPLACE set, but no existing node found!
[  304.238118][ T6781] xt_l2tp: wrong L2TP version: 0
[  304.723817][ T6781] loop3: detected capacity change from 0 to 512
[  305.091185][ T6781] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.672: casefold flag without casefold feature
[  305.140540][ T6781] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.672: couldn't read orphan inode 15 (err -117)
[  305.209608][ T6781] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[  305.335920][ T6767] loop2: detected capacity change from 0 to 40427
[  305.456351][ T6767] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  305.502111][ T6767] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  305.527601][ T6767] F2FS-fs (loop2): invalid crc value
[  305.678494][ T6767] F2FS-fs (loop2): Found nat_bits in checkpoint
[  307.018624][ T6825] IPv6: NLM_F_REPLACE set, but no existing node found!
[  307.983285][ T6829] loop3: detected capacity change from 0 to 256
[  308.946255][ T1322] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  309.356156][ T1322] usb 5-1: Using ep0 maxpacket: 8
[  309.476566][ T1322] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  309.530057][ T1322] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  309.765916][ T1322] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  309.776473][ T1322] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  309.790036][ T1322] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  309.799484][ T1322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.656269][ T1322] usb 5-1: GET_CAPABILITIES returned 0
[  310.661994][ T1322] usbtmc 5-1:16.0: can't read capabilities
[  310.864436][ T6833] 9pnet: Insufficient options for proto=fd
[  311.296532][ T1322] usb 5-1: USB disconnect, device number 2
[  311.970986][ T6871] loop2: detected capacity change from 0 to 4096
[  312.050870][ T6871] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  312.421811][ T6865] loop3: detected capacity change from 0 to 32768
[  312.502031][ T6865] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.690 (6865)
[  312.579872][ T6865] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  312.598374][ T6865] BTRFS info (device loop3): setting nodatacow, compression disabled
[  312.636246][ T6865] BTRFS info (device loop3): setting datacow
[  312.646325][ T6865] BTRFS info (device loop3): doing ref verification
[  312.673716][ T6865] BTRFS info (device loop3): force clearing of disk cache
[  312.746509][ T6865] BTRFS info (device loop3): turning off barriers
[  312.753036][ T6865] BTRFS info (device loop3): enabling ssd optimizations
[  312.786224][ T6865] BTRFS info (device loop3): using spread ssd allocation scheme
[  312.804203][ T6865] BTRFS info (device loop3): using free space tree
[  312.824464][ T6865] BTRFS info (device loop3): has skinny extents
[  312.923328][ T6876] loop4: detected capacity change from 0 to 40427
[  312.979107][ T6876] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  313.026254][ T6876] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  313.076321][ T6876] F2FS-fs (loop4): invalid crc value
[  313.251512][ T6876] F2FS-fs (loop4): Found nat_bits in checkpoint
[  313.311369][ T6865] BTRFS info (device loop3): clearing free space tree
[  313.429987][ T6865] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  313.615642][ T6865] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  313.829545][ T6876] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  313.873446][ T6876] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  314.137092][ T6876] attempt to access beyond end of device
[  314.137092][ T6876] loop4: rw=10241, want=45208, limit=40427
[  314.149949][ T6865] BTRFS info (device loop3): creating free space tree
[  314.204166][ T6865] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  314.260881][ T6865] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  315.846545][ T6924] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  316.126529][ T6924] usb 2-1: Using ep0 maxpacket: 8
[  317.348144][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  317.354501][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  317.536414][ T6924] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  317.556111][ T6924] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  317.576157][ T6924] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  317.886916][ T6924] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  318.148550][ T6924] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  318.380984][ T6924] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.483129][ T6924] usb 2-1: can't set config #16, error -71
[  318.519628][ T6924] usb 2-1: USB disconnect, device number 4
[  318.850006][ T6969] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  321.624080][ T6999] loop0: detected capacity change from 0 to 8
[  322.220831][ T1322] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  323.841299][ T6999] process 'syz.0.722' launched './file0' with NULL argv: empty string added
[  324.052869][ T6999] SQUASHFS error: lzo decompression failed, data probably corrupt
[  324.092163][ T6999] SQUASHFS error: Failed to read block 0x71: -5
[  324.257547][ T6999] SQUASHFS error: lzo decompression failed, data probably corrupt
[  324.265606][ T6999] SQUASHFS error: Failed to read block 0x71: -5
[  324.408564][ T1322] usb 4-1: Using ep0 maxpacket: 8
[  324.498780][ T7013] loop4: detected capacity change from 0 to 1024
[  324.537978][ T1322] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  324.567398][ T7013] hfsplus: request for non-existent node -709361664 in B*Tree
[  324.574897][ T7013] hfsplus: request for non-existent node -709361664 in B*Tree
[  324.582832][ T7013] hfsplus: b-tree write err: -5, ino 8
[  324.593601][ T1322] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  324.635791][ T1322] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  324.727278][ T1322] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  324.773007][ T1322] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  324.800267][ T1322] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.876783][ T1322] usb 4-1: can't set config #16, error -71
[  324.899511][ T1322] usb 4-1: USB disconnect, device number 7
[  326.924211][ T7017] loop3: detected capacity change from 0 to 40427
[  327.024551][ T7017] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  327.069586][ T7017] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  327.129099][ T7017] F2FS-fs (loop3): Found nat_bits in checkpoint
[  330.328234][ T7040] loop4: detected capacity change from 0 to 40427
[  330.971997][ T6924] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  331.229748][ T7074] loop3: detected capacity change from 0 to 512
[  331.314831][ T7074] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  331.333578][ T7074] EXT4-fs error (device loop3): __ext4_get_inode_loc:4320: comm syz.3.744: Invalid inode table block 0 in block_group 0
[  331.348456][ T7074] EXT4-fs (loop3): get root inode failed
[  331.354222][ T7074] EXT4-fs (loop3): mount failed
[  331.416215][ T6924] usb 1-1: Using ep0 maxpacket: 8
[  331.666513][ T6924] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  331.677397][ T6924] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  331.696495][ T6924] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  331.709830][ T6924] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  331.733900][ T6924] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  331.750286][ T6924] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.202282][ T6924] usb 1-1: GET_CAPABILITIES returned 0
[  332.218790][ T6924] usbtmc 1-1:16.0: can't read capabilities
[  332.253535][ T7058] 9pnet: Insufficient options for proto=fd
[  332.350577][ T6924] usb 1-1: USB disconnect, device number 4
[  333.995735][ T7107] delete_channel: no stack
[  335.787484][ T7121] loop3: detected capacity change from 0 to 164
[  335.917480][ T7121] isofs_fill_super: root inode is not a directory. Corrupted media?
[  336.015127][ T7124] netlink: 'syz.0.757': attribute type 4 has an invalid length.
[  337.243135][ T7142] loop1: detected capacity change from 0 to 256
[  340.041483][ T7161] loop1: detected capacity change from 0 to 1024
[  340.826097][ T7161] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  340.905135][ T7165] loop2: detected capacity change from 0 to 4096
[  341.192923][ T7174] loop3: detected capacity change from 0 to 512
[  341.866001][ T7174] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  341.873624][ T7174] UDF-fs: Scanning with blocksize 512 failed
[  341.905790][ T7165] NILFS (loop2): invalid segment: Checksum error in segment payload
[  341.931293][ T7174] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  341.940675][ T7174] UDF-fs: Scanning with blocksize 1024 failed
[  341.949135][ T7174] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  341.956659][ T7174] UDF-fs: Scanning with blocksize 2048 failed
[  341.963631][ T7174] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  341.975126][ T7165] NILFS (loop2): trying rollback from an earlier position
[  341.976381][ T7174] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  342.010115][ T7165] NILFS (loop2): invalid segment: Checksum error in segment payload
[  342.070305][ T7165] NILFS (loop2): error -22 while searching super root
[  342.588171][ T7182] loop4: detected capacity change from 0 to 4096
[  342.724797][ T7182] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512)
[  342.835373][ T7182] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  343.395472][ T7200] loop3: detected capacity change from 0 to 256
[  344.315000][ T4171] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22.
[  345.156324][ T7194] loop2: detected capacity change from 0 to 40427
[  345.364009][ T7194] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  345.406269][ T7194] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  345.510257][ T7194] F2FS-fs (loop2): invalid crc value
[  345.559178][ T7194] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-4)
[  346.052891][ T7223] loop0: detected capacity change from 0 to 40427
[  346.133664][ T7227] loop2: detected capacity change from 0 to 64
[  346.169170][ T7223] F2FS-fs (loop0): invalid crc value
[  346.429814][ T7223] F2FS-fs (loop0): Found nat_bits in checkpoint
[  346.624972][ T7225] loop3: detected capacity change from 0 to 32768
[  346.686929][ T7223] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0
[  346.805342][ T7225] (syz.3.787,7225,1):ocfs2_parse_options:1447 ERROR: Unrecognized mount option "cohÊšency=full" or missing value
[  346.806365][ T7223] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  346.836483][ T7225] (syz.3.787,7225,0):ocfs2_fill_super:1177 ERROR: status = -22
[  346.978298][ T4166] attempt to access beyond end of device
[  346.978298][ T4166] loop0: rw=2049, want=45104, limit=40427
[  348.218615][ T7247] loop4: detected capacity change from 0 to 128
[  348.417101][ T7251] loop1: detected capacity change from 0 to 1024
[  348.634721][ T7251] hfsplus: request for non-existent node -709361664 in B*Tree
[  348.642326][ T7251] hfsplus: request for non-existent node -709361664 in B*Tree
[  348.650245][ T7251] hfsplus: b-tree write err: -5, ino 8
[  350.909499][ T7272] loop2: detected capacity change from 0 to 4096
[  351.110311][ T7272] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  351.319380][ T7272] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  351.652400][ T1421] ntfs3: loop2: ino=1d, Internal error
[  352.117041][ T1421] ntfs3: loop2: ntfs3_write_inode r=1d failed, -22.
[  352.175271][ T7262] loop3: detected capacity change from 0 to 40427
[  352.186264][ T4168] ntfs3: loop2: ntfs_sync_fs r=1a failed, -22.
[  352.196002][ T4168] ntfs3: loop2: ntfs_evict_inode r=1a failed, -22.
[  352.265821][ T7262] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  352.316219][ T7262] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  352.338016][ T7265] loop4: detected capacity change from 0 to 40427
[  352.356393][ T7262] F2FS-fs (loop3): invalid crc value
[  352.511839][ T7265] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  352.579995][ T7265] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  352.755773][ T7265] F2FS-fs (loop4): invalid crc value
[  352.766750][ T7262] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-4)
[  353.246363][ T7265] F2FS-fs (loop4): Failed to start F2FS issue_checkpoint_thread (-12)
[  353.599837][ T7299] loop4: detected capacity change from 0 to 4096
[  353.693140][ T7299] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  354.890402][ T7317] loop0: detected capacity change from 0 to 128
[  355.301257][ T7325] IPv6: NLM_F_REPLACE set, but no existing node found!
[  356.137631][ T7317] FAT-fs (loop0): Unrecognized mount option "0x0000000000000000" or missing value
[  357.142745][ T7336] loop0: detected capacity change from 0 to 256
[  357.150822][ T7330] loop1: detected capacity change from 0 to 1024
[  357.266929][ T7336] exfat: Bad value for 'allow_utime'
[  357.305349][ T7344] loop2: detected capacity change from 0 to 8
[  357.359802][ T7330] hfsplus: request for non-existent node -709361664 in B*Tree
[  357.391387][ T7317] loop0: detected capacity change from 0 to 512
[  357.420097][ T7330] hfsplus: request for non-existent node -709361664 in B*Tree
[  357.482585][ T7330] hfsplus: b-tree write err: -5, ino 8
[  357.697453][ T7349] loop0: detected capacity change from 0 to 256
[  360.131500][ T7376] IPv6: NLM_F_REPLACE set, but no existing node found!
[  363.456215][ T7386] loop0: detected capacity change from 0 to 128
[  363.483506][ T7386] FAT-fs (loop0): Unrecognized mount option "0x0000000000000000" or missing value
[  363.709831][ T7386] loop0: detected capacity change from 0 to 256
[  363.797103][ T7386] exfat: Bad value for 'allow_utime'
[  365.004569][ T7410] loop0: detected capacity change from 0 to 512
[  366.022700][ T7418] loop1: detected capacity change from 0 to 128
[  366.035513][ T7416] input: syz1 as /devices/virtual/input/input10
[  366.140720][ T7418] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  366.148110][ T7389] loop4: detected capacity change from 0 to 32768
[  366.190551][ T7418] ext4 filesystem being mounted at /157/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  366.265944][ T7400] loop2: detected capacity change from 0 to 32768
[  366.273645][ T7389] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  366.342880][ T7400] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present!
[  366.413669][ T7400] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  366.445650][ T7400] (syz.2.836,7400,0):ocfs2_remount:624 ERROR: Cannot change heartbeat mode on remount
[  366.557776][ T4171] ocfs2: Unmounting device (7,4) on (node local)
[  366.695546][ T4168] ocfs2: Unmounting device (7,2) on (node local)
[  366.786452][ T7418] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  366.919791][ T7418] fscrypt (loop1): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  367.015362][ T7432] fscrypt: loop1: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[  367.107065][ T7447] loop3: detected capacity change from 0 to 1024
[  368.004605][ T7447] hfsplus: request for non-existent node -709361664 in B*Tree
[  368.161973][ T7447] hfsplus: request for non-existent node -709361664 in B*Tree
[  369.387132][ T7447] hfsplus: b-tree write err: -5, ino 8
[  370.567257][ T7475] loop1: detected capacity change from 0 to 128
[  370.702201][ T7475] FAT-fs (loop1): Unrecognized mount option "0x0000000000000000" or missing value
[  371.504358][ T7481] loop1: detected capacity change from 0 to 256
[  371.523120][ T7483] loop0: detected capacity change from 0 to 512
[  371.628647][ T7481] exfat: Bad value for 'allow_utime'
[  371.738996][ T7483] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  371.826264][ T7483] ext4 filesystem being mounted at /186/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  371.922748][ T7483] EXT4-fs error (device loop0): ext4_do_update_inode:5174: inode #2: comm syz.0.855: corrupted inode contents
[  371.939746][ T7475] loop1: detected capacity change from 0 to 512
[  371.970230][ T7483] EXT4-fs error (device loop0): ext4_dirty_inode:6010: inode #2: comm syz.0.855: mark_inode_dirty error
[  371.977845][ T7491] loop2: detected capacity change from 0 to 256
[  372.010090][ T7483] EXT4-fs error (device loop0): ext4_do_update_inode:5174: inode #2: comm syz.0.855: corrupted inode contents
[  372.046319][ T7483] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz.0.855: mark_inode_dirty error
[  372.070633][ T7491] exfat: Deprecated parameter 'utf8'
[  372.117994][ T7491] exfat: Unknown parameter 'utfC'
[  372.253253][ T7473] loop4: detected capacity change from 0 to 32768
[  372.990742][ T7499] loop1: detected capacity change from 0 to 512
[  373.214336][ T7499] EXT4-fs (loop1): Ignoring removed bh option
[  373.367682][ T7499] EXT4-fs (loop1): Test dummy encryption mode enabled
[  373.557030][ T7499] EXT4-fs (loop1): Test dummy encryption mode enabled
[  373.949278][   T26] audit: type=1804 audit(1730511618.379:17): pid=7501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.852" name="/newroot/165/file0/file1" dev="loop4" ino=4 res=1 errno=0
[  374.297827][ T7499] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:163: inode #12: comm syz.1.860: inline data xattr refers to an external xattr inode
[  374.565066][ T7499] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.860: couldn't read orphan inode 12 (err -117)
[  374.633254][ T7517] loop2: detected capacity change from 0 to 512
[  374.805424][ T7499] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000004,init_itable=0x0000000000000000,nolazytime,grpid,prjquota,usrjquota=,lazytime,bh,test_dummy_encryption,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  375.072064][ T7517] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  375.172436][ T7517] ext4 filesystem being mounted at /175/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  375.634925][ T7523] Invalid ELF header magic: != ELF
[  375.765191][ T7539] 9p: Unknown access argument ?k
[  375.936457][ T7544] loop3: detected capacity change from 0 to 1024
[  375.948768][ T7545] loop2: detected capacity change from 0 to 128
[  376.067570][ T7545] FAT-fs (loop2): Unrecognized mount option "0x0000000000000000" or missing value
[  377.808426][ T7544] hfsplus: request for non-existent node -709361664 in B*Tree
[  377.872401][ T7553] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  377.907882][ T7544] hfsplus: request for non-existent node -709361664 in B*Tree
[  377.941318][ T7554] netlink: 44 bytes leftover after parsing attributes in process `syz.0.873'.
[  377.972151][ T7544] hfsplus: b-tree write err: -5, ino 8
[  378.189467][ T7534] loop1: detected capacity change from 0 to 32768
[  378.222405][ T7558] loop4: detected capacity change from 0 to 256
[  378.322121][ T7534] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.867 (7534)
[  378.369266][ T7560] loop2: detected capacity change from 0 to 256
[  378.414044][ T7558] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  378.472995][ T7558] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  378.529783][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  378.536636][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  378.732951][ T7560] exfat: Bad value for 'allow_utime'
[  379.153954][ T7558] attempt to access beyond end of device
[  379.153954][ T7558] loop4: rw=524288, want=408, limit=256
[  379.198853][ T7534] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  379.199895][ T7558] attempt to access beyond end of device
[  379.199895][ T7558] loop4: rw=524288, want=664, limit=256
[  379.221363][ T7558] attempt to access beyond end of device
[  379.221363][ T7558] loop4: rw=0, want=288, limit=256
[  379.234364][   T26] audit: type=1800 audit(1730511623.699:18): pid=7558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.875" name="file1" dev="loop4" ino=1048609 res=0 errno=0
[  379.254752][ T7534] BTRFS info (device loop1): using free space tree
[  379.261433][ T7534] BTRFS info (device loop1): has skinny extents
[  379.359115][ T7545] loop2: detected capacity change from 0 to 512
[  379.464685][   T26] audit: type=1804 audit(1730511623.919:19): pid=7581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.875" name="/newroot/169/bus/file1" dev="loop4" ino=1048609 res=1 errno=0
[  379.505815][ T7581] attempt to access beyond end of device
[  379.505815][ T7581] loop4: rw=0, want=288, limit=256
[  379.888855][   T26] audit: type=1800 audit(1730511624.029:20): pid=7581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.875" name="file1" dev="loop4" ino=1048609 res=0 errno=0
[  380.348422][ T7534] BTRFS error (device loop1): open_ctree failed
[  380.348870][ T4438] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by udevd (4438)
[  383.536251][ T7614] loop1: detected capacity change from 0 to 64
[  384.974951][ T7625] loop0: detected capacity change from 0 to 2048
[  386.383207][ T7625] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  386.550146][ T7625] attempt to access beyond end of device
[  386.550146][ T7625] loop0: rw=524288, want=33554432, limit=2048
[  386.562706][ T7643] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  387.566305][ T7625] syz.0.890 (7625) used greatest stack depth: 18168 bytes left
[  387.859873][ T7645] Invalid ELF header magic: != ELF
[  387.929684][ T7659] loop0: detected capacity change from 0 to 256
[  388.229611][ T7662] loop1: detected capacity change from 0 to 1024
[  388.626478][   T26] audit: type=1804 audit(1730511632.789:21): pid=7667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.899" name="/newroot/199/bus/file0" dev="loop0" ino=1048610 res=1 errno=0
[  390.042518][ T7662] hfsplus: request for non-existent node -709361664 in B*Tree
[  390.055780][ T7662] hfsplus: request for non-existent node -709361664 in B*Tree
[  390.066645][ T7662] hfsplus: b-tree write err: -5, ino 8
[  391.726769][ T7695] loop3: detected capacity change from 0 to 2048
[  393.421048][ T7704] loop4: detected capacity change from 0 to 40427
[  393.536220][ T7704] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  393.543991][ T7704] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  393.694447][ T7704] F2FS-fs (loop4): invalid crc value
[  394.157367][ T7704] F2FS-fs (loop4): Found nat_bits in checkpoint
[  396.195318][ T7742] device hsr0 entered promiscuous mode
[  396.225705][ T7742] device hsr_slave_0 left promiscuous mode
[  396.242885][ T7742] device hsr_slave_1 left promiscuous mode
[  398.808330][ T7758] loop1: detected capacity change from 0 to 64
[  403.873494][ T7793] loop2: detected capacity change from 0 to 512
[  404.071218][ T7793] EXT4-fs (loop2): Value of option "test_dummy_encryption=test_dummy_encryption" is unrecognized
[  405.908721][ T7810] loop3: detected capacity change from 0 to 512
[  406.304949][ T7810] EXT4-fs (loop3): 1 orphan inode deleted
[  406.335245][ T7810] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  406.432556][ T7810] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  407.744850][   T26] audit: type=1800 audit(1730511652.189:22): pid=7826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.944" name="file1" dev="loop3" ino=15 res=0 errno=0
[  409.995600][ T7848] loop2: detected capacity change from 0 to 1024
[  410.451400][ T7850] attempt to access beyond end of device
[  410.451400][ T7850] loop2: rw=0, want=5780, limit=1024
[  411.985790][ T7860] loop1: detected capacity change from 0 to 512
[  412.144465][ T7860] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  412.205401][ T7860] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  412.327789][ T7860] EXT4-fs (loop1): 1 truncate cleaned up
[  412.333840][ T7860] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,init_itable,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  412.801288][   T26] audit: type=1800 audit(1730511657.249:23): pid=7860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.957" name="file1" dev="loop1" ino=15 res=0 errno=0
[  416.359471][ T7892] netlink: 12 bytes leftover after parsing attributes in process `syz.3.966'.
[  416.380025][ T7892] device bridge_slave_1 left promiscuous mode
[  416.978870][ T7892] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.060060][ T7892] bridge1: port 1(bridge_slave_1) entered blocking state
[  417.108891][ T7892] bridge1: port 1(bridge_slave_1) entered disabled state
[  417.181875][ T7892] device bridge_slave_1 entered promiscuous mode
[  417.360997][ T7896] bridge1: port 2(macvlan2) entered blocking state
[  417.384249][   T26] audit: type=1326 audit(1730511661.839:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.1.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2f8544719 code=0x7ffc0000
[  417.385434][ T7896] bridge1: port 2(macvlan2) entered disabled state
[  417.420747][   T26] audit: type=1326 audit(1730511661.869:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7898 comm="syz.1.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2f8544719 code=0x7ffc0000
[  417.460928][ T7896] device macvlan2 entered promiscuous mode
[  420.213597][ T7919] loop3: detected capacity change from 0 to 40427
[  420.282218][ T7919] F2FS-fs (loop3): invalid crc value
[  420.378242][ T7919] F2FS-fs (loop3): Found nat_bits in checkpoint
[  420.443742][ T7933] loop2: detected capacity change from 0 to 128
[  420.498296][ T7919] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[  420.517577][ T7933] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  420.532937][ T7919] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  420.542974][ T7926] loop1: detected capacity change from 0 to 40427
[  420.562309][ T7933] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  420.594428][ T7919] attempt to access beyond end of device
[  420.594428][ T7919] loop3: rw=2049, want=45104, limit=40427
[  420.681025][ T7926] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  420.718083][ T7926] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  420.737329][ T4236] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  420.783032][ T7926] F2FS-fs (loop1): invalid crc value
[  420.842482][ T7926] F2FS-fs (loop1): Found nat_bits in checkpoint
[  420.957219][ T7942] loop0: detected capacity change from 0 to 2048
[  421.020750][ T7942] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  421.036113][ T7942] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  421.369301][ T7942] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802c018, mo2=0002]
[  421.391880][ T7926] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  421.444741][ T7942] System zones: 0-7
[  421.513346][ T7926] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  421.572241][ T7942] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,debug,nomblk_io_submit,noquota,mblk_io_submit,nodiscard,noquota,,errors=continue. Quota mode: none.
[  421.826823][ T7926] attempt to access beyond end of device
[  421.826823][ T7926] loop1: rw=10241, want=45208, limit=40427
[  421.851651][ T7942] EXT4-fs error (device loop0): __ext4_iget:4872: inode #14: block 1886221359: comm syz.0.983: invalid block
[  422.414938][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  422.576582][ T7945] loop2: detected capacity change from 0 to 32768
[  422.685651][ T7945] 
[  422.685651][ T7945]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  422.685651][ T7945] 
[  423.955887][ T4168] 
[  423.955887][ T4168]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  423.955887][ T4168] 
[  424.243718][ T4168] 
[  424.243718][ T4168]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  424.243718][ T4168] 
[  424.814148][ T7953] loop4: detected capacity change from 0 to 32768
[  424.896475][ T7977] loop3: detected capacity change from 0 to 512
[  424.985104][ T7977] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  425.037252][ T7977] EXT4-fs (loop3): Test dummy encryption mode enabled
[  425.109434][ T7977] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  425.142077][ T7977] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.992: attempt to clear invalid blocks 2 len 1
[  425.271143][ T7977] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  425.332586][ T7977] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.992: invalid indirect mapped block 1819239214 (level 0)
[  425.436343][ T7977] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.992: invalid indirect mapped block 1819239214 (level 1)
[  426.437060][ T7977] EXT4-fs (loop3): 1 truncate cleaned up
[  426.499668][ T7977] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,grpid,nomblk_io_submit,test_dummy_encryption,jqfmt=vfsv0,usrjquota=..,errors=continue. Quota mode: writeback.
[  427.638271][ T8005] loop3: detected capacity change from 0 to 2048
[  427.801984][ T8005] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,resgid=0x0000000000000000,delalloc,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none.
[  429.015082][ T8001] loop4: detected capacity change from 0 to 40427
[  429.092696][ T8008] loop2: detected capacity change from 0 to 32768
[  429.162540][ T8001] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  429.328457][ T8001] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  429.525968][ T8008] XFS (loop2): Mounting V5 Filesystem
[  429.711759][ T8001] F2FS-fs (loop4): invalid crc value
[  429.751686][ T8001] F2FS-fs (loop4): Failed to start F2FS issue_checkpoint_thread (-12)
[  429.984693][ T8008] XFS (loop2): Ending clean mount
[  430.050378][ T8038] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  430.992324][ T4168] XFS (loop2): Unmounting Filesystem
[  431.199635][ T8019] loop0: detected capacity change from 0 to 32768
[  431.683501][ T8036] loop1: detected capacity change from 0 to 32768
[  432.403923][ T8036] XFS (loop1): Mounting V5 Filesystem
[  432.580888][ T8036] XFS (loop1): Ending clean mount
[  432.796260][ T4167] XFS (loop1): Unmounting Filesystem
[  433.295201][ T8055] loop0: detected capacity change from 0 to 32768
[  433.785153][ T8055] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  434.317816][ T4166] ocfs2: Unmounting device (7,0) on (node local)
[  434.896382][ T8085] loop1: detected capacity change from 0 to 1024
[  436.478507][ T8085] hfsplus: request for non-existent node -709361664 in B*Tree
[  436.516188][ T8085] hfsplus: request for non-existent node -709361664 in B*Tree
[  436.564927][ T8085] hfsplus: b-tree write err: -5, ino 8
[  436.790306][ T8101] loop0: detected capacity change from 0 to 4096
[  436.820318][ T8084] loop4: detected capacity change from 0 to 40427
[  436.877162][ T8101] NILFS (loop0): invalid segment: Checksum error in segment payload
[  436.885215][ T8101] NILFS (loop0): trying rollback from an earlier position
[  436.892977][ T8084] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  436.951832][ T8084] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  436.990155][ T8084] F2FS-fs (loop4): invalid crc value
[  436.997656][ T8101] NILFS (loop0): recovery complete
[  437.028654][ T8109] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  437.896151][ T8084] F2FS-fs (loop4): Found nat_bits in checkpoint
[  438.354742][ T8121] loop0: detected capacity change from 0 to 24
[  439.638674][ T8145] loop1: detected capacity change from 0 to 24
[  439.977124][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  439.984615][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  440.582336][ T8160] loop2: detected capacity change from 0 to 512
[  440.883319][ T8168] loop4: detected capacity change from 0 to 1024
[  441.090086][ T8172] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1042'.
[  441.491795][ T8160] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.1041: inode #1: comm syz.2.1041: iget: illegal inode #
[  441.812774][ T8160] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1041: error while reading EA inode 1 err=-117
[  441.882147][ T8160] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2816: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  441.940951][ T8160] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.1041: inode #1: comm syz.2.1041: iget: illegal inode #
[  441.981789][ T8160] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1041: error while reading EA inode 1 err=-117
[  442.123012][ T8160] EXT4-fs (loop2): 1 orphan inode deleted
[  442.143314][ T8160] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,jqfmt=vfsv1,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  442.168653][    C0] vkms_vblank_simulate: vblank timer overrun
[  442.285379][ T8160] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1041: invalid indirect mapped block 234881024 (level 0)
[  444.127849][ T8213] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  444.469325][ T8215] loop0: detected capacity change from 0 to 32768
[  444.517594][ T8215] XFS: ikeep mount option is deprecated.
[  444.553668][ T8215] XFS (loop0): Mounting V5 Filesystem
[  444.605761][ T8215] XFS (loop0): Ending clean mount
[  444.615792][ T8215] XFS (loop0): Quotacheck needed: Please wait.
[  444.740318][ T8215] XFS (loop0): Quotacheck: Done.
[  445.805374][ T4166] XFS (loop0): Unmounting Filesystem
[  445.863240][ T8239] loop3: detected capacity change from 0 to 1024
[  446.044246][ T4220] hfsplus: b-tree write err: -5, ino 4
[  447.757103][ T8252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1068'.
[  448.220173][ T8259] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  451.399262][ T8274] loop0: detected capacity change from 0 to 512
[  451.682205][ T8276] loop1: detected capacity change from 0 to 32768
[  451.767938][ T8274] EXT4-fs (loop0): Test dummy encryption mode enabled
[  451.774775][ T8274] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  451.776805][ T8276] XFS: ikeep mount option is deprecated.
[  451.993865][ T8276] XFS (loop1): Mounting V5 Filesystem
[  452.075787][ T8274] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  452.087554][ T8274] System zones: 1-12
[  452.189638][ T8292] loop4: detected capacity change from 0 to 1024
[  452.275665][ T8292] hfsplus: request for non-existent node -709361664 in B*Tree
[  452.283297][ T8292] hfsplus: request for non-existent node -709361664 in B*Tree
[  452.297285][ T8292] hfsplus: b-tree write err: -5, ino 8
[  452.350506][ T8274] EXT4-fs (loop0): 1 truncate cleaned up
[  452.421804][ T8274] EXT4-fs (loop0): mounted filesystem without journal. Opts: nogrpid,jqfmt=vfsv0,test_dummy_encryption,debug,nobarrier,quota,,errors=continue. Quota mode: writeback.
[  452.887290][   T13] kernel write not supported for file /fb0 (pid: 13 comm: kworker/0:1)
[  452.932170][ T8276] XFS (loop1): Ending clean mount
[  452.969660][ T8276] XFS (loop1): Quotacheck needed: Please wait.
[  455.041783][ T8303] loop0: detected capacity change from 0 to 512
[  455.318095][ T8276] XFS (loop1): Quotacheck: Done.
[  455.386065][ T8303] EXT4-fs (loop0): mounted filesystem without journal. Opts: user_xattr,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  455.402888][ T8303] ext4 filesystem being mounted at /230/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  455.436330][ T4167] XFS (loop1): Unmounting Filesystem
[  457.491168][ T8322] loop0: detected capacity change from 0 to 2048
[  457.662326][ T8324] loop3: detected capacity change from 0 to 1024
[  457.699633][ T8325] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  457.760637][ T8322] NILFS error (device loop0): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=0, inode=2, rec_len=201, name_len=0
[  457.889065][ T8322] Remounting filesystem read-only
[  457.955093][ T8324] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000082,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,data=ordered,init_itable=0x0000000000000003,usrquota,max_dir_size_kb=0x00000000000040d2,,errors=continue. Quota mode: writeback.
[  458.844738][ T8333] loop2: detected capacity change from 0 to 128
[  464.576860][ T8374] loop0: detected capacity change from 0 to 2048
[  464.902296][ T8378] loop1: detected capacity change from 0 to 1764
[  465.050759][ T8374] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  466.312248][ T8384] loop4: detected capacity change from 0 to 64
[  474.235178][ T8439] loop3: detected capacity change from 0 to 1024
[  474.517033][ T8439] EXT4-fs (loop3): Ignoring removed oldalloc option
[  474.966960][ T8439] EXT4-fs (loop3): mounted filesystem without journal. Opts: stripe=0x0000000000000003,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  475.119460][ T8455] binder: 8454:8455 ioctl c00c6211 9999999999999999 returned -22
[  476.363760][ T8478] loop3: detected capacity change from 0 to 32768
[  476.370981][ T8478] XFS: ikeep mount option is deprecated.
[  476.929416][ T8478] XFS (loop3): Mounting V5 Filesystem
[  477.051660][ T8478] XFS (loop3): Ending clean mount
[  477.067872][ T8478] XFS (loop3): Quotacheck needed: Please wait.
[  477.204954][ T8464] loop1: detected capacity change from 0 to 32768
[  477.300540][ T8492] loop2: detected capacity change from 0 to 64
[  478.086426][ T8478] XFS (loop3): Quotacheck: Done.
[  478.117591][ T8464] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop1 scanned by syz.1.1122 (8464)
[  478.425866][ T8464] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  478.546262][ T8464] BTRFS info (device loop1): disabling tree log
[  478.566570][ T8464] BTRFS info (device loop1): turning on sync discard
[  478.600153][ T8464] BTRFS info (device loop1): force clearing of disk cache
[  478.611638][ T8464] BTRFS info (device loop1): enabling ssd optimizations
[  478.625886][ T8464] BTRFS info (device loop1): using spread ssd allocation scheme
[  478.661029][ T8464] BTRFS info (device loop1): using free space tree
[  478.696283][ T8464] BTRFS info (device loop1): has skinny extents
[  478.717087][ T4173] XFS (loop3): Unmounting Filesystem
[  478.945489][ T8464] BTRFS error (device loop1): open_ctree failed
[  479.008337][ T5598] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  479.028278][ T5598] Bluetooth: hci1: Injecting HCI hardware error event
[  479.042548][ T4183] Bluetooth: hci1: hardware error 0x00
[  479.585668][ T8525] loop1: detected capacity change from 0 to 1024
[  480.058049][ T8533] loop2: detected capacity change from 0 to 4096
[  481.680500][ T8546] loop0: detected capacity change from 0 to 64
[  482.456937][ T8528] loop3: detected capacity change from 0 to 32768
[  482.511241][ T8528] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1131 (8528)
[  482.571444][ T8528] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  482.594210][ T8528] BTRFS info (device loop3): using free space tree
[  482.671448][ T8528] BTRFS info (device loop3): has skinny extents
[  483.226408][ T8528] BTRFS error (device loop3): open_ctree failed
[  483.528716][ T8553] loop2: detected capacity change from 0 to 32768
[  484.558251][ T8553] XFS (loop2): Mounting V5 Filesystem
[  484.763746][ T8553] XFS (loop2): Ending clean mount
[  486.059755][ T4168] XFS (loop2): Unmounting Filesystem
[  486.192483][ T8622] loop4: detected capacity change from 0 to 64
[  487.061485][ T8611] loop0: detected capacity change from 0 to 32768
[  487.304995][ T8611] XFS (loop0): Mounting V5 Filesystem
[  487.425096][ T8644] loop1: detected capacity change from 0 to 64
[  487.433856][ T8611] XFS (loop0): Ending clean mount
[  487.476570][ T8644] hfs: unable to locate alternate MDB
[  487.527805][ T8644] hfs: continuing without an alternate MDB
[  487.670096][ T4166] XFS (loop0): Unmounting Filesystem
[  489.790954][ T8670] loop4: detected capacity change from 0 to 64
[  492.361852][ T8694] loop4: detected capacity change from 0 to 40427
[  492.439874][ T8682] loop1: detected capacity change from 0 to 40427
[  492.461766][ T8694] F2FS-fs (loop4): Unrecognized mount option "smackfsroot=f2fs" or missing value
[  492.574579][ T8682] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  492.605472][ T8682] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  493.271369][ T8693] delete_channel: no stack
[  493.402019][ T8682] F2FS-fs (loop1): invalid crc value
[  493.468714][ T8700] loop0: detected capacity change from 0 to 4096
[  493.553151][ T8700] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[  493.574815][ T8682] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-4)
[  494.106947][ T8700] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  494.861183][ T8721] loop4: detected capacity change from 0 to 64
[  497.894267][ T8715] loop3: detected capacity change from 0 to 256
[  498.383738][ T8745] loop2: detected capacity change from 0 to 4096
[  498.451154][ T8745] NILFS (loop2): unrecognized mount option "18446744073709551615ÿÿÿÿÿÿÿÿÿÿ°™•áèÈ)æhäøEŠëntpË𔑯¼è¦Ú+ኆž÷ÿÿÿÿÿÿÿÿ"
[  498.807525][ T8754] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1191'.
[  500.325270][ T8760] loop0: detected capacity change from 0 to 64
[  500.850166][ T8766] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1193'.
[  501.446449][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  501.452821][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  505.501522][ T8797] loop3: detected capacity change from 0 to 2048
[  505.654612][ T8801] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  505.670112][ T8784] loop0: detected capacity change from 0 to 32768
[  506.082119][ T8789] loop2: detected capacity change from 0 to 32768
[  506.305602][ T8784] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1199 (8784)
[  506.382285][ T8784] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  506.401700][ T8784] BTRFS info (device loop0): setting nodatacow, compression disabled
[  506.415128][ T8784] BTRFS info (device loop0): turning on sync discard
[  506.422258][ T8784] BTRFS info (device loop0): enabling disk space caching
[  506.434827][ T8784] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  506.501244][ T8812] loop4: detected capacity change from 0 to 1024
[  506.508275][ T8784] BTRFS info (device loop0): trying to use backup root at mount time
[  506.540296][ T8784] BTRFS error (device loop0): cannot disable free space tree
[  506.556942][ T8784] BTRFS error (device loop0): open_ctree failed
[  506.579651][ T4435] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by udevd (4435)
[  506.651365][ T8812] hfsplus: request for non-existent node -709361664 in B*Tree
[  506.728978][ T8812] hfsplus: request for non-existent node -709361664 in B*Tree
[  506.853205][ T8812] hfsplus: b-tree write err: -5, ino 8
[  510.092096][ T8827] loop3: detected capacity change from 0 to 32768
[  510.097044][ T8848] loop1: detected capacity change from 0 to 256
[  510.200115][ T8848] FAT-fs (loop1): Directory bread(block 64) failed
[  510.213954][ T8831] loop2: detected capacity change from 0 to 32768
[  510.228178][ T8827] XFS (loop3): Mounting V5 Filesystem
[  510.241218][ T8848] FAT-fs (loop1): Directory bread(block 65) failed
[  510.261051][ T8848] FAT-fs (loop1): Directory bread(block 66) failed
[  510.268082][ T8848] FAT-fs (loop1): Directory bread(block 67) failed
[  510.294456][ T8848] FAT-fs (loop1): Directory bread(block 68) failed
[  510.316152][ T8848] FAT-fs (loop1): Directory bread(block 69) failed
[  510.323251][ T8848] FAT-fs (loop1): Directory bread(block 70) failed
[  510.332912][ T8848] FAT-fs (loop1): Directory bread(block 71) failed
[  510.339849][ T8848] FAT-fs (loop1): Directory bread(block 72) failed
[  510.346753][ T8848] FAT-fs (loop1): Directory bread(block 73) failed
[  510.355837][ T8831] BTRFS: device fsid 384aeb47-f1c2-4293-8350-e6dffa96895f devid 1 transid 8 /dev/loop2 scanned by syz.2.1210 (8831)
[  510.407863][ T8827] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  510.466275][ T8831] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  510.496161][ T8831] BTRFS info (device loop2): using free space tree
[  510.513020][ T8831] BTRFS info (device loop2): has skinny extents
[  510.562706][ T8827] XFS (loop3): Starting recovery (logdev: internal)
[  510.610997][ T8869] loop0: detected capacity change from 0 to 1024
[  510.686451][ T8827] XFS (loop3): Ending recovery (logdev: internal)
[  510.978521][ T4173] XFS (loop3): Unmounting Filesystem
[  510.982769][ T8888] loop4: detected capacity change from 0 to 16
[  511.208822][ T8888] erofs: (device loop4): mounted with root inode @ nid 36.
[  511.290212][ T8831] BTRFS info (device loop2): enabling ssd optimizations
[  514.913839][ T8948] loop2: detected capacity change from 0 to 1764
[  517.265365][ T8976] loop4: detected capacity change from 0 to 64
[  519.579484][ T9000] loop0: detected capacity change from 0 to 2048
[  519.697583][ T9000] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  519.981605][ T9003] UDF-fs: warning (device loop0): udf_truncate_tail_extent: Too long extent after EOF in inode 1436: i_size: 241664 lbcount: 245760 extent 129+244736
[  520.369808][ T9007] loop2: detected capacity change from 0 to 1764
[  523.167859][ T9025] loop1: detected capacity change from 0 to 4096
[  523.250353][ T9025] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  524.190952][ T9014] loop2: detected capacity change from 0 to 32768
[  524.265464][ T9018] loop0: detected capacity change from 0 to 32768
[  524.347418][ T9014] XFS: attr2 mount option is deprecated.
[  524.639683][ T9014] XFS (loop2): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent.
[  524.672466][ T9018] XFS (loop0): Mounting V5 Filesystem
[  524.695195][ T9014] XFS (loop2): Quotacheck needed: Please wait.
[  524.848959][ T9014] XFS (loop2): Quotacheck: Done.
[  524.877593][ T9018] XFS (loop0): Ending clean mount
[  524.956364][ T4168] XFS (loop2): Unmounting Filesystem
[  524.967629][ T9018] XFS (loop0): Quotacheck needed: Please wait.
[  525.170074][ T9035] loop3: detected capacity change from 0 to 32768
[  525.214754][ T9018] XFS (loop0): Quotacheck: Done.
[  525.360745][ T4166] XFS (loop0): Unmounting Filesystem
[  525.367534][ T9053] loop8: detected capacity change from 0 to 7
[  525.382914][ T9035] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  525.406146][ T9035] BTRFS info (device loop3): setting nodatacow, compression disabled
[  525.414284][ T9035] BTRFS info (device loop3): enabling auto defrag
[  525.477371][ T9035] BTRFS info (device loop3): max_inline at 0
[  525.483418][ T9035] BTRFS info (device loop3): using free space tree
[  525.519690][ T9053] Dev loop8: unable to read RDB block 7
[  525.527118][ T9053]  loop8: unable to read partition table
[  525.529748][ T9035] BTRFS info (device loop3): has skinny extents
[  525.533204][ T9053] loop8: partition table beyond EOD, truncated
[  525.624129][ T9057] loop4: detected capacity change from 0 to 1024
[  525.641106][ T9053] loop_reread_partitions: partition scan of loop8 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  525.641106][ T9053] 
) failed (rc=-5)
[  525.701426][ T9057] hfsplus: request for non-existent node -709361664 in B*Tree
[  525.709097][ T9057] hfsplus: request for non-existent node -709361664 in B*Tree
[  525.717005][ T9057] hfsplus: b-tree write err: -5, ino 8
[  526.614957][ T9058] delete_channel: no stack
[  526.858497][ T9080] loop1: detected capacity change from 0 to 64
[  527.304396][ T9089] loop0: detected capacity change from 0 to 1764
[  531.068589][ T9124] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  531.075894][ T9124] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  531.268574][ T9118] delete_channel: no stack
[  531.360082][ T9124] vhci_hcd vhci_hcd.0: Device attached
[  531.448792][ T9131] loop0: detected capacity change from 0 to 512
[  531.541210][ T5598] vhci_hcd: vhci_device speed not set
[  531.618851][ T4214] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[  531.626556][ T5598] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  531.673676][ T9103] loop1: detected capacity change from 0 to 32768
[  531.779601][ T9131] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  531.790002][ T9103] XFS (loop1): Mounting V5 Filesystem
[  531.916377][ T9131] ext4 filesystem being mounted at /272/wÅü5ÔTÕÔ)­`)Y�Fæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038-01-19 (0x7fffffff)
[  532.002903][ T9103] XFS (loop1): Ending clean mount
[  532.041337][ T9103] XFS (loop1): Quotacheck needed: Please wait.
[  532.483874][ T9152] loop2: detected capacity change from 0 to 1024
[  532.928023][ T9103] XFS (loop1): Quotacheck: Done.
[  532.950589][ T9103] XFS (loop1): Unmounting Filesystem
[  533.070081][ T4214] usb 5-1: config 0 has no interfaces?
[  533.086123][ T4214] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  533.095413][ T4214] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  533.110376][ T4214] usb 5-1: config 0 descriptor??
[  533.196114][ T9158] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  535.220667][ T9125] vhci_hcd: connection closed
[  535.234887][ T1322] usb 5-1: USB disconnect, device number 3
[  535.307567][ T5598] vhci_hcd: vhci_device speed not set
[  535.326309][ T1412] vhci_hcd: stop threads
[  535.330621][ T9152] hfsplus: request for non-existent node -709361664 in B*Tree
[  535.338109][ T9152] hfsplus: request for non-existent node -709361664 in B*Tree
[  535.345799][ T9152] hfsplus: b-tree write err: -5, ino 8
[  535.359662][ T1412] vhci_hcd: release socket
[  535.386142][ T5598] usb 41-1: device descriptor read/64, error -71
[  535.463019][ T1412] vhci_hcd: disconnect device
[  535.750243][ T5598] vhci_hcd: vhci_device speed not set
[  536.216915][ T9171] ptrace attach of "./syz-executor exec"[9172] was attempted by "./syz-executor exec"[9171]
[  536.726132][ T9171] binder: 9164:9171 ioctl c0306201 0 returned -14
[  539.611204][ T9194] loop3: detected capacity change from 0 to 128
[  539.810312][ T9194] qnx6: unable to set blocksize
[  539.889867][ T9183] loop0: detected capacity change from 0 to 32768
[  540.152105][ T9200] lo speed is unknown, defaulting to 1000
[  540.177812][ T9200] lo speed is unknown, defaulting to 1000
[  540.430313][ T9202] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  540.468728][ T9200] lo speed is unknown, defaulting to 1000
[  540.624555][ T9200] infiniband syz0: set active
[  540.629748][ T9200] infiniband syz0: added lo
[  540.646026][ T9200] infiniband syz0: Couldn't open port 1
[  540.679975][ T5812] lo speed is unknown, defaulting to 1000
[  540.716278][ T9200] RDS/IB: syz0: added
[  540.721231][ T9200] smc: adding ib device syz0 with port count 1
[  540.727759][ T9200] smc:    ib device syz0 port 1 has pnetid 
[  540.758723][ T9183] (syz.0.1280,9183,0):ocfs2_initialize_super:2310 ERROR: status = -12
[  540.790248][ T9200] lo speed is unknown, defaulting to 1000
[  540.894903][ T9200] lo speed is unknown, defaulting to 1000
[  540.926111][ T9183] (syz.0.1280,9183,1):ocfs2_fill_super:1177 ERROR: status = -12
[  541.006417][   T13] lo speed is unknown, defaulting to 1000
[  541.135636][ T9200] lo speed is unknown, defaulting to 1000
[  541.816688][ T9212] 8021q: adding VLAN 0 to HW filter on device bond2
[  541.878861][ T9200] lo speed is unknown, defaulting to 1000
[  542.459442][ T9200] lo speed is unknown, defaulting to 1000
[  542.824160][ T9225] loop3: detected capacity change from 0 to 512
[  542.872321][ T9225] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  542.900223][ T9225] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  542.960228][ T9225] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  542.976093][ T9225] System zones: 1-12
[  543.001077][ T9225] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2219: inode #15: comm syz.3.1292: corrupted in-inode xattr
[  543.037958][ T9225] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.1292: couldn't read orphan inode 15 (err -117)
[  543.084772][ T9232] loop1: detected capacity change from 0 to 1024
[  543.145053][ T9232] hfsplus: request for non-existent node -709361664 in B*Tree
[  543.152661][ T9232] hfsplus: request for non-existent node -709361664 in B*Tree
[  543.160768][ T9232] hfsplus: b-tree write err: -5, ino 8
[  543.169559][ T9225] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,barrier,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: none.
[  543.196094][ T5598] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  543.556340][ T5598] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  543.595754][ T5598] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  543.612332][ T9211] loop0: detected capacity change from 0 to 40427
[  543.626060][ T5598] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  543.635753][ T5598] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  543.715219][ T9211] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  543.746560][ T9211] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  543.767372][ T9211] F2FS-fs (loop0): invalid crc value
[  543.836353][ T5598] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  543.845439][ T5598] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  543.860305][ T9211] F2FS-fs (loop0): Found nat_bits in checkpoint
[  543.886042][ T5598] usb 5-1: Product: syz
[  543.890258][ T5598] usb 5-1: Manufacturer: syz
[  543.894869][ T5598] usb 5-1: SerialNumber: syz
[  543.957248][ T9211] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  543.964361][ T9211] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  544.253966][ T5598] cdc_ncm 5-1:1.0: bind() failure
[  544.273415][ T5598] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  544.416343][ T9242] attempt to access beyond end of device
[  544.416343][ T9242] loop0: rw=34817, want=77952, limit=40427
[  544.484315][   T26] audit: type=1800 audit(1730511788.809:26): pid=9242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1288" name="bus" dev="loop0" ino=10 res=0 errno=0
[  544.638718][ T5598] cdc_ncm 5-1:1.1: bind() failure
[  544.666241][ T5598] usb 5-1: USB disconnect, device number 4
[  545.593893][  T144] attempt to access beyond end of device
[  545.593893][  T144] loop0: rw=1, want=78088, limit=40427
[  546.856286][ T5814] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  549.346239][ T5814] usb 2-1: config 0 has an invalid interface number: 131 but max is 0
[  551.034558][ T5814] usb 2-1: config 0 has no interface number 0
[  551.289923][ T5814] usb 2-1: New USB device found, idVendor=110a, idProduct=1251, bcdDevice=a6.60
[  551.309586][ T5814] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  551.358880][ T5814] usb 2-1: Product: syz
[  551.370980][ T5814] usb 2-1: Manufacturer: syz
[  551.395135][ T5814] usb 2-1: SerialNumber: syz
[  551.442391][ T5814] usb 2-1: config 0 descriptor??
[  552.226132][ T5814] mxuport 2-1:0.131: mxuport_send_ctrl_data_urb - usb_control_msg failed (-71)
[  552.257400][ T5814] mxuport 2-1:0.131: mxuport_send_ctrl_data_urb - usb_control_msg failed (-71)
[  552.340114][ T5814] mxuport: probe of 2-1:0.131 failed with error -71
[  552.403106][ T5814] usb 2-1: USB disconnect, device number 5
[  552.606892][ T9299] loop2: detected capacity change from 0 to 1024
[  554.018450][ T9299] hfsplus: request for non-existent node -709361664 in B*Tree
[  554.082505][ T9299] hfsplus: request for non-existent node -709361664 in B*Tree
[  554.146628][ T9299] hfsplus: b-tree write err: -5, ino 8
[  554.958576][ T5814] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  555.866498][ T5814] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  555.930704][ T5814] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  555.997218][ T5814] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  556.057605][ T5814] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  556.129821][ T5814] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  556.263880][ T9325] rdma_rxe: rxe_register_device failed with error -23
[  556.296195][ T9325] rdma_rxe: failed to add lo
[  556.326252][ T5814] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  556.335333][ T5814] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  556.384613][ T5814] usb 2-1: Product: syz
[  556.394767][ T5814] usb 2-1: Manufacturer: syz
[  556.480249][ T5814] cdc_wdm 2-1:1.0: skipping garbage
[  556.488644][ T5814] cdc_wdm 2-1:1.0: skipping garbage
[  556.529564][ T5814] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  556.535563][ T5814] cdc_wdm 2-1:1.0: Unknown control protocol
[  556.828953][ T5814] usb 2-1: USB disconnect, device number 6
[  556.836404][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  556.844802][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  556.850959][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  556.863467][ T9313] cdc_wdm 2-1:1.0: Tx URB error: -19
[  557.285348][ T9320] loop0: detected capacity change from 0 to 32768
[  557.646858][ T9313] loop1: detected capacity change from 0 to 128
[  557.673232][ T9320] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1319 (9320)
[  557.778998][ T9313] VFS: Found a Xenix FS (block size = 512) on device loop1
[  557.819732][ T9313] sysv_free_block: trying to free block not in datazone
[  557.888394][ T9313] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  557.970161][ T9320] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  557.999857][ T9320] BTRFS info (device loop0): force zlib compression, level 3
[  558.012079][ T9320] BTRFS info (device loop0): turning on sync discard
[  558.096775][ T9320] BTRFS info (device loop0): force clearing of disk cache
[  558.117986][ T9320] BTRFS info (device loop0): enabling auto defrag
[  558.245747][ T9320] BTRFS info (device loop0): turning off discard
[  558.503294][ T9320] BTRFS info (device loop0): using free space tree
[  558.699463][ T9320] BTRFS info (device loop0): has skinny extents
[  559.447577][ T9320] BTRFS error (device loop0): open_ctree failed
[  560.144999][ T9363] loop4: detected capacity change from 0 to 40427
[  560.171592][ T9363] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  560.206832][ T9363] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  560.804369][ T9385] rdma_rxe: rxe_register_device failed with error -23
[  560.827608][ T9363] F2FS-fs (loop4): invalid crc value
[  560.874500][ T9385] rdma_rxe: failed to add lo
[  560.891411][ T9386] loop0: detected capacity change from 0 to 512
[  560.916425][ T9363] F2FS-fs (loop4): Found nat_bits in checkpoint
[  561.183453][ T9386] EXT4-fs (loop0): Value of option "test_dummy_encryption=test_dummy_encryption" is unrecognized
[  561.332552][ T9363] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  561.340043][ T9363] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  562.312188][ T9404] attempt to access beyond end of device
[  562.312188][ T9404] loop4: rw=10241, want=45208, limit=40427
[  562.325426][ T9402] loop3: detected capacity change from 0 to 32768
[  562.357148][ T9406] loop1: detected capacity change from 0 to 64
[  562.366740][ T9402] XFS: ikeep mount option is deprecated.
[  562.676941][ T9402] XFS (loop3): Mounting V5 Filesystem
[  562.839575][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  562.846406][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  563.588378][ T9422] loop2: detected capacity change from 0 to 1024
[  563.602285][ T9406] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1338'.
[  563.623672][ T9402] XFS (loop3): Ending clean mount
[  563.631527][ T9402] XFS (loop3): Quotacheck needed: Please wait.
[  563.762749][ T9422] hfsplus: request for non-existent node -709361664 in B*Tree
[  563.797479][ T9402] XFS (loop3): Quotacheck: Done.
[  563.932497][ T9422] hfsplus: request for non-existent node -709361664 in B*Tree
[  563.973028][ T9422] hfsplus: b-tree write err: -5, ino 8
[  564.930182][ T4173] XFS (loop3): Unmounting Filesystem
[  565.954854][ T9432] loop1: detected capacity change from 0 to 32768
[  565.982020][ T9436] rdma_rxe: rxe_register_device failed with error -23
[  565.990037][ T9436] rdma_rxe: failed to add lo
[  565.996773][ T9432] XFS: ikeep mount option is deprecated.
[  566.190509][ T9432] XFS (loop1): Mounting V5 Filesystem
[  566.297087][ T9432] XFS (loop1): Ending clean mount
[  566.316660][ T9432] XFS (loop1): Quotacheck needed: Please wait.
[  566.349557][ T9452] sctp: [Deprecated]: syz.3.1342 (pid 9452) Use of struct sctp_assoc_value in delayed_ack socket option.
[  566.349557][ T9452] Use struct sctp_sack_info instead
[  566.570653][ T9432] XFS (loop1): Quotacheck: Done.
[  567.792440][ T9460] loop2: detected capacity change from 0 to 8
[  567.990384][ T9460] SQUASHFS error: zlib decompression failed, data probably corrupt
[  568.070308][ T9460] SQUASHFS error: Failed to read block 0x9b: -5
[  568.086251][ T9460] SQUASHFS error: Unable to read metadata cache entry [99]
[  568.284264][ T9460] SQUASHFS error: Unable to read inode 0x127
[  568.392796][ T4167] XFS (loop1): Unmounting Filesystem
[  568.966143][ T5599] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  569.056835][ T9481] rdma_rxe: already configured on lo
[  569.216265][ T5599] usb 5-1: Using ep0 maxpacket: 32
[  569.235330][ T9463] loop3: detected capacity change from 0 to 40427
[  569.336502][ T5599] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  569.479022][ T5599] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  569.630905][ T5599] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  569.671178][ T5599] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.728457][ T5599] usb 5-1: config 0 descriptor??
[  569.836121][ T9463] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  569.864313][ T9463] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  570.018046][ T9464] loop0: detected capacity change from 0 to 40427
[  570.047157][ T9463] F2FS-fs (loop3): Found nat_bits in checkpoint
[  570.078785][ T9483] loop1: detected capacity change from 0 to 32768
[  570.093760][ T9490] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1357'.
[  570.125075][ T9463] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  570.126802][ T9483] XFS: ikeep mount option is deprecated.
[  570.156974][ T9464] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  570.162025][ T9463] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  570.193850][ T9464] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  570.204090][ T5599] ft260 0003:0403:6030.0001: item fetching failed at offset 1/2
[  570.254582][ T9464] F2FS-fs (loop0): invalid crc value
[  570.295117][ T5599] ft260 0003:0403:6030.0001: failed to parse HID
[  570.326158][ T5599] ft260: probe of 0003:0403:6030.0001 failed with error -22
[  570.335213][ T9464] F2FS-fs (loop0): Found nat_bits in checkpoint
[  570.431537][ T5599] usb 5-1: USB disconnect, device number 5
[  570.447927][ T9464] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  570.462085][ T9464] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  570.490826][ T9483] XFS (loop1): Mounting V5 Filesystem
[  570.514700][ T9464] attempt to access beyond end of device
[  570.514700][ T9464] loop0: rw=10241, want=45208, limit=40427
[  570.590569][ T9508] loop2: detected capacity change from 0 to 1024
[  570.618597][ T9483] XFS (loop1): Ending clean mount
[  570.625575][ T9483] XFS (loop1): Quotacheck needed: Please wait.
[  570.687061][ T9508] hfsplus: request for non-existent node -709361664 in B*Tree
[  570.729060][ T9508] hfsplus: request for non-existent node -709361664 in B*Tree
[  570.773284][ T9508] hfsplus: b-tree write err: -5, ino 8
[  570.822022][ T9483] XFS (loop1): Quotacheck: Done.
[  570.955116][ T9510] fuse: Unknown parameter '0xffffffffffffffff01777777777777777777777'
[  572.120829][ T4167] XFS (loop1): Unmounting Filesystem
[  573.700611][ T9520] loop4: detected capacity change from 0 to 32768
[  574.125517][ T9526] loop1: detected capacity change from 0 to 32768
[  574.158751][ T9526] XFS: ikeep mount option is deprecated.
[  574.172625][ T9520] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1363 (9520)
[  574.215557][ T9520] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  574.293194][ T9520] BTRFS info (device loop4): using free space tree
[  574.307278][ T9520] BTRFS info (device loop4): has skinny extents
[  574.352676][ T9526] XFS (loop1): Mounting V5 Filesystem
[  574.529546][ T9526] XFS (loop1): Ending clean mount
[  574.542455][ T9526] XFS (loop1): Quotacheck needed: Please wait.
[  574.658160][   T26] audit: type=1800 audit(1730511819.109:27): pid=9558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1365" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  574.706292][ T9520] BTRFS info (device loop4): enabling ssd optimizations
[  574.802319][ T9526] XFS (loop1): Quotacheck: Done.
[  576.674552][ T9570] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1369'.
[  576.823059][ T4167] XFS (loop1): Unmounting Filesystem
[  576.865394][ T9578] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1371'.
[  578.213124][ T9576] loop3: detected capacity change from 0 to 40427
[  579.486192][ T9591] loop2: detected capacity change from 0 to 40427
[  580.068007][ T9591] F2FS-fs (loop2): Unrecognized mount option "smackfsroot=f2fs" or missing value
[  580.412112][ T9589] delete_channel: no stack
[  581.121370][ T9606] loop1: detected capacity change from 0 to 32768
[  581.276691][ T9606] XFS: ikeep mount option is deprecated.
[  583.901298][ T9610] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  584.586380][ T9620] loop4: detected capacity change from 0 to 32768
[  584.789647][ T9620] XFS: ikeep mount option is deprecated.
[  585.357653][ T9620] XFS (loop4): Mounting V5 Filesystem
[  585.859110][ T9620] XFS (loop4): Ending clean mount
[  586.007493][ T9620] XFS (loop4): Quotacheck needed: Please wait.
[  586.386500][ T9620] XFS (loop4): Quotacheck: Done.
[  588.207283][ T4171] XFS (loop4): Unmounting Filesystem
[  590.317222][ T9656] fuse: Bad value for 'fd'
[  590.650004][ T9663] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  592.543577][ T9672] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1396'.
[  593.025250][ T9676] loop1: detected capacity change from 0 to 32768
[  593.346701][ T9676] XFS: ikeep mount option is deprecated.
[  593.704846][ T9676] XFS (loop1): Mounting V5 Filesystem
[  593.818698][ T9672] team0 (unregistering): Port device team_slave_0 removed
[  593.943733][ T9672] team0 (unregistering): Port device team_slave_1 removed
[  594.296212][ T9676] XFS (loop1): Ending clean mount
[  594.571155][ T9696] loop4: detected capacity change from 0 to 1024
[  596.962824][ T9676] XFS (loop1): Quotacheck needed: Please wait.
[  597.102852][ T9703] fuse: Bad value for 'fd'
[  597.146231][ T9676] XFS (loop1): Quotacheck: Done.
[  598.017051][ T4167] XFS (loop1): Unmounting Filesystem
[  599.395347][ T5599] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  599.886096][ T5599] usb 5-1: Using ep0 maxpacket: 32
[  600.514194][ T9724] loop3: detected capacity change from 0 to 32768
[  600.546212][ T5599] usb 5-1: config 0 has an invalid interface number: 132 but max is 0
[  600.572527][ T5599] usb 5-1: config 0 has no interface number 0
[  600.586827][ T9724] XFS: ikeep mount option is deprecated.
[  600.589208][ T5599] usb 5-1: config 0 interface 132 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  600.657890][ T9724] XFS (loop3): Mounting V5 Filesystem
[  600.752868][ T9724] XFS (loop3): Ending clean mount
[  600.765091][ T9724] XFS (loop3): Quotacheck needed: Please wait.
[  600.786119][ T5599] usb 5-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  600.799610][ T5599] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.821235][ T5599] usb 5-1: Product: syz
[  600.825527][ T5599] usb 5-1: Manufacturer: syz
[  600.830448][ T5599] usb 5-1: SerialNumber: syz
[  600.837524][ T5599] usb 5-1: config 0 descriptor??
[  600.857192][ T9708] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  600.881357][ T5599] em28xx 5-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  600.901941][ T5599] em28xx 5-1:0.132: Video interface 132 found: bulk
[  600.933944][ T9724] XFS (loop3): Quotacheck: Done.
[  601.436134][ T5599] em28xx 5-1:0.132: unknown em28xx chip ID (0)
[  601.600506][ T5599] em28xx 5-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  601.663443][ T5599] em28xx 5-1:0.132: board has no eeprom
[  601.764102][ T4173] XFS (loop3): Unmounting Filesystem
[  601.836116][ T5599] em28xx 5-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  601.845541][ T5599] em28xx 5-1:0.132: analog set to bulk mode.
[  601.871848][ T5599] usb 5-1: USB disconnect, device number 6
[  601.878971][ T5599] em28xx 5-1:0.132: Disconnecting em28xx
[  601.905498][ T1322] em28xx 5-1:0.132: Registering V4L2 extension
[  602.270065][ T9751] loop2: detected capacity change from 0 to 64
[  603.021989][ T1322] em28xx 5-1:0.132: Config register raw data: 0xffffffed
[  603.045992][ T1322] em28xx 5-1:0.132: AC97 chip type couldn't be determined
[  603.053155][ T1322] em28xx 5-1:0.132: No AC97 audio processor
[  603.102617][ T1322] usb 5-1: Decoder not found
[  603.107312][ T1322] em28xx 5-1:0.132: failed to create media graph
[  603.113706][ T1322] em28xx 5-1:0.132: V4L2 device video103 deregistered
[  603.164540][ T1322] em28xx 5-1:0.132: Remote control support is not available for this card.
[  603.224964][ T5599] em28xx 5-1:0.132: Closing input extension
[  603.854893][ T5599] em28xx 5-1:0.132: Freeing device
[  608.773342][ T9790] loop3: detected capacity change from 0 to 32768
[  608.816682][ T9790] XFS: ikeep mount option is deprecated.
[  608.953108][ T9790] XFS (loop3): Mounting V5 Filesystem
[  609.063880][ T9790] XFS (loop3): Ending clean mount
[  609.071536][ T9790] XFS (loop3): Quotacheck needed: Please wait.
[  609.219084][ T9790] XFS (loop3): Quotacheck: Done.
[  609.404878][ T9788] loop0: detected capacity change from 0 to 32768
[  609.552118][ T9788] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1423 (9788)
[  609.591895][ T9788] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  609.608492][ T9788] BTRFS info (device loop0): using free space tree
[  609.769541][ T4173] XFS (loop3): Unmounting Filesystem
[  609.804908][ T9788] BTRFS info (device loop0): has skinny extents
[  610.576148][ T9788] BTRFS info (device loop0): enabling ssd optimizations
[  611.892050][ T9802] loop2: detected capacity change from 0 to 40427
[  612.028793][ T9802] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  612.066618][ T9802] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  612.108233][ T9802] F2FS-fs (loop2): invalid crc value
[  612.127327][ T9802] F2FS-fs (loop2): Found nat_bits in checkpoint
[  613.242878][ T9848] loop1: detected capacity change from 0 to 40427
[  613.325415][ T9840] loop3: detected capacity change from 0 to 32768
[  613.342251][ T9848] F2FS-fs (loop1): Unrecognized mount option "smackfsroot=f2fs" or missing value
[  613.504000][ T9846] delete_channel: no stack
[  614.155920][    C0] hrtimer: interrupt took 40202 ns
[  614.353123][ T9870] loop3: detected capacity change from 0 to 1024
[  614.435045][ T9870] hfsplus: request for non-existent node -709361664 in B*Tree
[  614.442932][ T9870] hfsplus: request for non-existent node -709361664 in B*Tree
[  614.450822][ T9870] hfsplus: b-tree write err: -5, ino 8
[  615.224824][ T9875] loop1: detected capacity change from 0 to 32768
[  615.310116][ T9889] input: syz0 as /devices/virtual/input/input12
[  615.637084][ T9875] XFS: ikeep mount option is deprecated.
[  616.614911][ T9902] loop3: detected capacity change from 0 to 1024
[  616.757751][ T9902] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[  616.797062][ T9902] EXT4-fs (loop3): invalid journal inode
[  616.814635][ T9875] XFS (loop1): Mounting V5 Filesystem
[  617.856639][ T9902] EXT4-fs (loop3): can't get journal size
[  617.877268][ T9902] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,resgid=0x0000000000000000,norecovery,commit=0x0000000000000005,nombcache,,errors=continue. Quota mode: writeback.
[  617.904186][ T9875] XFS (loop1): Ending clean mount
[  617.915157][ T9875] XFS (loop1): Quotacheck needed: Please wait.
[  617.935730][ T9910] loop2: detected capacity change from 0 to 40427
[  618.038391][ T9910] F2FS-fs (loop2): Unrecognized mount option "smackfsroot=f2fs" or missing value
[  618.052196][ T9875] XFS (loop1): Quotacheck: Done.
[  618.102278][ T4167] XFS (loop1): Unmounting Filesystem
[  618.373530][ T9905] delete_channel: no stack
[  621.311824][ T9929] loop0: detected capacity change from 0 to 32768
[  621.348807][   T26] audit: type=1326 audit(1730511865.809:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9926 comm="syz.3.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b5df23719 code=0x7ffc0000
[  621.385628][   T26] audit: type=1326 audit(1730511865.809:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9926 comm="syz.3.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b5df23719 code=0x7ffc0000
[  621.409202][ T9929] XFS: ikeep mount option is deprecated.
[  621.471306][   T26] audit: type=1326 audit(1730511865.829:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9926 comm="syz.3.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f8b5df23719 code=0x7ffc0000
[  621.527370][ T9929] XFS (loop0): Mounting V5 Filesystem
[  621.545064][   T26] audit: type=1326 audit(1730511865.829:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9926 comm="syz.3.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b5df23719 code=0x7ffc0000
[  621.774028][   T26] audit: type=1326 audit(1730511865.829:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9926 comm="syz.3.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b5df23719 code=0x7ffc0000
[  622.596581][ T9929] XFS (loop0): Ending clean mount
[  622.603853][ T9929] XFS (loop0): Quotacheck needed: Please wait.
[  622.856136][ T9929] XFS (loop0): Quotacheck: Done.
[  624.176278][ T4166] XFS (loop0): Unmounting Filesystem
[  624.227509][   T13] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  624.280802][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  624.287207][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  624.496135][   T13] usb 2-1: Using ep0 maxpacket: 8
[  624.948999][ T9969] loop2: detected capacity change from 0 to 1764
[  625.107679][   T13] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  625.183277][   T13] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  625.341624][   T13] usb 2-1: Product: syz
[  625.460787][   T13] usb 2-1: Manufacturer: syz
[  625.578464][   T13] usb 2-1: SerialNumber: syz
[  625.719331][   T13] usb 2-1: config 0 descriptor??
[  626.016332][   T13] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  626.037497][ T9962] loop4: detected capacity change from 0 to 40427
[  626.171563][ T9962] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  626.211176][ T9962] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  626.228297][ T9962] F2FS-fs (loop4): invalid crc value
[  626.240037][ T9962] F2FS-fs (loop4): Found nat_bits in checkpoint
[  626.312216][ T9962] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  626.319556][ T9962] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  629.691433][T10002] loop2: detected capacity change from 0 to 164
[  629.946320][   T13] dvb_usb_rtl28xxu: probe of 2-1:0.0 failed with error -71
[  629.961176][T10004] loop1: detected capacity change from 0 to 32768
[  629.974579][T10002] isofs_fill_super: root inode is not a directory. Corrupted media?
[  629.992905][   T13] usb 2-1: USB disconnect, device number 7
[  630.026730][T10004] XFS: ikeep mount option is deprecated.
[  630.162056][T10004] XFS (loop1): Mounting V5 Filesystem
[  630.272955][T10004] XFS (loop1): Ending clean mount
[  630.302690][T10004] XFS (loop1): Quotacheck needed: Please wait.
[  630.443464][T10004] XFS (loop1): Quotacheck: Done.
[  631.052062][ T4167] XFS (loop1): Unmounting Filesystem
[  632.601434][T10040] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  633.408518][T10057] loop1: detected capacity change from 0 to 40427
[  634.177762][T10057] F2FS-fs (loop1): Unrecognized mount option "smackfsroot=f2fs" or missing value
[  634.329292][T10055] delete_channel: no stack
[  634.941361][T10065] fuse: Bad value for 'fd'
[  635.027156][T10068] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  635.421836][T10083] loop0: detected capacity change from 0 to 1764
[  636.207530][T10088] loop4: detected capacity change from 0 to 16
[  636.306211][T10088] erofs: (device loop4): mounted with root inode @ nid 36.
[  636.806521][T10094] erofs: (device loop4): z_erofs_fill_inode_lazy: unknown compression format 15 for nid 36, please upgrade kernel
[  636.819224][T10094] erofs: (device loop4): z_erofs_readpage: failed to read, err [-95]
[  638.118887][T10104] loop0: detected capacity change from 0 to 1024
[  638.221001][T10104] hfsplus: request for non-existent node -709361664 in B*Tree
[  638.228664][T10104] hfsplus: request for non-existent node -709361664 in B*Tree
[  638.236584][T10104] hfsplus: b-tree write err: -5, ino 8
[  639.065046][T10109] loop3: detected capacity change from 0 to 40427
[  639.365081][T10113] fuse: Bad value for 'fd'
[  639.784600][T10120] loop2: detected capacity change from 0 to 512
[  639.814464][T10109] F2FS-fs (loop3): Unrecognized mount option "smackfsroot=f2fs" or missing value
[  640.092097][T10124] rdma_rxe: rxe_register_device failed with error -23
[  640.099080][T10124] rdma_rxe: failed to add lo
[  640.711619][T10106] delete_channel: no stack
[  640.960949][T10135] loop3: detected capacity change from 0 to 8
[  640.984793][T10120] EXT4-fs (loop2): 1 orphan inode deleted
[  640.997459][T10120] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  641.022393][T10120] ext4 filesystem being mounted at /308/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  641.215225][T10134] loop1: detected capacity change from 0 to 4096
[  641.880076][   T26] audit: type=1800 audit(1730511886.309:33): pid=10143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1500" name="file1" dev="loop2" ino=15 res=0 errno=0
[  641.980767][T10134] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  643.264384][T10157] loop2: detected capacity change from 0 to 1764
[  644.411543][T10161] loop0: detected capacity change from 0 to 1024
[  644.608534][T10161] hfsplus: request for non-existent node -709361664 in B*Tree
[  644.616199][T10161] hfsplus: request for non-existent node -709361664 in B*Tree
[  644.624094][T10161] hfsplus: b-tree write err: -5, ino 8
[  644.805179][T10169] fuse: Bad value for 'fd'
[  645.070873][ T5812] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  645.359400][ T5812] usb 5-1: Using ep0 maxpacket: 16
[  645.385715][T10181] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1516'.
[  645.410220][T10178] rdma_rxe: rxe_register_device failed with error -23
[  645.417266][T10178] rdma_rxe: failed to add lo
[  645.487152][ T5812] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  645.516654][T10181] device bridge_slave_1 left promiscuous mode
[  645.639825][T10181] bridge0: port 2(bridge_slave_1) entered disabled state
[  645.648274][T10180] loop1: detected capacity change from 0 to 64
[  645.673091][T10181] device bridge_slave_0 left promiscuous mode
[  645.682890][T10181] bridge0: port 1(bridge_slave_0) entered disabled state
[  645.720894][T10180] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  645.728891][ T5812] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  645.741016][ T5812] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  645.760382][ T5812] usb 5-1: Product: syz
[  645.764587][ T5812] usb 5-1: Manufacturer: syz
[  645.772444][ T5812] usb 5-1: SerialNumber: syz
[  646.111273][ T5812] usb 5-1: config 0 descriptor??
[  646.367092][T10188] loop3: detected capacity change from 0 to 512
[  646.399509][ T5812] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  646.678777][ T5812] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  646.757800][T10188] EXT4-fs (loop3): 1 orphan inode deleted
[  646.777534][T10188] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  646.811328][T10188] ext4 filesystem being mounted at /300/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  647.520865][T10205] loop1: detected capacity change from 0 to 1764
[  648.946124][   T26] audit: type=1800 audit(1730511893.379:34): pid=10202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1518" name="file1" dev="loop3" ino=15 res=0 errno=0
[  649.014823][ T5812] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  649.632767][T10219] loop2: detected capacity change from 0 to 22
[  650.626736][T10219] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  650.634145][T10226] rdma_rxe: rxe_register_device failed with error -23
[  650.641245][T10226] rdma_rxe: failed to add lo
[  650.656457][ T5812] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  650.664493][ T5812] em28xx 5-1:0.0: board has no eeprom
[  650.776218][T10219] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  651.157651][ T5812] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  651.203901][ T5812] em28xx 5-1:0.0: dvb set to bulk mode.
[  651.586130][ T4245] em28xx 5-1:0.0: Binding DVB extension
[  651.657169][ T5812] usb 5-1: USB disconnect, device number 7
[  651.669957][ T5812] em28xx 5-1:0.0: Disconnecting em28xx
[  651.820794][T10242] loop0: detected capacity change from 0 to 512
[  651.862843][ T4245] em28xx 5-1:0.0: Registering input extension
[  651.874890][ T5812] em28xx 5-1:0.0: Closing input extension
[  651.972449][ T5812] em28xx 5-1:0.0: Freeing device
[  652.002107][T10242] EXT4-fs (loop0): 1 orphan inode deleted
[  652.034671][T10242] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  652.118323][T10242] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  654.592875][T10276] loop2: detected capacity change from 0 to 4096
[  654.612985][T10272] rdma_rxe: rxe_register_device failed with error -23
[  654.620076][T10272] rdma_rxe: failed to add lo
[  654.734506][T10276] ntfs3: loop2: ino=3, Correct links count -> 2.
[  656.011431][T10293] loop3: detected capacity change from 0 to 256
[  657.397017][T10302] loop2: detected capacity change from 0 to 4096
[  657.495170][T10302] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  657.578171][T10302] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  657.607654][T10302] ntfs3: loop2: Failed to load $Extend.
[  658.530039][T10315] loop1: detected capacity change from 0 to 64
[  658.838760][ T5498] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  658.924556][ T5498] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  659.211903][ T5498] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  659.807926][ T5498] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  659.831649][T10321] lo speed is unknown, defaulting to 1000
[  661.833581][ T5598] Bluetooth: hci0: command 0x0409 tx timeout
[  662.171112][T10321] chnl_net:caif_netlink_parms(): no params data found
[  663.130316][T10365] loop4: detected capacity change from 0 to 64
[  663.339606][T10375] loop1: detected capacity change from 0 to 256
[  663.509458][T10384] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1569'.
[  663.519677][T10384] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1569'.
[  663.957755][ T5598] Bluetooth: hci0: command 0x041b tx timeout
[  664.559206][T10321] bridge0: port 1(bridge_slave_0) entered blocking state
[  664.613909][T10321] bridge0: port 1(bridge_slave_0) entered disabled state
[  664.637265][T10321] device bridge_slave_0 entered promiscuous mode
[  664.683695][T10321] bridge0: port 2(bridge_slave_1) entered blocking state
[  664.706882][T10321] bridge0: port 2(bridge_slave_1) entered disabled state
[  664.741880][T10321] device bridge_slave_1 entered promiscuous mode
[  665.884491][T10408] rdma_rxe: rxe_register_device failed with error -23
[  665.891537][T10408] rdma_rxe: failed to add lo
[  666.085312][T10410] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.1576'.
[  666.138150][T10410] netlink: zone id is out of range
[  666.167212][T10410] netlink: zone id is out of range
[  666.214105][T10410] netlink: del zone limit has 4 unknown bytes
[  666.229918][ T1322] Bluetooth: hci0: command 0x040f tx timeout
[  666.305971][T10321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  666.334317][T10321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  666.601441][T10321] team0: Port device team_slave_0 added
[  666.735097][T10321] team0: Port device team_slave_1 added
[  666.989407][T10321] batman_adv: batadv0: Adding interface: batadv_slave_0
[  667.045978][T10321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  667.103086][T10321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  667.202126][T10321] batman_adv: batadv0: Adding interface: batadv_slave_1
[  667.216221][T10321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  667.334015][T10321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  667.693627][T10321] device hsr_slave_0 entered promiscuous mode
[  667.792067][T10321] device hsr_slave_1 entered promiscuous mode
[  668.111753][T10441] loop1: detected capacity change from 0 to 256
[  668.172406][T10441] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  668.213771][ T5498] device hsr_slave_0 left promiscuous mode
[  668.235044][ T5498] device hsr_slave_1 left promiscuous mode
[  668.276106][ T1322] Bluetooth: hci0: command 0x0419 tx timeout
[  668.283843][T10415] loop3: detected capacity change from 0 to 32768
[  668.313215][ T5498] device bridge_slave_1 left promiscuous mode
[  668.329768][ T5498] bridge0: port 2(bridge_slave_1) entered disabled state
[  668.378221][ T5498] device bridge_slave_0 left promiscuous mode
[  668.384568][ T5498] bridge0: port 1(bridge_slave_0) entered disabled state
[  668.499945][T10415] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  668.576744][T10415] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  668.591316][T10446] loop1: detected capacity change from 0 to 64
[  668.664978][T10415] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  668.687087][ T5814] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  668.694389][ T5814] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  668.759018][T10424] loop4: detected capacity change from 0 to 32768
[  668.767085][ T5498] device veth1_macvtap left promiscuous mode
[  668.773785][ T5498] device veth0_macvtap left promiscuous mode
[  668.780103][ T5498] device veth1_vlan left promiscuous mode
[  668.797497][ T5498] device veth0_vlan left promiscuous mode
[  669.092534][ T5814] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 398ms
[  669.167528][ T5814] gfs2: fsid=syz:syz.0: jid=0: Done
[  669.204637][T10415] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  669.356146][T10424] XFS (loop4): Mounting V5 Filesystem
[  669.375800][T10415] gfs2: fsid=syz:syz.0: can't start logd thread: -4
[  669.640932][T10424] XFS (loop4): Ending clean mount
[  670.399962][T10474] loop2: detected capacity change from 0 to 256
[  670.459046][T10477] rdma_rxe: rxe_register_device failed with error -23
[  670.466231][T10477] rdma_rxe: failed to add lo
[  670.494666][ T4171] XFS (loop4): Unmounting Filesystem
[  671.310401][ T5498] team0 (unregistering): Port device team_slave_1 removed
[  671.378123][ T5498] team0 (unregistering): Port device team_slave_0 removed
[  671.454159][ T5498] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  671.527089][ T5498] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  671.632990][T10488] loop3: detected capacity change from 0 to 512
[  671.693090][ T5498] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  671.709226][ T5498] bond0 (unregistering): Released all slaves
[  672.019169][T10488] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  672.486057][T10321] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  672.717291][T10321] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  672.718626][T10502] loop3: detected capacity change from 0 to 64
[  672.823909][T10321] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  673.006474][T10513] loop4: detected capacity change from 0 to 256
[  673.047529][T10513] FAT-fs (loop4): Unrecognized mount option "ùÿÿ" or missing value
[  673.220463][T10321] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  674.016127][T10321] 8021q: adding VLAN 0 to HW filter on device bond0
[  674.074851][ T1412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  674.098840][ T1412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  674.142272][T10530] loop3: detected capacity change from 0 to 4096
[  674.148702][T10321] 8021q: adding VLAN 0 to HW filter on device team0
[  674.168244][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  674.186821][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  674.215814][ T4321] bridge0: port 1(bridge_slave_0) entered blocking state
[  674.222973][ T4321] bridge0: port 1(bridge_slave_0) entered forwarding state
[  674.272174][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  674.886791][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  674.904496][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  675.501670][ T4321] bridge0: port 2(bridge_slave_1) entered blocking state
[  675.509056][ T4321] bridge0: port 2(bridge_slave_1) entered forwarding state
[  675.606481][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  675.630924][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  675.641066][ T4173] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[  675.655973][ T4173] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  675.674250][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  675.696428][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  675.807055][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  675.829651][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  675.989709][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  676.036241][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  676.073221][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  676.114573][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  676.161954][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  676.215023][T10321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  676.618758][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  676.636277][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  676.701688][T10321] 8021q: adding VLAN 0 to HW filter on device batadv0
[  677.966066][ T1322] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  678.143395][T10574] loop2: detected capacity change from 0 to 64
[  678.236318][ T1322] usb 5-1: Using ep0 maxpacket: 32
[  678.516384][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  678.526895][ T1322] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  678.542307][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  678.554253][ T1322] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  678.642734][ T1322] usb 5-1: Product: syz
[  678.647295][ T1322] usb 5-1: Manufacturer: syz
[  678.651921][ T1322] usb 5-1: SerialNumber: syz
[  678.660447][ T1322] usb 5-1: config 0 descriptor??
[  678.710381][ T1322] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  678.729764][ T1421] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  678.766352][ T1421] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  678.797493][T10321] device veth0_vlan entered promiscuous mode
[  678.805832][ T1421] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  678.954442][ T1421] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  678.988860][T10321] device veth1_vlan entered promiscuous mode
[  679.916476][ T1322] gspca_stk1135: reg_w 0x0 err -110
[  679.922795][ T1322] gspca_stk1135: serial bus timeout: status=0x00
[  679.936020][ T1322] gspca_stk1135: Sensor write failed
[  679.942245][ T1322] gspca_stk1135: serial bus timeout: status=0x00
[  679.956381][ T1322] gspca_stk1135: Sensor write failed
[  679.964845][ T1412] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  679.985828][ T1412] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  680.000838][ T1322] gspca_stk1135: serial bus timeout: status=0x00
[  680.043073][ T1322] gspca_stk1135: Sensor read failed
[  680.047242][ T1412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  680.089564][ T1322] gspca_stk1135: serial bus timeout: status=0x00
[  680.099204][ T1412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  680.113846][ T1322] gspca_stk1135: Sensor read failed
[  680.138195][ T1322] gspca_stk1135: Detected sensor type unknown (0x0)
[  680.175549][ T1322] gspca_stk1135: serial bus timeout: status=0x00
[  680.202665][ T1322] gspca_stk1135: Sensor read failed
[  680.222967][ T1322] gspca_stk1135: serial bus timeout: status=0x00
[  680.368794][T10321] device veth0_macvtap entered promiscuous mode
[  680.595516][ T1322] gspca_stk1135: Sensor read failed
[  680.601556][ T1322] gspca_stk1135: serial bus timeout: status=0x00
[  680.608072][ T1322] gspca_stk1135: Sensor write failed
[  680.613474][ T1322] gspca_stk1135: serial bus timeout: status=0x00
[  680.619989][ T1322] gspca_stk1135: Sensor write failed
[  680.625462][ T1322] stk1135: probe of 5-1:0.0 failed with error -110
[  680.836261][ T1322] usb 5-1: USB disconnect, device number 8
[  681.659458][T10321] device veth1_macvtap entered promiscuous mode
[  681.707878][ T1412] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  681.721382][ T1412] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  681.745207][T10615] loop3: detected capacity change from 0 to 512
[  681.801189][T10321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  681.885160][T10321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  681.948271][T10321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  682.006339][T10321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.069173][T10321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  682.115408][T10321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.157441][T10321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  682.198741][T10321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  682.659800][T10321] batman_adv: batadv0: Interface activated: batadv_slave_0
[  682.710739][T10615] EXT4-fs (loop3): 1 orphan inode deleted
[  682.739483][T10615] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  682.754148][ T1412] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  682.770704][ T1412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  682.858112][T10639] loop4: detected capacity change from 0 to 64
[  682.868339][T10615] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  682.920543][T10321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.766064][   T26] audit: type=1800 audit(1730511928.219:35): pid=10644 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1611" name="file1" dev="loop3" ino=15 res=0 errno=0
[  683.849891][T10321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  683.933789][T10321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  683.986137][T10321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  684.024913][T10321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  684.073045][T10321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  684.093986][T10321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  684.125073][T10321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  684.175854][T10321] batman_adv: batadv0: Interface activated: batadv_slave_1
[  684.313854][T10321] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  684.381189][T10321] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  684.414233][T10321] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  684.495731][T10321] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  684.576979][ T4220] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  684.643578][ T4220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  685.744546][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  685.782951][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  688.807804][T10686] loop1: detected capacity change from 0 to 512
[  688.850465][ T4236] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  688.883293][ T4236] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  688.898218][T10689] loop2: detected capacity change from 0 to 64
[  689.175293][T10686] EXT4-fs (loop1): 1 orphan inode deleted
[  689.216312][T10686] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  689.238125][T10686] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  689.274619][ T5498] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  689.480800][ T5498] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  689.499209][ T5498] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  690.076504][   T26] audit: type=1800 audit(1730511934.439:36): pid=10701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1625" name="file1" dev="loop1" ino=15 res=0 errno=0
[  690.329249][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  693.141816][T10723] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  695.186526][T10745] dlm: no locking on control device
[  695.954950][T10757] loop5: detected capacity change from 0 to 512
[  695.967299][T10758] loop1: detected capacity change from 0 to 16
[  696.021791][ T5810] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  696.183701][T10763] loop2: detected capacity change from 0 to 1024
[  696.489528][T10758] erofs: (device loop1): mounted with root inode @ nid 36.
[  696.739183][T10757] EXT4-fs (loop5): 1 orphan inode deleted
[  696.890409][T10757] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  696.917735][T10757] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  697.084985][T10763] hfsplus: keylen 65060 too large
[  697.118931][T10763] hfsplus: xattr searching failed
[  697.136257][ T5810] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  697.607420][   T26] audit: type=1800 audit(1730511942.069:37): pid=10778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1639" name="file1" dev="loop5" ino=15 res=0 errno=0
[  697.863704][ T5810] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  697.950577][T10787] loop1: detected capacity change from 0 to 128
[  697.974550][ T5810] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  697.993015][ T5810] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  698.007741][T10787] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  698.028209][ T5810] usb 5-1: SerialNumber: syz
[  698.107218][ T5810] cdc_ether: probe of 5-1:1.0 failed with error -22
[  698.124409][T10791] 
[  698.126783][T10791] ======================================================
[  698.133807][T10791] WARNING: possible circular locking dependency detected
[  698.134578][ T5810] usb-storage 5-1:1.0: USB Mass Storage device detected
[  698.140917][T10791] 5.15.170-syzkaller #0 Not tainted
[  698.140931][T10791] ------------------------------------------------------
[  698.140938][T10791] syz.2.1646/10791 is trying to acquire lock:
[  698.140949][T10791] ffff88801f494888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1e7/0x4f0
[  698.175467][T10791] 
[  698.175467][T10791] but task is already holding lock:
[  698.182836][T10791] ffff88807bd0d868 (&pipe->mutex/1){+.+.}-{3:3}, at: iter_file_splice_write+0x2ab/0xfa0
[  698.192711][T10791] 
[  698.192711][T10791] which lock already depends on the new lock.
[  698.192711][T10791] 
[  698.203130][T10791] 
[  698.203130][T10791] the existing dependency chain (in reverse order) is:
[  698.212151][T10791] 
[  698.212151][T10791] -> #7 (&pipe->mutex/1){+.+.}-{3:3}:
[  698.219770][T10791]        lock_acquire+0x1db/0x4f0
[  698.224794][T10791]        __mutex_lock_common+0x1da/0x25a0
[  698.230507][T10791]        mutex_lock_nested+0x17/0x20
[  698.235786][T10791]        iter_file_splice_write+0x2ab/0xfa0
[  698.241688][T10791]        do_splice+0xfe6/0x1790
[  698.246542][T10791]        __se_sys_splice+0x340/0x420
[  698.251830][T10791]        do_syscall_64+0x3b/0xb0
[  698.256784][T10791]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  698.263200][T10791] 
[  698.263200][T10791] -> #6 (sb_writers#3){.+.+}-{0:0}:
[  698.270606][T10791]        lock_acquire+0x1db/0x4f0
[  698.275631][T10791]        lo_write_bvec+0x1a3/0x740
[  698.280749][T10791]        loop_process_work+0x2309/0x2af0
[  698.286394][T10791]        process_one_work+0x8a1/0x10c0
[  698.291864][T10791]        worker_thread+0xaca/0x1280
[  698.297087][T10791]        kthread+0x3f6/0x4f0
[  698.301671][T10791]        ret_from_fork+0x1f/0x30
[  698.306606][T10791] 
[  698.306606][T10791] -> #5 ((work_completion)(&worker->work)){+.+.}-{0:0}:
[  698.315823][T10791]        lock_acquire+0x1db/0x4f0
[  698.320904][T10791]        process_one_work+0x7f1/0x10c0
[  698.326366][T10791]        worker_thread+0xaca/0x1280
[  698.331579][T10791]        kthread+0x3f6/0x4f0
[  698.336163][T10791]        ret_from_fork+0x1f/0x30
[  698.341122][T10791] 
[  698.341122][T10791] -> #4 ((null)){+.+.}-{0:0}:
[  698.347985][T10791]        lock_acquire+0x1db/0x4f0
[  698.353004][T10791]        flush_workqueue+0x170/0x1610
[  698.358378][T10791]        drain_workqueue+0xc5/0x390
[  698.363588][T10791]        destroy_workqueue+0x7b/0xae0
[  698.368985][T10791]        __loop_clr_fd+0x241/0xbe0
[  698.374091][T10791]        blkdev_put+0x455/0x790
[  698.378934][T10791]        deactivate_locked_super+0xa0/0x110
[  698.384828][T10791]        cleanup_mnt+0x44e/0x500
[  698.389763][T10791]        task_work_run+0x129/0x1a0
[  698.394871][T10791]        exit_to_user_mode_loop+0x106/0x130
[  698.400758][T10791]        exit_to_user_mode_prepare+0xb1/0x140
[  698.406819][T10791]        syscall_exit_to_user_mode+0x5d/0x240
[  698.412898][T10791]        do_syscall_64+0x47/0xb0
[  698.417841][T10791]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  698.424290][T10791] 
[  698.424290][T10791] -> #3 (&lo->lo_mutex){+.+.}-{3:3}:
[  698.432271][T10791]        lock_acquire+0x1db/0x4f0
[  698.437291][T10791]        __mutex_lock_common+0x1da/0x25a0
[  698.443001][T10791]        mutex_lock_killable_nested+0x17/0x20
[  698.449183][T10791]        lo_open+0x68/0x100
[  698.453712][T10791]        blkdev_get_whole+0x94/0x390
[  698.458998][T10791]        blkdev_get_by_dev+0x2bc/0xa50
[  698.464466][T10791]        blkdev_open+0x138/0x2d0
[  698.469393][T10791]        do_dentry_open+0x807/0xfb0
[  698.474582][T10791]        path_openat+0x2705/0x2f20
[  698.479689][T10791]        do_filp_open+0x21c/0x460
[  698.484710][T10791]        do_sys_openat2+0x13b/0x4f0
[  698.489900][T10791]        __x64_sys_openat+0x243/0x290
[  698.495266][T10791]        do_syscall_64+0x3b/0xb0
[  698.500200][T10791]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  698.506609][T10791] 
[  698.506609][T10791] -> #2 (&disk->open_mutex){+.+.}-{3:3}:
[  698.514421][T10791]        lock_acquire+0x1db/0x4f0
[  698.519450][T10791]        __mutex_lock_common+0x1da/0x25a0
[  698.525182][T10791]        mutex_lock_nested+0x17/0x20
[  698.530474][T10791]        blkdev_get_by_dev+0x14d/0xa50
[  698.535938][T10791]        swsusp_check+0xb1/0x2c0
[  698.540897][T10791]        software_resume+0xc6/0x3c0
[  698.546141][T10791]        resume_store+0xe3/0x130
[  698.551087][T10791]        kernfs_fop_write_iter+0x3a2/0x4f0
[  698.556913][T10791]        vfs_write+0xacd/0xe50
[  698.561690][T10791]        ksys_write+0x1a2/0x2c0
[  698.566657][T10791]        do_syscall_64+0x3b/0xb0
[  698.571611][T10791]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  698.578037][T10791] 
[  698.578037][T10791] -> #1 (system_transition_mutex/1){+.+.}-{3:3}:
[  698.586553][T10791]        lock_acquire+0x1db/0x4f0
[  698.591575][T10791]        __mutex_lock_common+0x1da/0x25a0
[  698.597469][T10791]        mutex_lock_nested+0x17/0x20
[  698.602794][T10791]        software_resume+0x7c/0x3c0
[  698.607989][T10791]        resume_store+0xe3/0x130
[  698.612922][T10791]        kernfs_fop_write_iter+0x3a2/0x4f0
[  698.618723][T10791]        vfs_write+0xacd/0xe50
[  698.623511][T10791]        ksys_write+0x1a2/0x2c0
[  698.628479][T10791]        do_syscall_64+0x3b/0xb0
[  698.633407][T10791]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  698.639839][T10791] 
[  698.639839][T10791] -> #0 (&of->mutex){+.+.}-{3:3}:
[  698.647037][T10791]        validate_chain+0x1649/0x5930
[  698.652401][T10791]        __lock_acquire+0x1295/0x1ff0
[  698.657763][T10791]        lock_acquire+0x1db/0x4f0
[  698.662775][T10791]        __mutex_lock_common+0x1da/0x25a0
[  698.668614][T10791]        mutex_lock_nested+0x17/0x20
[  698.673900][T10791]        kernfs_fop_write_iter+0x1e7/0x4f0
[  698.679715][T10791]        do_iter_readv_writev+0x594/0x7a0
[  698.685451][T10791]        do_iter_write+0x1e6/0x760
[  698.690581][T10791]        iter_file_splice_write+0x806/0xfa0
[  698.696491][T10791]        do_splice+0xfe6/0x1790
[  698.701337][T10791]        __se_sys_splice+0x340/0x420
[  698.706618][T10791]        do_syscall_64+0x3b/0xb0
[  698.711553][T10791]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  698.718003][T10791] 
[  698.718003][T10791] other info that might help us debug this:
[  698.718003][T10791] 
[  698.728227][T10791] Chain exists of:
[  698.728227][T10791]   &of->mutex --> sb_writers#3 --> &pipe->mutex/1
[  698.728227][T10791] 
[  698.740485][T10791]  Possible unsafe locking scenario:
[  698.740485][T10791] 
[  698.747925][T10791]        CPU0                    CPU1
[  698.753279][T10791]        ----                    ----
[  698.758722][T10791]   lock(&pipe->mutex/1);
[  698.763209][T10791]                                lock(sb_writers#3);
[  698.769994][T10791]                                lock(&pipe->mutex/1);
[  698.776857][T10791]   lock(&of->mutex);
[  698.780941][T10791] 
[  698.780941][T10791]  *** DEADLOCK ***
[  698.780941][T10791] 
[  698.789160][T10791] 2 locks held by syz.2.1646/10791:
[  698.794451][T10791]  #0: ffff88807ecbe460 (sb_writers#8){.+.+}-{0:0}, at: __se_sys_splice+0x340/0x420
[  698.803892][T10791]  #1: ffff88807bd0d868 (&pipe->mutex/1){+.+.}-{3:3}, at: iter_file_splice_write+0x2ab/0xfa0
[  698.814098][T10791] 
[  698.814098][T10791] stack backtrace:
[  698.819974][T10791] CPU: 1 PID: 10791 Comm: syz.2.1646 Not tainted 5.15.170-syzkaller #0
[  698.828214][T10791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  698.838260][T10791] Call Trace:
[  698.841534][T10791]  <TASK>
[  698.844462][T10791]  dump_stack_lvl+0x1e3/0x2d0
[  698.849140][T10791]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  698.854770][T10791]  ? print_circular_bug+0x12b/0x1a0
[  698.859972][T10791]  check_noncircular+0x2f8/0x3b0
[  698.864919][T10791]  ? add_chain_block+0x850/0x850
[  698.869921][T10791]  ? lockdep_lock+0x11f/0x2a0
[  698.874591][T10791]  ? _find_first_zero_bit+0xcf/0xf0
[  698.879794][T10791]  validate_chain+0x1649/0x5930
[  698.884662][T10791]  ? reacquire_held_locks+0x660/0x660
[  698.890047][T10791]  ? look_up_lock_class+0x77/0x120
[  698.895148][T10791]  ? register_lock_class+0x100/0x9a0
[  698.900425][T10791]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  698.906396][T10791]  ? is_dynamic_key+0x1f0/0x1f0
[  698.911238][T10791]  ? mark_lock+0x98/0x340
[  698.915556][T10791]  __lock_acquire+0x1295/0x1ff0
[  698.920417][T10791]  lock_acquire+0x1db/0x4f0
[  698.924944][T10791]  ? kernfs_fop_write_iter+0x1e7/0x4f0
[  698.930433][T10791]  ? read_lock_is_recursive+0x10/0x10
[  698.935825][T10791]  ? __might_sleep+0xc0/0xc0
[  698.940441][T10791]  __mutex_lock_common+0x1da/0x25a0
[  698.945638][T10791]  ? kernfs_fop_write_iter+0x1e7/0x4f0
[  698.951139][T10791]  ? kernfs_fop_write_iter+0x1e7/0x4f0
[  698.956599][T10791]  ? mutex_lock_io_nested+0x60/0x60
[  698.961792][T10791]  ? __virt_addr_valid+0x3bb/0x460
[  698.966916][T10791]  ? 0xffffffff81000000
[  698.971091][T10791]  ? __check_object_size+0x300/0x410
[  698.976372][T10791]  mutex_lock_nested+0x17/0x20
[  698.981140][T10791]  kernfs_fop_write_iter+0x1e7/0x4f0
[  698.986421][T10791]  do_iter_readv_writev+0x594/0x7a0
[  698.991614][T10791]  ? generic_file_rw_checks+0x260/0x260
[  698.997160][T10791]  ? common_file_perm+0x17d/0x1d0
[  699.002182][T10791]  ? fsnotify_perm+0x64/0x590
[  699.006858][T10791]  ? security_file_permission+0x75/0xa0
[  699.012435][T10791]  do_iter_write+0x1e6/0x760
[  699.017032][T10791]  ? vfs_iter_write+0x69/0xa0
[  699.021720][T10791]  iter_file_splice_write+0x806/0xfa0
[  699.027090][T10791]  ? splice_from_pipe+0x230/0x230
[  699.032116][T10791]  ? rcu_read_lock_bh_held+0x110/0x110
[  699.037571][T10791]  ? fsnotify_perm+0x64/0x590
[  699.042238][T10791]  ? splice_from_pipe+0x230/0x230
[  699.047253][T10791]  do_splice+0xfe6/0x1790
[  699.051604][T10791]  ? __fget_files+0x413/0x480
[  699.056280][T10791]  ? wait_for_space+0x2d0/0x2d0
[  699.061128][T10791]  ? __fdget+0x191/0x220
[  699.065364][T10791]  __se_sys_splice+0x340/0x420
[  699.070127][T10791]  ? __x64_sys_splice+0xf0/0xf0
[  699.074972][T10791]  ? syscall_enter_from_user_mode+0x2e/0x240
[  699.080944][T10791]  ? lockdep_hardirqs_on+0x94/0x130
[  699.086143][T10791]  ? __x64_sys_splice+0x1d/0xf0
[  699.091006][T10791]  do_syscall_64+0x3b/0xb0
[  699.095413][T10791]  ? clear_bhb_loop+0x15/0x70
[  699.100129][T10791]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  699.106048][T10791] RIP: 0033:0x7fc9ec3e2719
[  699.110457][T10791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  699.130056][T10791] RSP: 002b:00007fc9ea839038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  699.138475][T10791] RAX: ffffffffffffffda RBX: 00007fc9ec59a058 RCX: 00007fc9ec3e2719
[  699.146440][T10791] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  699.154508][T10791] RBP: 00007fc9ec45532e R08: 000000000000bfcd R09: 0000000000000000
[  699.162494][T10791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  699.170479][T10791] R13: 0000000000000001 R14: 00007fc9ec59a058 R15: 00007ffea9370578
[  699.178470][T10791]  </TASK>
[  699.235748][ T5810] usb-storage 5-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  699.276273][ T5810] scsi host1: usb-storage 5-1:1.0
[  699.334273][ T5810] usb 5-1: USB disconnect, device number 9