last executing test programs:

36.858557483s ago: executing program 2 (id=413):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x264e33, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x4, 0x0, 0x33)

36.600854564s ago: executing program 2 (id=414):
r0 = syz_open_dev$media(&(0x7f0000000000), 0x3, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000100)={0x80000000, 0x0, &(0x7f0000000240)})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000200)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f0000000040))

36.485721093s ago: executing program 2 (id=415):
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000055c0), 0x400023c, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)

27.664710008s ago: executing program 2 (id=448):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300"/3601], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, &(0x7f0000000000)={0x0, [], '\x00', [], '\x00', 0x0, 0x0, 0x0, 0x2})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000480)={[0xfffffffffffffffd]}, 0x0, 0x8)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x1e)
write(r2, &(0x7f0000000080)="0500030001003f", 0x7)

27.333967305s ago: executing program 2 (id=450):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@ipv6_newnexthop={0x30, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_FDB={0x4}, @NHA_ID={0x8}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @local}}]}, 0x30}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600), 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003280)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xc}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_pedit={0x30, 0x0, 0x0, 0x0, {{0xa}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x68}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001680)=@newtfilter={0x34, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x18}, {0xc}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}}, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000380), 0x1, 0x2de, &(0x7f00000003c0)="$eJzs3bGLI1UcB/Df7a6erNwlhQgK4kMbbYZNaosLsguHAUUvggrCnDvRkEmyZEIgh7h2tv4TFieWgoUg/gPb+DfYbbPlFYeRuzlzG1kr9QK3n0/zvvDLN7zHg2G6OX3r29GwX2X9fBZbN67Ezo2IrXtXohlbsR21r+PN7346e+WDjz5+p9Pt7r+f0kHnVqudUrr+6i+ffPnDa7/Onv/wx+s/X42T5qenZ+3fT148een0j1tfDKo0qNJ4Mkt5uj2ZzPLbZZEOB9UwS+m9ssirIg3GVTFdm/fLydHRIuXjw2u7R9OiqlI+XqRhsUizSZpNFyn/PB+MU5Zl6dpu8G/0vr+3XMbZsrbp3fDkuf/Lzf1fbu7/cjv3UvdcxOibeW/eq9d63unHIMooYi8acT9iuVLng5vd/b30UDPujo4f9Y/nve31fisa0by436r7ab3/TOye77ejES9c3G9f2H823nj9XD+LRvz2WUyijMN40H3c/6qV0tvvdv/Wv/rwdwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADydsrTSjLuj43lv3ot4sG7X8+yf5nW/049BlFHEXjTifsRypc4HN7v7e4/+YL2/Ey/vbPbsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCXanFnmJdlMRUEQViFTT+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ml7/NHvTe8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACATaoWd4Z5WRbT/zFs+owAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwX/kzAAD//3/b5DI=")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r7, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r7, &(0x7f0000000380)='./file0\x00', r7, &(0x7f0000000200)='./bus/file0\x00', 0x0)
setsockopt$packet_fanout_data(r6, 0x107, 0x16, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffffffc}]}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1805000000000000000000005e006d000000951b78e5e50200000000000000998874ba52c4f94f4bc2c88fd05f97e5b603d23c8b537bfd1fd0ec5dcd20ed0dca000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r8 = io_uring_setup(0x3450, &(0x7f0000000680))
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0x10, &(0x7f0000000540)={0x7, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/58, 0x3a}, {&(0x7f0000000300)=""/215, 0xd7}, {&(0x7f0000000240)=""/90, 0x5a}, {&(0x7f0000000400)=""/139, 0x8b}], &(0x7f0000000500)=[0x4, 0x9], 0x4}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000700)=""/200, 0xc8}, {&(0x7f0000003700)=""/4096, 0x1000}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r9 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
mkdirat(r9, &(0x7f0000000040)='./file0\x00', 0x0)

26.695855247s ago: executing program 2 (id=458):
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000055c0), 0x400023c, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)

16.010186973s ago: executing program 3 (id=501):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x0)

13.391630425s ago: executing program 3 (id=511):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
ptrace$ARCH_GET_CPUID(0x1e, r0, 0x0, 0x1011)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37}, 0x20)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
timerfd_gettime(0xffffffffffffffff, &(0x7f0000000480))
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
ftruncate(r4, 0x47)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x12, r4, 0x0)

12.517635006s ago: executing program 3 (id=513):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400050000000000000000000000000000010c00028005000100000000000800074000000000040006"], 0x98}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000580)={0xc0, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x2c, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @empty}]}]}, 0xc0}}, 0x0)

12.318335972s ago: executing program 3 (id=515):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES8], 0x1e, 0x1517, &(0x7f0000004d00)="$eJzs3AucjtXaMPDrWmvdjGnS0ySHYa113TxpsAxJckiSQ5IkW5KcEkKTJAmJcZY0JCHHSXIYQnKYhjTO50POSZI0SRISkqzvN3vbX3vv9vv69vf2fd53z/X//e7fs67nfq71XGuueZ7nvu/5PfNdj1F1mtWt2YSI4L8E/3KTAgAxADAMAG4AgAAAKsZXjM/Zn09iyn/tSdgf65H0a10Bu5a4/7kb9z934/7nbtz/3I37n7tx/3M37n/uxv1nLDfbMafIjbzl3o2v/+dm/Pn/byS77OSvNpW9uee/kML9z924/7kb9z934/7nbtz/3I37n7tx/3M37j9judl/eG2YrnbtmP928O+wXevfP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjucMF/xsFAH8dX+u6GGOMMcYYY4wx9sfxea91BYwxxhhjjDHGGPt/D0GABAUB5IG8EAP5IBaugzi4HvLDDRCBGyEeboICcDMUhEJQGIpAAhSFYqDBgAWCEIpDCYjCLVASboVEKAWloQw4KAtJUA7Kw21QAW6HinAHVII7oTJUgapQDe6C6nA31IB7oCbcC7WgNtSBunAf1IP7oT48AA3gQWgID0EjeBgaw5+gCTwCTeFRaAaPQXN4HFpAS2gFraHN/1X+S9AHXoa+0A9SoD8MgIEwCAbDEBgKw+AVGA6vwgh4DVJhJIyC12E0vAFj4E0YC+NgPLwFE2AiTILJMAWmQhq8DdPgHZgO78IMmAmzYDakwxyYC+/BPJgPC+B9WAgfwCJYDEtgKWTAh5AJy2A5fAQr4GPIgpWwClbDGlgL62A9bICNsAk2wxbYCttgO+yAT2An7ILdsAf2wj7YD5/CAfgMDsLncAi++Bfzz/9Dfk8EBBQoUKHCPJgHYzAGYzEW4zAO82N+jGAE4zEeC2ABLIgFsTAWxgRMwGJYDA0aJCQsjsUxilEsiSUxEROxNJZGhw6TMAnL421YAStgRayIlbASVsYqWAWrYTWsjtWxBtbAmlgTa2EtrIN18D68D+/H+lgfG2ADbIgNsRE2wsbYGJtgE2yKTbEZNsPm2BxbYAtsha2wDbbBttgW22E77IAdsCN2xM7YGZMxGbtgF+yKXbEbdsPu2B17YA/sib2wF76EL+HL+DL2w1qiPw7AATgIB+EQHIpD8RUcjq/iq/gapuJIHIWv4+v4Bo7BczgWx+F4HI/VxUSchJORxFRMwzSchtNwOk7HGTgTZ+JsTMc5OBfn4jycj/PxfVyIH+AHuBgX41LMwAzMxGWY58qrLwtX4ipcjWtwLa7B9bgB1+Mm3IybcCtuxe24HT/BT3AX7sI9uAf3oQLAT/Ez/AxT8RAewsN4GI/gETyKRzEbs/EYHsPjeBxP4Ak8iSfxFJ7GM3gaz+JZPIfn8QJewIt4ES/hCwnfNN1XamMqiBxKKJFH5BExIkbEilgRJ+JEfpFfRERExIt4UUAUEAVFQVFYFBYJIkEUE8WEEUaQCEVxUVxERVSUFCVFokgUpUVp4YQTSSJJlBflRQVRQVQUd4hK4k5RWVQR7V01UU1UFx1cDXGPqClqilqitqgj6oq6op6oJ+qL+qKBaCAaioaikXhYNBb9cQg+InI600yMxOZiFLYQLUUr0Vq8gU+ItmIMthPtRQfxlBiHY7GzaOuSxTOii5iEXcVzYjI+L7qLqdhDvCh6il6it3hJ9BHtXF/RT8zA/mKAmI2DxGAxRAwV87C2yOlYHfGaSBUjxSjxuliKb4gx4k0xVowT48VbYoKYKCaJyWKKmCrSxNtimnhHTBfvihlippglZot0MUfMFe+JeWK+WCDeFwvFB2KRWCyWiKUiQ3woMsUysVx8JFaIj0WWWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BS7xG6xR+wV+8R+8ak4ID4TB8Xn4pD4QhwWX4oj4itxVHwtssU34pj4VhwX34kT4ntxUvwgTonT4oz4UZwVP4lz4ry4IH4WF8Uv4pL4VVwWXoBEKaSUSgYyj8wrY2Q+GSuvk3Hyeplf3iAj8kYZL2+SBeTNsqAsJAvLIjJBFpXFpJZGWkkylMVlCRmVt8iS8laZKEvJ0rKMdLKsTJLlZHl5m6wgb5cV5R2ykrxTVpZVZFVZTd4lq8u7ZQ15j6wp75W1ZG1ZR9aV98l68n5ZXz4gG8gHZUP5kGwkH5aN5Z9kE/mIbCoflc3kY7K5fFy2kC1lK9latpFPyLbySdlOtpcd5FOyo+wkO8unZbJ8RnaRz8qu8jnZTT4vu8sXZA/5ouwpe8ne8ld5WXrZV/aTKbK/HCAHykFysBwih8ph8hU5XL4qR8jXZKocKUfJ1+Vo+YYcI9+UY+U4OV6+JSfIiXKSnCynyKkyTb4tp8l35HT5rpwhZ8pZcrZMl3PkkCszLfg/yH/nn+SP+POzb5c75Cdyp9wld8s9cq/cJ/fL/fKAPCAPyoPykDwkD8vD8og8Io/KozJbZstj8pg8Lo/LE/KEPClPylPytPxZ/ijPyp/kOXlenpc/y4vyorx05WcACpVQUikVqDwqr4pR+VSsuk7FqetVfnWDiqgbVby6SRVQN6uCqpAqrIqoBFVUFVNaGWUVqVAVVyVUVN2CV97SVGlVRjlVViWpcv9KviqpblWJqtTf5V+tvjaqjWqr2qp2qp3qoDqojqqj6qw6q2SVrLqoLqqr6qq6qW6qu+queqgeqqfqqXqr3qqP6qP6qr4qRaWoAWqgGqQGqyFqqBqmXlHD1XA1Qo1QqSpVjVKj1Gg1Wo1RY9RYNVaNV+PVBDVBTVKT1BQ1RaWpNDVNTVPT1XQ1Q81Qs9Qsla7S1Vw1V81T89QCtUAtVAvVIrVILVFLVIbKUJkqUy1Xy9UKtUJlqZVqpVqtVqu1aq1ar9arjWqj2qw2q61qq8pSO9QOtVPtVLvVbrVX7VX71X51QB1QB9VBdUgdUofVYXVEHVFH1VGVrbLVMXVMHVfH1Ql1Qp1UJ9UpdUqdUWfUWXVWnVPn1AV1QV1UF9UldUldVpdzDvsCEYhABSrIE+QJYoKYIDaIDeKCuCB/kD+IBJEgPogPCgQ3BwWDQkHhoEiQEBQNigU6MIENKAiD4kGJIBrcEpQMbg0Sg1JB6aBM4IKyQVJQLigf3BZUCG4PKgZ3BJWCO4PKQZWgalAtuCuoHtwd1AjuCWoG9wa1gtpBnaBucF9QL7g/qB88EDQIHgwaBg8FjYKHg8bBn4ImwSNB0+DRoFnwWNA8eDxoEbQMWgWtgzZ/6Pzenyv0pOur++kU3V8P0AP1ID1YD9FD9TD9ih6uX9Uj9Gs6VY/Uo/TrerR+Q4/Rb+qxepwer9/SE/REPUlP1lP0VJ2m39bT9Dt6un5Xz9Az9Sw9W6frOXqufk/P0/P1Av2+Xqg/0Iv0Yr1EL9UZ+kOdqZfp5fojvUJ/rLP0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Cd6p96ld+s9eq/ep/frT/UB/Zk+qD/Xh/QX+rD+Uh/RX+mj+mudrb/Rx/S3+rj+Tp/Q3+uT+gd9Sp/WZ/SP+qz+SZ/T5/UF/bO+qH/Rl/Sv+rL2OQf3OR/vRhll8pg8JsbEmFgTa+JMnMlv8puIiZh4E28KmAKmoCloCpvCJsEkmGKmmMlBhkxxU9xETdSUNCVNokk0pU1p44wzSSbJlDflTQVTwVQ0FU0lU8lUNpVNVVPV3GXuMnebu8095h5zr7nX1Da1TV1T19Qz9Ux9U980MA1MQ9PQNDKNTGPT2DQxTUxT09Q0M81Mc9PctDAtTCvTyrQxbUxb09a0M+1MB9PBdDQdTWfT2SSbZNPFdDFdTVfTzXQz3U1308P0MD1NT9Pb9DZ9TB/T1/Q1KSbFDDADzCAzyAwxQ8wwM8wMN8PNCDPCpJpUM8qMMqPNaDPGjDFjzTgz3rxlJpiJZpKZbKaYqSbNpJlpZpqZbqabGWaGmWVmmXSTbuaauWaemWcWmAVmoVloFplFZolZYjJMhsk0mWa5WW5WmBUmy2SZVWaVWWPWmHVmndlgNphNZpPZYraYbWab2WF2mJ1mp9ltdpu9Zq/Zb/abA+aAOWgOmkPmkDlsDnsEMEfNUZNtss0xc8wcN8fNCXPCnDQnzSlzypwxZ8xZc9acM+fMBXPBXDS/mEvmV3PZeBNj89lYe52Ns9fb/PYG+49xYVvEJtiitpjVtqAt9HexsdYm2lK29F9PMW05mxiTc1vGOlvWJtlytrKtYqvaavYuW93ebWv8Lq5n77f17QO2gX3Q1rX3/V3c0D5kG9nHbGP7uG1iW9qmtrVtZh+zze3jtoVtaVvZ1raj7WQ726dtsn3GdrHP/i7OtMvsBrvRbrKb7QH7mb1gf7bH7Xf2ov3F9rX97DD7ih1uX7Uj7Gs21Y78XTzevmUn2Il2kp1sp9ipv4tn2dk23c6xc+17dp6d/7s4w35oF9rldpFdbJfYpX+Oc2pabj+yK+zHNsuutKvsarvGrrXr7Pr/Xetqu9Vus9vtfvup3Wl32d12j91r9/05zlnHQfu5PWS/sMfst/aI/coetSdstv3mz3HO+k7Y7+1J+4M9ZU/bM/ZHe9b+ZM/Z8znr9zlr/9H+ai9bb4GQBElSFFAeyksxlI9i6TqKo+spP91AEbqR4ukmKkA3U0EqRIWpCCVQUSpGmgxZIgqpOJWgKN1CJelWSqRSVJrKkKOylETlqDzdRhXodqpId1AlupMqUxWqStXoLqpOd1MNuodq0r1Ui2pTHapL91E9up/q0wPUgB6khvQQNaKHqTH9iZrQI9SUHqVm9Bg1p8epBbWkVtSa2tAT1JaepHbUnjrQU9SROlFnepqS6RnqQs9SV3qOutHz1J1eoB70IvWkXtSbXqI+9DL1pX6UQv1pAA2kQTSYhtBQGkav0HB6lUbQa5RKI2kUvU6j6Q0aQ2/SWBpH4+ktmkATaRJNpik0ldLobZpG79B0epdm0EyaRbMpnebQXHqP5tF8WkDv00L6gBbRYlpCSymDPqRMWkbL6SNaQR9TFq2kVbSa1tBaWkfraQNtpE20mbbQVtpG22kHfUI7aRftpj20l/bRfvqUDlC+Ky+4L+gwfUlH6Cs6Sl9TNn1Dx+hbOk7f0Qn6nk7SD3SKTtMZ+pHO0k90js7TBfqZLtIvdIl+pcvkCUIMRShDFQZhnjBvGBPmC2PD68K48Powf3hDGAlvDOPDm8IC4c1hwbBQWDgsEiaERcNioQ5NaEMKw7B4WCKMhreEJcNbw8SwVFg6LBO6sGyYFJYLy4e3hRXC28OK4R1hpfDOsHJYJXzswWrhXWH18O6wRnhPWDO8N6wV1g7rhHXD+8J64f1h/fCBsEH4YFghfChsFD4cwpXvqzQNHw2bhY+FzcPHwxZhy7BV2DpsEz4Rtg2fDNuF7cMO4VNhx7BT2Dl8OkwOnwm7hM9edX9K2D8cEA4MB4bePyCXRJdGM6IfRjOjy6LLox9FV0Q/jmZFV0ZXRVdH10TXRtdF10c3RDdGN0U3R7dEt0a3RbdHva+bFxw64aRTLnB5XF4X4/K5WHedi3PXu/zuBhdxN7p4d5Mr4G52BV0hV9gVcQmuqCvmtDPOOnKhK+5KuKi7xZV0t7pEV8qVdmWcc2VdkmvtENq4tu5J1861dx3cU+4p18l1ck+7p90zrot71nV1z7lu7nnX3b3gXnAvup6ul+vtXnJ93Muur+vnUlyKG+AGuEFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7AABmuVku3aW7uW6um+fmuQVugVuYuNAtcovcErfEZbgMl+ky3XK33K1wK1yWy3Kr3Cq3xq1x69w6t8FtcJvcJrfFbXHb3Da3w+1wO91Ot9vtdnvdXrff7XcH3AF30B10h9whd9gddkfcEXfUfe2y3TfumPvWHXffuRPue3fS/eBOudPujPvRnXU/uXPuvLvgfnYX3S/ukvvVXXbepUXejkyLvBOZHnk3MiMyMzIrMjuSHpkTmRt5LzIvMj+yIPJ+ZGHkg8iiyOLIksjSSEbkw0hmZFlkeeSjyIrIx5GsyMrIqsjqyJrIWgW+6M7QF/clfNTf4kv6W32iL+VL+zLe+bI+yZfz5f1tvoK/3Vf0d/hK/k5f2VfxVf3jvoVv6Vv51r6Nf8K39U/6dr697+Cf8h19J9/ZP+2T/TO+i3/Wd/XP+W7+ed/dv+B7+Bd9T9/L9/Yv+T7+Zd/X9/Mpvr8f4Af6QX6wH+KH+mH+FT/cv+pH+Nd8qh/pR/nX/Wj/hh/j3/Rj/Tg/3r/lJ/iJfpKf7Kf4qT7Nv+2n+Xf8dP+un+Fn+ll+tk/3c/xc/56f5+f7Bf59v9B/4Bf5xX6JX+oz/Ic+0y/zy/1HfoX/2Gf5lX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+E/8Tr/L7/Z7/F6/z+/3n/oD/jN/0H/uD/kv/GH/pT/iv/JH/dc+23/jj/lv/XH/nT/hv/cn/Q/+lD/tz/gf/Vn/kz/nz/sL/md/0f/iL/lf/eV/8Ttrtf+oy+eMMcYYY//DDLzK/v7/5D4FAOLK+Bfv/fW7imT/7X4JAFsK/mU8WCR0jADAM/16PPLXrVatlJSUK4/NkhCUWAwAkX94givxSugAnSAZ2kP5f1rfYNHrIl1l/ugdALF/kxMDv8W/zf/lfzD/E0+Nz6wUXoj/T+ZfDJBY4recnLPwv8YroUPOaqA9VPin8ydAobZXqT/fV2kA7f4mJw4A2uX7x/qT4El4FpL/7pGMMcYYY4wxxthfDBZVu13t/Dnn/DxB/ZaTF36Lr3Z+zhhjjDHGGGOMsWvv+V69n34iObl9t1wxIPhvUQYPePDfYtDpP3nMtX5nYowxxhhjjP3Rfjvo/+2+fNeyIMYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLBf6//Gfxq71GhljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFr7X8FAAD//7JbMiI=")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x4000, &(0x7f0000000040)=ANY=[], 0x7, 0x5e8, &(0x7f0000000680)="$eJzs3U9vHGcdB/DvbGLHDlK6SZOmICSscgA1IvGfyAQJCSgFWahClbj0iJVsaivrNLI3yO0BGcS5fQvlYM4cOKFI5MCZt2DEEcHdN1czO+tdu1vXaVzvOvl8pNnneeaZeeb3/DI7mRnLcoCX1tJ7mXiaIks33tks2zvbC+2d7YW1Xj3JhSSNZCpJUa7+W5L/VM1slR/f7HUMlJ9TfLJ0d+XJx9e7ral6qbYvjtrvkInhq7d6sTS7sVblczgw3vxzj9ef4UySK3UJI7fX8++h3cf9XgIAZ1CRnBu2vplcrG/Wy+eA7l1x9x77TNsadQAAAABwCl7ZzW42c2nUcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBZUv/9/6JeGr36TIre3/+frNelrp9pT0cdAAAAAAAAAACcgO/sZjebudRr7xXVz/zfqBpXq89v5HE20sp6bmYzy+mkk/XMJWkODDS5udzprM8dY8/5oXvOn858AQAAAAAAAOAF9ccs9X/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA46BIznWLarnaqzfTOJ9kKslkud1W8qRXP8uejjoAAAAAOAWv7GY3m7nUa+8V1TP/a9Vz/1Qe52E6WU0n7bRyr3oX0H3qb+xsL7R3thfWyuXz4/7s/88URjViuu8ehh95ttri2v4eS/llfpMbmcm7Wc9qfpfldNLKTN6uassp0qzfXjR7cQ6P96cHWu9+WayvV5FM535Wq9hu5m4+SDv30qjmUG1z9BH/UGan+EntmDm6V5fljH5Vl+OhWWVkYj8js3Xuy2xcPjoTz3ieHD7SXBr776Cufg05v1iXZa7fHuuczw+cfa8dnYlkdv5/j1baDx+s3N+4MT5T+ooOZ2JhIBPXX6pMTNbZ6F5Fn+1q+Ua176Ws5tf5IPfSyp3M5k4WczsLWcyPsjiQ12vH+K41num7tvfd79e1iSS/qMvxUOb18kBeB690zapvcE0/S1dO/op0/lt1pTxZ3xq7K9LlQ9fmXiZePToTf94rPzfaDx+sryw/OubxvleXZQZ+PlaZKM+XK+U/VtU6eHaUfa8O7Zur+q5WfWuP9yoH+67t7/dl39TJ+h6uu/XB/yfKvutD+xaqvtcH+obd5QAw5iZz8c2Lk9P/nf7X9KfTf5pemX5n6q0Ldy58ezIT/zz/93N/bfyl8ePizXya3/ef/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK9u48OPHiy32631l6lSPDg3DmGcXOUfvz3xkffqE2Q8Jqhy6pURX5iAr92tztqjWxsffvSD1bXl91vvtx7enlucv317dvGHd27dX223Zrufow4TADhB/Zv+UUcCAAAAAAAAAAAAAAB8kdP4deJRzxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHixLb2XiacpMjd7c7Zs72wvtMulV+9vOZWkyNZ+e6te0hwYrvii4xSfLN1defLx9f5YU73ti6P2O54DsTQOxfS8480/93j9Gc4kuVKXMHKfBQAA//9qkQag")
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', 0x0, 0x0, 0x835, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000002dc0)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x1000)=nil, 0x0}, 0x68)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r2, 0x40383d0c, &(0x7f0000000040)={{}, {0x1}, 0x0, 0x5})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000019c0)=ANY=[@ANYBLOB="64090000000500000000000000000000000000005402010002000000fcffffff0509010408000b0073797a3100000000000000000000000000000000000000000000000000000000b6dd87000000000000000994d0d3c27f1243d7c4ca3356f6d2b6a1d59ddf1afa010d815fd81fd96450ec3a99dd924a6c997602e1d519e46c2bfd637f49b34455a15a000801000000000000000200030000000000429a00000000ff0301000000060000000101070000000000060000000700060002000000eb000000ff0f1f0002000000000400000080020003000000c20000000700070002000000040000000400001000000000ab2a0000010007000200000000000000fbff1f00af2b6c1400000100ff0f000100000000035700000100010002000000ffff0000d20e000403000000ff070000ff00000001000000800000000800020003000000fe0000000900800003000000ff7f00000500040000000000040000000300090003000000ff0100000008020000000000010000000800f2e70300000001000000b1043f000300000002000000030000800200000007000000030008000000000007000000be56800001000000000000001f0003000100000008000000050009000200000040000000ff07f45e03000000ffff00003f00070001000000000000000600020003000000fdffffff400043070000000009000000018006000300000003000000ff07ee9892cfc565090000000800ff000200000051cc7e2c010020000200"], 0x964}}, 0x0)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
write$char_usb(r3, &(0x7f0000000040)="e2", 0x2778)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001280)=""/217, 0xd9)

10.876026119s ago: executing program 3 (id=520):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x408e, &(0x7f0000000240), 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = open(&(0x7f0000000040)='./bus\x00', 0x1459c2, 0x0)
ftruncate(r0, 0x2007ffd)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x3000)
memfd_create(&(0x7f0000000080)='\xf3e\t\xa9\xff\vty\x01senux\x00', 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

10.702058343s ago: executing program 1 (id=521):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000480)={[{@stripe={'stripe', 0x3d, 0xd}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@errors_continue}]}, 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000400)='./bus\x00', 0x16543e, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
io_setup(0x7f, &(0x7f0000000100)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x8, 0x0, r0, 0x0, 0x0, 0x81}])

10.289549836s ago: executing program 3 (id=523):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000d40)={0x0, 0x2904c, 0xc, 0x10003, '\x00', [{}, {0xffffffff}]})

9.729382202s ago: executing program 1 (id=525):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'syz_tun\x00', <r1=>0x0})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'macvlan0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0xfffffffffffffe83, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}}, 0x0)

9.038723958s ago: executing program 1 (id=529):
syz_mount_image$minix(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x804008, &(0x7f0000000100)=ANY=[], 0x5a, 0x20d, &(0x7f0000000200)="$eJzs3L9u00AAx/Gf40BIQfwVf8RUCQmxkEBbqcpGFzZeAImhakNV4UJpWBohQV+CnZWJR+BNWBnagY2JQ2dfwHFSfHFIHOHvR2rj2Pfzndue765RIgCV9Sj+HuiMe26Mebcs6ekTSbVSmwZgxox7/GkAVE9I1wcq6mQjjMf/L4H09fvbrWP3dc5z/nCykSwS7PrhOJVvnhZ4lskfBfHj7fpwfknS+ZFwfXT+8jHJ383Uf8G3/a7+pUy+4Z1Prv/eneH8RUmXJF2WdEXSVUnXpPi01+UOpOrfztR/Kzl85NkMAAAAAAD+yq4+W4Mnvov+bL7lU/LB2L129fx8N+qOP+qhluQfFoyfdfWvTJlfzbQpl3vBteHyra1X0XbBNgBF1dL9P9/IHcK//2vsv7PCKft/Pc5/KJgGqq132H+xGUXdg7ltSJOm7FBZvNLmYONbbuFPdkM/kldGZv/TGNxM7Z5ln1TgCs/t96X8Mu9zyjR10DMe55n7xuvHyextBlXYQSm9pz/tCYNsP60PdaLPqT+kKDJhb/8fXJc9oQl/3yjCMu5OAGap/WZvv9077N/f3dvc6e50X66tdzrra6srnXY8LW9PtTgHsMj+DPpltwQAAAAAAAAAAAAAABR1Q9LNyWOnfrwHAAAAgMU1+RuDGhO/najsawQAAAAAAAAAAAAA4H/3KwAA//9/rD04")
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
lseek(r0, 0x7ffffb, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xfd14)
open(&(0x7f00000000c0)='.\x00', 0x591002, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
write$FUSE_OPEN(r1, &(0x7f0000000100)={0x20}, 0x20)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f0000000100)='i', 0x1, 0x80ffff)

8.068840536s ago: executing program 1 (id=530):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES8], 0x1e, 0x1517, &(0x7f0000004d00)="$eJzs3AucjtXaMPDrWmvdjGnS0ySHYa113TxpsAxJckiSQ5IkW5KcEkKTJAmJcZY0JCHHSXIYQnKYhjTO50POSZI0SRISkqzvN3vbX3vv9vv69vf2fd53z/X//e7fs67nfq71XGuueZ7nvu/5PfNdj1F1mtWt2YSI4L8E/3KTAgAxADAMAG4AgAAAKsZXjM/Zn09iyn/tSdgf65H0a10Bu5a4/7kb9z934/7nbtz/3I37n7tx/3M37n/uxv1nLDfbMafIjbzl3o2v/+dm/Pn/byS77OSvNpW9uee/kML9z924/7kb9z934/7nbtz/3I37n7tx/3M37j9judl/eG2YrnbtmP928O+wXevfP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjucMF/xsFAH8dX+u6GGOMMcYYY4wx9sfxea91BYwxxhhjjDHGGPt/D0GABAUB5IG8EAP5IBaugzi4HvLDDRCBGyEeboICcDMUhEJQGIpAAhSFYqDBgAWCEIpDCYjCLVASboVEKAWloQw4KAtJUA7Kw21QAW6HinAHVII7oTJUgapQDe6C6nA31IB7oCbcC7WgNtSBunAf1IP7oT48AA3gQWgID0EjeBgaw5+gCTwCTeFRaAaPQXN4HFpAS2gFraHN/1X+S9AHXoa+0A9SoD8MgIEwCAbDEBgKw+AVGA6vwgh4DVJhJIyC12E0vAFj4E0YC+NgPLwFE2AiTILJMAWmQhq8DdPgHZgO78IMmAmzYDakwxyYC+/BPJgPC+B9WAgfwCJYDEtgKWTAh5AJy2A5fAQr4GPIgpWwClbDGlgL62A9bICNsAk2wxbYCttgO+yAT2An7ILdsAf2wj7YD5/CAfgMDsLncAi++Bfzz/9Dfk8EBBQoUKHCPJgHYzAGYzEW4zAO82N+jGAE4zEeC2ABLIgFsTAWxgRMwGJYDA0aJCQsjsUxilEsiSUxEROxNJZGhw6TMAnL421YAStgRayIlbASVsYqWAWrYTWsjtWxBtbAmlgTa2EtrIN18D68D+/H+lgfG2ADbIgNsRE2wsbYGJtgE2yKTbEZNsPm2BxbYAtsha2wDbbBttgW22E77IAdsCN2xM7YGZMxGbtgF+yKXbEbdsPu2B17YA/sib2wF76EL+HL+DL2w1qiPw7AATgIB+EQHIpD8RUcjq/iq/gapuJIHIWv4+v4Bo7BczgWx+F4HI/VxUSchJORxFRMwzSchtNwOk7HGTgTZ+JsTMc5OBfn4jycj/PxfVyIH+AHuBgX41LMwAzMxGWY58qrLwtX4ipcjWtwLa7B9bgB1+Mm3IybcCtuxe24HT/BT3AX7sI9uAf3oQLAT/Ez/AxT8RAewsN4GI/gETyKRzEbs/EYHsPjeBxP4Ak8iSfxFJ7GM3gaz+JZPIfn8QJewIt4ES/hCwnfNN1XamMqiBxKKJFH5BExIkbEilgRJ+JEfpFfRERExIt4UUAUEAVFQVFYFBYJIkEUE8WEEUaQCEVxUVxERVSUFCVFokgUpUVp4YQTSSJJlBflRQVRQVQUd4hK4k5RWVQR7V01UU1UFx1cDXGPqClqilqitqgj6oq6op6oJ+qL+qKBaCAaioaikXhYNBb9cQg+InI600yMxOZiFLYQLUUr0Vq8gU+ItmIMthPtRQfxlBiHY7GzaOuSxTOii5iEXcVzYjI+L7qLqdhDvCh6il6it3hJ9BHtXF/RT8zA/mKAmI2DxGAxRAwV87C2yOlYHfGaSBUjxSjxuliKb4gx4k0xVowT48VbYoKYKCaJyWKKmCrSxNtimnhHTBfvihlippglZot0MUfMFe+JeWK+WCDeFwvFB2KRWCyWiKUiQ3woMsUysVx8JFaIj0WWWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BS7xG6xR+wV+8R+8ak4ID4TB8Xn4pD4QhwWX4oj4itxVHwtssU34pj4VhwX34kT4ntxUvwgTonT4oz4UZwVP4lz4ry4IH4WF8Uv4pL4VVwWXoBEKaSUSgYyj8wrY2Q+GSuvk3Hyeplf3iAj8kYZL2+SBeTNsqAsJAvLIjJBFpXFpJZGWkkylMVlCRmVt8iS8laZKEvJ0rKMdLKsTJLlZHl5m6wgb5cV5R2ykrxTVpZVZFVZTd4lq8u7ZQ15j6wp75W1ZG1ZR9aV98l68n5ZXz4gG8gHZUP5kGwkH5aN5Z9kE/mIbCoflc3kY7K5fFy2kC1lK9latpFPyLbySdlOtpcd5FOyo+wkO8unZbJ8RnaRz8qu8jnZTT4vu8sXZA/5ouwpe8ne8ld5WXrZV/aTKbK/HCAHykFysBwih8ph8hU5XL4qR8jXZKocKUfJ1+Vo+YYcI9+UY+U4OV6+JSfIiXKSnCynyKkyTb4tp8l35HT5rpwhZ8pZcrZMl3PkkCszLfg/yH/nn+SP+POzb5c75Cdyp9wld8s9cq/cJ/fL/fKAPCAPyoPykDwkD8vD8og8Io/KozJbZstj8pg8Lo/LE/KEPClPylPytPxZ/ijPyp/kOXlenpc/y4vyorx05WcACpVQUikVqDwqr4pR+VSsuk7FqetVfnWDiqgbVby6SRVQN6uCqpAqrIqoBFVUFVNaGWUVqVAVVyVUVN2CV97SVGlVRjlVViWpcv9KviqpblWJqtTf5V+tvjaqjWqr2qp2qp3qoDqojqqj6qw6q2SVrLqoLqqr6qq6qW6qu+queqgeqqfqqXqr3qqP6qP6qr4qRaWoAWqgGqQGqyFqqBqmXlHD1XA1Qo1QqSpVjVKj1Gg1Wo1RY9RYNVaNV+PVBDVBTVKT1BQ1RaWpNDVNTVPT1XQ1Q81Qs9Qsla7S1Vw1V81T89QCtUAtVAvVIrVILVFLVIbKUJkqUy1Xy9UKtUJlqZVqpVqtVqu1aq1ar9arjWqj2qw2q61qq8pSO9QOtVPtVLvVbrVX7VX71X51QB1QB9VBdUgdUofVYXVEHVFH1VGVrbLVMXVMHVfH1Ql1Qp1UJ9UpdUqdUWfUWXVWnVPn1AV1QV1UF9UldUldVpdzDvsCEYhABSrIE+QJYoKYIDaIDeKCuCB/kD+IBJEgPogPCgQ3BwWDQkHhoEiQEBQNigU6MIENKAiD4kGJIBrcEpQMbg0Sg1JB6aBM4IKyQVJQLigf3BZUCG4PKgZ3BJWCO4PKQZWgalAtuCuoHtwd1AjuCWoG9wa1gtpBnaBucF9QL7g/qB88EDQIHgwaBg8FjYKHg8bBn4ImwSNB0+DRoFnwWNA8eDxoEbQMWgWtgzZ/6Pzenyv0pOur++kU3V8P0AP1ID1YD9FD9TD9ih6uX9Uj9Gs6VY/Uo/TrerR+Q4/Rb+qxepwer9/SE/REPUlP1lP0VJ2m39bT9Dt6un5Xz9Az9Sw9W6frOXqufk/P0/P1Av2+Xqg/0Iv0Yr1EL9UZ+kOdqZfp5fojvUJ/rLP0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Cd6p96ld+s9eq/ep/frT/UB/Zk+qD/Xh/QX+rD+Uh/RX+mj+mudrb/Rx/S3+rj+Tp/Q3+uT+gd9Sp/WZ/SP+qz+SZ/T5/UF/bO+qH/Rl/Sv+rL2OQf3OR/vRhll8pg8JsbEmFgTa+JMnMlv8puIiZh4E28KmAKmoCloCpvCJsEkmGKmmMlBhkxxU9xETdSUNCVNokk0pU1p44wzSSbJlDflTQVTwVQ0FU0lU8lUNpVNVVPV3GXuMnebu8095h5zr7nX1Da1TV1T19Qz9Ux9U980MA1MQ9PQNDKNTGPT2DQxTUxT09Q0M81Mc9PctDAtTCvTyrQxbUxb09a0M+1MB9PBdDQdTWfT2SSbZNPFdDFdTVfTzXQz3U1308P0MD1NT9Pb9DZ9TB/T1/Q1KSbFDDADzCAzyAwxQ8wwM8wMN8PNCDPCpJpUM8qMMqPNaDPGjDFjzTgz3rxlJpiJZpKZbKaYqSbNpJlpZpqZbqabGWaGmWVmmXSTbuaauWaemWcWmAVmoVloFplFZolZYjJMhsk0mWa5WW5WmBUmy2SZVWaVWWPWmHVmndlgNphNZpPZYraYbWab2WF2mJ1mp9ltdpu9Zq/Zb/abA+aAOWgOmkPmkDlsDnsEMEfNUZNtss0xc8wcN8fNCXPCnDQnzSlzypwxZ8xZc9acM+fMBXPBXDS/mEvmV3PZeBNj89lYe52Ns9fb/PYG+49xYVvEJtiitpjVtqAt9HexsdYm2lK29F9PMW05mxiTc1vGOlvWJtlytrKtYqvaavYuW93ebWv8Lq5n77f17QO2gX3Q1rX3/V3c0D5kG9nHbGP7uG1iW9qmtrVtZh+zze3jtoVtaVvZ1raj7WQ726dtsn3GdrHP/i7OtMvsBrvRbrKb7QH7mb1gf7bH7Xf2ov3F9rX97DD7ih1uX7Uj7Gs21Y78XTzevmUn2Il2kp1sp9ipv4tn2dk23c6xc+17dp6d/7s4w35oF9rldpFdbJfYpX+Oc2pabj+yK+zHNsuutKvsarvGrrXr7Pr/Xetqu9Vus9vtfvup3Wl32d12j91r9/05zlnHQfu5PWS/sMfst/aI/coetSdstv3mz3HO+k7Y7+1J+4M9ZU/bM/ZHe9b+ZM/Z8znr9zlr/9H+ai9bb4GQBElSFFAeyksxlI9i6TqKo+spP91AEbqR4ukmKkA3U0EqRIWpCCVQUSpGmgxZIgqpOJWgKN1CJelWSqRSVJrKkKOylETlqDzdRhXodqpId1AlupMqUxWqStXoLqpOd1MNuodq0r1Ui2pTHapL91E9up/q0wPUgB6khvQQNaKHqTH9iZrQI9SUHqVm9Bg1p8epBbWkVtSa2tAT1JaepHbUnjrQU9SROlFnepqS6RnqQs9SV3qOutHz1J1eoB70IvWkXtSbXqI+9DL1pX6UQv1pAA2kQTSYhtBQGkav0HB6lUbQa5RKI2kUvU6j6Q0aQ2/SWBpH4+ktmkATaRJNpik0ldLobZpG79B0epdm0EyaRbMpnebQXHqP5tF8WkDv00L6gBbRYlpCSymDPqRMWkbL6SNaQR9TFq2kVbSa1tBaWkfraQNtpE20mbbQVtpG22kHfUI7aRftpj20l/bRfvqUDlC+Ky+4L+gwfUlH6Cs6Sl9TNn1Dx+hbOk7f0Qn6nk7SD3SKTtMZ+pHO0k90js7TBfqZLtIvdIl+pcvkCUIMRShDFQZhnjBvGBPmC2PD68K48Powf3hDGAlvDOPDm8IC4c1hwbBQWDgsEiaERcNioQ5NaEMKw7B4WCKMhreEJcNbw8SwVFg6LBO6sGyYFJYLy4e3hRXC28OK4R1hpfDOsHJYJXzswWrhXWH18O6wRnhPWDO8N6wV1g7rhHXD+8J64f1h/fCBsEH4YFghfChsFD4cwpXvqzQNHw2bhY+FzcPHwxZhy7BV2DpsEz4Rtg2fDNuF7cMO4VNhx7BT2Dl8OkwOnwm7hM9edX9K2D8cEA4MB4bePyCXRJdGM6IfRjOjy6LLox9FV0Q/jmZFV0ZXRVdH10TXRtdF10c3RDdGN0U3R7dEt0a3RbdHva+bFxw64aRTLnB5XF4X4/K5WHedi3PXu/zuBhdxN7p4d5Mr4G52BV0hV9gVcQmuqCvmtDPOOnKhK+5KuKi7xZV0t7pEV8qVdmWcc2VdkmvtENq4tu5J1861dx3cU+4p18l1ck+7p90zrot71nV1z7lu7nnX3b3gXnAvup6ul+vtXnJ93Muur+vnUlyKG+AGuEFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7AABmuVku3aW7uW6um+fmuQVugVuYuNAtcovcErfEZbgMl+ky3XK33K1wK1yWy3Kr3Cq3xq1x69w6t8FtcJvcJrfFbXHb3Da3w+1wO91Ot9vtdnvdXrff7XcH3AF30B10h9whd9gddkfcEXfUfe2y3TfumPvWHXffuRPue3fS/eBOudPujPvRnXU/uXPuvLvgfnYX3S/ukvvVXXbepUXejkyLvBOZHnk3MiMyMzIrMjuSHpkTmRt5LzIvMj+yIPJ+ZGHkg8iiyOLIksjSSEbkw0hmZFlkeeSjyIrIx5GsyMrIqsjqyJrIWgW+6M7QF/clfNTf4kv6W32iL+VL+zLe+bI+yZfz5f1tvoK/3Vf0d/hK/k5f2VfxVf3jvoVv6Vv51r6Nf8K39U/6dr697+Cf8h19J9/ZP+2T/TO+i3/Wd/XP+W7+ed/dv+B7+Bd9T9/L9/Yv+T7+Zd/X9/Mpvr8f4Af6QX6wH+KH+mH+FT/cv+pH+Nd8qh/pR/nX/Wj/hh/j3/Rj/Tg/3r/lJ/iJfpKf7Kf4qT7Nv+2n+Xf8dP+un+Fn+ll+tk/3c/xc/56f5+f7Bf59v9B/4Bf5xX6JX+oz/Ic+0y/zy/1HfoX/2Gf5lX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+E/8Tr/L7/Z7/F6/z+/3n/oD/jN/0H/uD/kv/GH/pT/iv/JH/dc+23/jj/lv/XH/nT/hv/cn/Q/+lD/tz/gf/Vn/kz/nz/sL/md/0f/iL/lf/eV/8Ttrtf+oy+eMMcYYY//DDLzK/v7/5D4FAOLK+Bfv/fW7imT/7X4JAFsK/mU8WCR0jADAM/16PPLXrVatlJSUK4/NkhCUWAwAkX94givxSugAnSAZ2kP5f1rfYNHrIl1l/ugdALF/kxMDv8W/zf/lfzD/E0+Nz6wUXoj/T+ZfDJBY4recnLPwv8YroUPOaqA9VPin8ydAobZXqT/fV2kA7f4mJw4A2uX7x/qT4El4FpL/7pGMMcYYY4wxxthfDBZVu13t/Dnn/DxB/ZaTF36Lr3Z+zhhjjDHGGGOMsWvv+V69n34iObl9t1wxIPhvUQYPePDfYtDpP3nMtX5nYowxxhhjjP3Rfjvo/+2+fNeyIMYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLBf6//Gfxq71GhljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFr7X8FAAD//7JbMiI=")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x4000, &(0x7f0000000040)=ANY=[], 0x7, 0x5e8, &(0x7f0000000680)="$eJzs3U9vHGcdB/DvbGLHDlK6SZOmICSscgA1IvGfyAQJCSgFWahClbj0iJVsaivrNLI3yO0BGcS5fQvlYM4cOKFI5MCZt2DEEcHdN1czO+tdu1vXaVzvOvl8pNnneeaZeeb3/DI7mRnLcoCX1tJ7mXiaIks33tks2zvbC+2d7YW1Xj3JhSSNZCpJUa7+W5L/VM1slR/f7HUMlJ9TfLJ0d+XJx9e7ral6qbYvjtrvkInhq7d6sTS7sVblczgw3vxzj9ef4UySK3UJI7fX8++h3cf9XgIAZ1CRnBu2vplcrG/Wy+eA7l1x9x77TNsadQAAAABwCl7ZzW42c2nUcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBZUv/9/6JeGr36TIre3/+frNelrp9pT0cdAAAAAAAAAACcgO/sZjebudRr7xXVz/zfqBpXq89v5HE20sp6bmYzy+mkk/XMJWkODDS5udzprM8dY8/5oXvOn858AQAAAAAAAOAF9ccs9X/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA46BIznWLarnaqzfTOJ9kKslkud1W8qRXP8uejjoAAAAAOAWv7GY3m7nUa+8V1TP/a9Vz/1Qe52E6WU0n7bRyr3oX0H3qb+xsL7R3thfWyuXz4/7s/88URjViuu8ehh95ttri2v4eS/llfpMbmcm7Wc9qfpfldNLKTN6uassp0qzfXjR7cQ6P96cHWu9+WayvV5FM535Wq9hu5m4+SDv30qjmUG1z9BH/UGan+EntmDm6V5fljH5Vl+OhWWVkYj8js3Xuy2xcPjoTz3ieHD7SXBr776Cufg05v1iXZa7fHuuczw+cfa8dnYlkdv5/j1baDx+s3N+4MT5T+ooOZ2JhIBPXX6pMTNbZ6F5Fn+1q+Ua176Ws5tf5IPfSyp3M5k4WczsLWcyPsjiQ12vH+K41num7tvfd79e1iSS/qMvxUOb18kBeB690zapvcE0/S1dO/op0/lt1pTxZ3xq7K9LlQ9fmXiZePToTf94rPzfaDx+sryw/OubxvleXZQZ+PlaZKM+XK+U/VtU6eHaUfa8O7Zur+q5WfWuP9yoH+67t7/dl39TJ+h6uu/XB/yfKvutD+xaqvtcH+obd5QAw5iZz8c2Lk9P/nf7X9KfTf5pemX5n6q0Ldy58ezIT/zz/93N/bfyl8ePizXya3/ef/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK9u48OPHiy32631l6lSPDg3DmGcXOUfvz3xkffqE2Q8Jqhy6pURX5iAr92tztqjWxsffvSD1bXl91vvtx7enlucv317dvGHd27dX223Zrufow4TADhB/Zv+UUcCAAAAAAAAAAAAAAB8kdP4deJRzxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHixLb2XiacpMjd7c7Zs72wvtMulV+9vOZWkyNZ+e6te0hwYrvii4xSfLN1defLx9f5YU73ti6P2O54DsTQOxfS8480/93j9Gc4kuVKXMHKfBQAA//9qkQag")
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', 0x0, 0x0, 0x835, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000002dc0)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x1000)=nil, 0x0}, 0x68)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r2, 0x40383d0c, &(0x7f0000000040)={{}, {0x1}, 0x0, 0x5})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000019c0)=ANY=[@ANYBLOB="64090000000500000000000000000000000000005402010002000000fcffffff0509010408000b0073797a3100000000000000000000000000000000000000000000000000000000b6dd87000000000000000994d0d3c27f1243d7c4ca3356f6d2b6a1d59ddf1afa010d815fd81fd96450ec3a99dd924a6c997602e1d519e46c2bfd637f49b34455a15a000801000000000000000200030000000000429a00000000ff0301000000060000000101070000000000060000000700060002000000eb000000ff0f1f0002000000000400000080020003000000c20000000700070002000000040000000400001000000000ab2a0000010007000200000000000000fbff1f00af2b6c1400000100ff0f000100000000035700000100010002000000ffff0000d20e000403000000ff070000ff00000001000000800000000800020003000000fe0000000900800003000000ff7f00000500040000000000040000000300090003000000ff0100000008020000000000010000000800f2e70300000001000000b1043f000300000002000000030000800200000007000000030008000000000007000000be56800001000000000000001f0003000100000008000000050009000200000040000000ff07f45e03000000ffff00003f00070001000000000000000600020003000000fdffffff400043070000000009000000018006000300000003000000ff07ee9892cfc565090000000800ff000200000051cc7e2c010020000200"], 0x964}}, 0x0)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
write$char_usb(r3, &(0x7f0000000040)="e2", 0x2778)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001280)=""/217, 0xd9)

7.605049314s ago: executing program 1 (id=532):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
times(0x0)

7.070814577s ago: executing program 1 (id=534):
r0 = syz_usb_connect(0x0, 0x3d7, &(0x7f00000007c0)=ANY=[@ANYBLOB="120100004cefc008e10593085bfd010203010902c50301000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000440)={0x2c, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0})

3.818139491s ago: executing program 0 (id=545):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448e7, &(0x7f0000000100)="f681e587f267fa86553608edb79339a04ad0666e05b177eb177eafde158999527d4241168e5621dfe60c86412eea57ad466c0133575ee34bf3bc047d41ba15a39cafa4b121a81b95d864dc59af38ded34215ed8a9850daeac1636bea59ad84c0bdff5a8881c8c027dabb6185d5b51b561040f9a6a569a20ad2c68d59ed080fe4eb84c20f4b13a5f06ca30d87e728b880e0cf7ca4c4ef10548bf0bbcb49f1d252a5c41130ee65b6a7a573e7c35217d9aeb6b9920de815d9c7cf77c9103850b51dfd8699863307aa62b30f4ff17e22e9bc96b13fd27bda7aeb6ff251003be4ebbf0784cfa440382f94d6327bdb7560fd375b354fe1540aa21c83b3eee4523b549bf3f34d8d6b7ba8ace06c7acb9fad6a8a6c5cb0aeff0985fd008bf1d46ebffa")
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000540), 0x0)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0x10)
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000000140)=0x10000)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x4e0, 0x2f0, 0xb, 0x148, 0x2f0, 0x148, 0x448, 0x240, 0x240, 0x448, 0x215, 0x3, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth0\x00'}, 0x0, 0x2c8, 0x2f0, 0x0, {0xff0f000000000000}, [@common=@inet=@socket1={{0x258, 'socket\x00', 0x2}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0xec010000, 0x138, 0x158, 0x0, {}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@private1, [], @ipv6=@local, [], @ipv4=@broadcast, [], @ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x540)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f0000000480)=[{&(0x7f0000000180)="480000001400197f09004b0101048c590288ffffff010001000000000028213ee20600d4ff5bffff00c7e5ed5e00000000000000000000eaf60d18125d4b18857a9eace3dbe8b12c", 0xfe0e}], 0x1)
socket(0x2, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nbd(&(0x7f0000000c00), r8)
sendmsg$NBD_CMD_CONNECT(r8, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000100)={0x2c, r9, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SOCKETS={0xc, 0x7, 0x0, 0x1, [{0x8, 0x1, r7}]}, @NBD_ATTR_SIZE_BYTES={0xc}]}, 0x2c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000))
sendfile(r4, r6, 0x0, 0x6)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r11=>0x0}, &(0x7f0000000040)=0x8)
dup2(r2, r1)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x209, 0x0, 0x6, r11}, &(0x7f00000003c0)=0x10)
r12 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_QUERYBUF(r12, 0xc0585609, &(0x7f0000000080)=@mmap={0x0, 0x8, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "ecb53b60"}})
writev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff81054e220000000058000b480400945f64009400050038925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002080800418e00000504fcff", 0x58}], 0x1)

3.375719977s ago: executing program 0 (id=547):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'syz_tun\x00', <r1=>0x0})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'macvlan0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0xfffffffffffffe83, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}}, 0x0)

2.926400473s ago: executing program 0 (id=548):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r1=>0x0})
r2 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r2, &(0x7f0000000000)={0x1d, r1, 0x3}, 0x18)
sendmsg$L2TP_CMD_TUNNEL_MODIFY(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[], 0x14}}, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r3, 0xc0bc5351, &(0x7f0000000180)={0x20, 0x0, 'client0\x00', 0x0, "001000", "83af55ac8f91351c73c1e5f9224528fd86a9564b5d4ed1ca4dcae8a02877940f"})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x1)
io_uring_setup(0x396b, &(0x7f0000000180))
close_range(r0, 0xffffffffffffffff, 0x0)

2.484455029s ago: executing program 4 (id=549):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
write$binfmt_aout(r0, 0x0, 0x1000)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000080)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000000)=0x9)

2.268953637s ago: executing program 4 (id=550):
socket$unix(0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x1ff}}, {@data_err_abort}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x0, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000002c0), &(0x7f00000003c0)=ANY=[], 0x361, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)='system.posix_acl_access\x00', &(0x7f00000006c0)={{}, {}, [{0x2, 0x0, 0xee00}, {}], {}, [{}, {}, {}, {}, {}]}, 0x5c, 0x0)

2.181714044s ago: executing program 0 (id=551):
syz_open_dev$sg(0x0, 0x7fffffffffffffff, 0x8800)
r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000200)=0x5)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
ioctl$SG_BLKSECTGET(r1, 0x1267, &(0x7f0000000100))
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x3, 0x1})
ioctl$SG_SET_KEEP_ORPHAN(r0, 0x2287, &(0x7f0000000000)=0x3)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = getpid()
ioctl$SG_SET_KEEP_ORPHAN(r0, 0x2287, 0x0)
ioctl$SG_GET_TIMEOUT(r0, 0x2202, 0x0)
ioctl$sock_SIOCSPGRP(r2, 0x8902, &(0x7f0000000000)=r3)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x0)
ioctl$SG_BLKSECTGET(r4, 0x1267, &(0x7f00000001c0))

1.882709008s ago: executing program 4 (id=552):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, &(0x7f0000000000)={0x0, [0x6, 0xffff1337, 0x1], [{0x0, 0x0, 0x0, 0x1}, {0x35, 0x35}, {0x0, 0x7}], 0xc})

1.645135697s ago: executing program 4 (id=553):
syz_mount_image$minix(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x808441, &(0x7f00000000c0)=ANY=[], 0xfe, 0x20d, &(0x7f0000000680)="$eJzs28tOE2EUAODTgtQYE/duNdGF2oIaYScJ3u+XFyBaCLEYIy6EmCgb34Mnk6UbFr4Av2GqqW0ZOtXSEf2+pJk/c+bMOdPkzEwXDeD/NRlRiUosRERK6eP7s6lWdkvAeKQiB00dXv3dNKxrQ2cAeSb2xnC77C6A8duZz+Y/tiPiy7cPL35+Fgo+v3fmq9n2U0/+jaL5m5Vse3qyO/9mRNwamF3ZTVvt/HM99W8PWf9ET/6dwvnt6z9/pjv/bkTci4j7EfEgIh5GxKOIeBwRT/ap/7Kn/vOeOulUwYYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+UyUu9e/8mn6N73NARzWWVlrNRm78WBafzolunZzK4jO5+e345dx4LZaO/1im2kGNAn2qXfNf7YsPmv+JAfM/eeD8A2VaW994tdhqNd/+4WLv1jGK81yI0Zxn7IvNEX6ZFv/g4nr8FW0UXpR9ZwIOW/3d6pv62vrGxZXVxeXmcvP19NxM48rs7Fzjaj17s6/nvt/7uQ1HXOeh39n3ucyGAAAAAAAAAIChPY2IZ2U3AQAAjMU4/k5U9jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcPR9DwAA//8E0dEY")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000080)='./file0\x00')
open(&(0x7f0000000080)='./file1\x00', 0x0, 0x0)

1.620044099s ago: executing program 0 (id=554):
tgkill(0x0, 0x0, 0x3d)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$NFT_MSG_GETOBJ_RESET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x15, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_USERDATA={0x3a, 0x8, "57b56b47bfc4a2a1a600689012ecec31d32afb6802ccb299af6b5549c6295442135175f055b7067eb3168f44168669d89a6e44df9a52"}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x68}}, 0x0)
socket$unix(0x1, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000300)={'mangle\x00', 0x2, [{}, {}]}, 0x48)
ptrace$peekuser(0x3, 0x0, 0x6)
r1 = socket$packet(0x11, 0x0, 0x300)
write$binfmt_elf64(r1, &(0x7f0000000380)={{0x7f, 0x45, 0x4c, 0x46, 0x69, 0x98, 0x3, 0x9, 0x4, 0x3, 0x6, 0x6, 0x19e, 0x40, 0x331, 0x43, 0x401, 0x38, 0x1, 0x8}, [{0x6, 0x9, 0x0, 0x2, 0x100, 0x1, 0x5}], "", ['\x00', '\x00', '\x00']}, 0x378)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000c80)={0x0}, 0x1, 0x0, 0x0, 0x20008800}, 0xc5)
r3 = syz_open_procfs$userns(0x0, &(0x7f0000000d40))
mount_setattr(0xffffffffffffff9c, 0x0, 0x1000, &(0x7f0000000d80)={0x0, 0x100071, 0x9dde701ae2628b3c, {r3}}, 0x20)
r4 = pidfd_getfd(0xffffffffffffffff, r2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2f, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x107, 0xd, 0x0, 0x0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f0000001080)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x1)
syz_open_procfs$userns(0x0, &(0x7f00000010c0))
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f00000011c0)={&(0x7f0000001100)=""/169, 0xa9})
openat$snapshot(0xffffffffffffff9c, &(0x7f0000001200), 0x0, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r4, 0x80045515, 0x0)

1.372234479s ago: executing program 4 (id=555):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448e7, &(0x7f0000000100)="f681e587f267fa86553608edb79339a04ad0666e05b177eb177eafde158999527d4241168e5621dfe60c86412eea57ad466c0133575ee34bf3bc047d41ba15a39cafa4b121a81b95d864dc59af38ded34215ed8a9850daeac1636bea59ad84c0bdff5a8881c8c027dabb6185d5b51b561040f9a6a569a20ad2c68d59ed080fe4eb84c20f4b13a5f06ca30d87e728b880e0cf7ca4c4ef10548bf0bbcb49f1d252a5c41130ee65b6a7a573e7c35217d9aeb6b9920de815d9c7cf77c9103850b51dfd8699863307aa62b30f4ff17e22e9bc96b13fd27bda7aeb6ff251003be4ebbf0784cfa440382f94d6327bdb7560fd375b354fe1540aa21c83b3eee4523b549bf3f34d8d6b7ba8ace06c7acb9fad6a8a6c5cb0aeff0985fd008bf1d46ebffa")
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000540), 0x0)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0x10)
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$int_in(r3, 0x5452, &(0x7f0000000140)=0x10000)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x4e0, 0x2f0, 0xb, 0x148, 0x2f0, 0x148, 0x448, 0x240, 0x240, 0x448, 0x215, 0x3, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth0\x00'}, 0x0, 0x2c8, 0x2f0, 0x0, {0xff0f000000000000}, [@common=@inet=@socket1={{0x258, 'socket\x00', 0x2}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0xec010000, 0x138, 0x158, 0x0, {}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@private1, [], @ipv6=@local, [], @ipv4=@broadcast, [], @ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x540)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f0000000480)=[{&(0x7f0000000180)="480000001400197f09004b0101048c590288ffffff010001000000000028213ee20600d4ff5bffff00c7e5ed5e00000000000000000000eaf60d18125d4b18857a9eace3dbe8b12c", 0xfe0e}], 0x1)
socket(0x2, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nbd(&(0x7f0000000c00), r8)
sendmsg$NBD_CMD_CONNECT(r8, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000100)={0x2c, r9, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SOCKETS={0xc, 0x7, 0x0, 0x1, [{0x8, 0x1, r7}]}, @NBD_ATTR_SIZE_BYTES={0xc}]}, 0x2c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000))
sendfile(r4, r6, 0x0, 0x6)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r11=>0x0}, &(0x7f0000000040)=0x8)
dup2(r2, r1)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x209, 0x0, 0x6, r11}, &(0x7f00000003c0)=0x10)
r12 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_QUERYBUF(r12, 0xc0585609, &(0x7f0000000080)=@mmap={0x0, 0x8, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "ecb53b60"}})
writev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff81054e220000000058000b480400945f64009400050038925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002080800418e00000504fcff", 0x58}], 0x1)

1.153340857s ago: executing program 0 (id=556):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(r0, &(0x7f0000000040)='net/ptype\x00')
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x0)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180), 0x4)
syz_open_procfs(0x0, &(0x7f00000011c0)='cmdline\x00')
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4)
syz_emit_ethernet(0x3e, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
splice(r5, 0x0, r4, 0x0, 0x406f413, 0x0)

0s ago: executing program 4 (id=557):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000004c0)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48)

kernel console output (not intermixed with test programs):

=0 arch=c000003e syscall=16 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  115.498625][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  115.522292][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  115.552707][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  115.560994][   T27] audit: type=1326 audit(1722485913.488:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4247 comm="syz.0.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  115.584002][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  115.587901][   T26] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0004/input/input16
[  115.646280][ T4229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.683230][   T27] audit: type=1326 audit(1722485913.488:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4247 comm="syz.0.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  115.684025][ T4147] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  115.725781][   T26] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0004/input/input17
[  115.764914][   T26] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0004/input/input18
[  115.777632][   T48] Bluetooth: hci1: command tx timeout
[  115.795149][ T4147] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  115.836352][   T27] audit: type=1326 audit(1722485913.488:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4247 comm="syz.0.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  115.880881][   T26] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0004/input/input19
[  115.913395][   T27] audit: type=1326 audit(1722485913.488:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4247 comm="syz.0.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f67309791d7 code=0x7ffc0000
[  115.950624][   T26] uclogic 0003:256C:006D.0004: input,hiddev0,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[  115.973808][   T26] usb 2-1: USB disconnect, device number 4
[  115.989746][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  116.045500][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  116.070680][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  116.095235][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  116.114602][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  116.132343][ T4229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  116.141708][ T3690] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  116.213449][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  116.258704][ T4229] team0: Port device team_slave_0 added
[  116.296441][ T4229] team0: Port device team_slave_1 added
[  116.393359][ T3690] usb 4-1: Using ep0 maxpacket: 16
[  116.513095][ T3821] bio_check_eod: 79721 callbacks suppressed
[  116.513117][ T3821] syz.0.35: attempt to access beyond end of device
[  116.513117][ T3821] loop0: rw=3, sector=8993007018608, nr_sectors = 8388600 limit=2048
[  116.553401][ T3690] usb 4-1: config 0 has an invalid interface number: 7 but max is 0
[  116.561462][ T3690] usb 4-1: config 0 has no interface number 0
[  116.567269][ T4263] binder_alloc: binder_alloc_mmap_handler: 4262 20ffd000-20fff000 already mapped failed -16
[  116.579577][ T3821] syz.0.35: attempt to access beyond end of device
[  116.579577][ T3821] loop0: rw=3, sector=8993015407208, nr_sectors = 8388600 limit=2048
[  116.603058][ T3690] usb 4-1: config 0 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  116.634362][ T3690] usb 4-1: config 0 interface 7 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  116.634553][ T3821] syz.0.35: attempt to access beyond end of device
[  116.634553][ T3821] loop0: rw=3, sector=8993023795808, nr_sectors = 8388600 limit=2048
[  116.692750][ T3690] usb 4-1: config 0 interface 7 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  116.773137][ T3690] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 4.00
[  116.782433][ T3690] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.926688][ T3690] usb 4-1: config 0 descriptor??
[  116.937544][ T4229] batman_adv: batadv0: Adding interface: batadv_slave_0
[  116.945214][ T3821] syz.0.35: attempt to access beyond end of device
[  116.945214][ T3821] loop0: rw=3, sector=8993032184408, nr_sectors = 8388600 limit=2048
[  116.955015][ T4229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  116.977107][ T3690] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.7/input/input20
[  116.998035][ T3821] syz.0.35: attempt to access beyond end of device
[  116.998035][ T3821] loop0: rw=3, sector=8993040573008, nr_sectors = 8388600 limit=2048
[  117.021457][ T3821] syz.0.35: attempt to access beyond end of device
[  117.021457][ T3821] loop0: rw=3, sector=8993048961608, nr_sectors = 8388600 limit=2048
[  117.057079][ T3821] syz.0.35: attempt to access beyond end of device
[  117.057079][ T3821] loop0: rw=3, sector=8993057350208, nr_sectors = 8388600 limit=2048
[  117.066653][ T4229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  117.072478][ T4267] loop1: detected capacity change from 0 to 1024
[  117.089464][ T3821] syz.0.35: attempt to access beyond end of device
[  117.089464][ T3821] loop0: rw=3, sector=8993065738808, nr_sectors = 8388600 limit=2048
[  117.106439][ T3821] syz.0.35: attempt to access beyond end of device
[  117.106439][ T3821] loop0: rw=3, sector=8993074127408, nr_sectors = 8388600 limit=2048
[  117.140189][ T4229] batman_adv: batadv0: Adding interface: batadv_slave_1
[  117.176550][ T4229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.210427][ T3691] usb 4-1: USB disconnect, device number 3
[  117.290920][ T4229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  117.304978][ T3821] syz.0.35: attempt to access beyond end of device
[  117.304978][ T3821] loop0: rw=3, sector=8993082516008, nr_sectors = 8388600 limit=2048
[  117.476748][ T4229] device hsr_slave_0 entered promiscuous mode
[  117.505037][ T4229] device hsr_slave_1 entered promiscuous mode
[  117.843517][ T3658] Bluetooth: hci1: command tx timeout
[  117.907408][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  117.944903][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  117.955676][ T4277] loop3: detected capacity change from 0 to 65
[  117.956620][ T4147] 8021q: adding VLAN 0 to HW filter on device batadv0
[  118.268987][ T4277] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing
[  118.357357][ T4277] BFS-fs: bfs_fill_super(): NOTE: filesystem loop3 was created with 512 inodes, the real maximum is 511, mounting anyway
[  118.364145][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  118.399313][ T4277] BFS-fs: bfs_fill_super(): Last block not available on loop3: 262208
[  118.401667][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  118.497431][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  118.506994][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  118.597132][ T4229] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.630671][ T4147] device veth0_vlan entered promiscuous mode
[  118.661960][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  118.676969][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  118.719575][ T4147] device veth1_vlan entered promiscuous mode
[  118.792622][ T4273] loop1: detected capacity change from 0 to 32768
[  118.802419][ T4229] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.930880][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  118.939299][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  118.948007][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  118.958855][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  119.016113][ T4273] XFS (loop1): Mounting V5 Filesystem
[  119.060925][ T4229] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.111690][ T4273] XFS (loop1): Ending clean mount
[  119.123569][ T4147] device veth0_macvtap entered promiscuous mode
[  119.137094][ T4147] device veth1_macvtap entered promiscuous mode
[  119.145930][ T4273] XFS (loop1): Quotacheck needed: Please wait.
[  119.205415][ T4229] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.255453][ T4147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.287181][ T4273] XFS (loop1): Quotacheck: Done.
[  119.294748][ T4147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.306048][ T4147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.316674][ T4147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.326661][ T4147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.337201][ T4147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.347179][ T4147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.368935][ T4147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.402456][ T4147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.440935][ T4147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.476629][ T4147] batman_adv: batadv0: Interface activated: batadv_slave_0
[  119.508533][ T4081] XFS (loop1): Unmounting Filesystem
[  119.519339][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  119.529069][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  119.549050][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  119.574550][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  119.618843][ T4147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.641093][ T4147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.678057][ T4147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.697718][ T4147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.734718][ T4147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.761896][ T4147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.800553][ T4147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.821337][ T4147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.835231][ T4147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.851698][ T4147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.903090][ T4147] batman_adv: batadv0: Interface activated: batadv_slave_1
[  119.912086][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  119.923511][ T3658] Bluetooth: hci1: command tx timeout
[  119.954710][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  119.987321][ T4147] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.033073][ T4147] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.061148][ T4147] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.070997][ T4302] cgroup: noprefix used incorrectly
[  120.095256][ T4147] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.133747][   T48] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  120.149177][   T48] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  120.157569][   T48] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  120.166631][   T48] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  120.178974][   T48] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  120.188519][   T48] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  120.647101][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.675788][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.820091][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  121.534842][ T3821] bio_check_eod: 32225 callbacks suppressed
[  121.534865][ T3821] syz.0.35: attempt to access beyond end of device
[  121.534865][ T3821] loop0: rw=3, sector=9263413539608, nr_sectors = 8388600 limit=2048
[  121.555831][ T3821] syz.0.35: attempt to access beyond end of device
[  121.555831][ T3821] loop0: rw=3, sector=9263421928208, nr_sectors = 8388600 limit=2048
[  121.571154][ T3821] syz.0.35: attempt to access beyond end of device
[  121.571154][ T3821] loop0: rw=3, sector=9263430316808, nr_sectors = 8388600 limit=2048
[  121.571739][ T4229] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  121.612193][ T3821] syz.0.35: attempt to access beyond end of device
[  121.612193][ T3821] loop0: rw=3, sector=9263438705408, nr_sectors = 8388600 limit=2048
[  121.635261][ T3821] syz.0.35: attempt to access beyond end of device
[  121.635261][ T3821] loop0: rw=3, sector=9263447094008, nr_sectors = 8388600 limit=2048
[  121.646892][   T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.651515][ T3821] syz.0.35: attempt to access beyond end of device
[  121.651515][ T3821] loop0: rw=3, sector=9263455482608, nr_sectors = 8388600 limit=2048
[  121.689097][   T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.720898][ T3821] syz.0.35: attempt to access beyond end of device
[  121.720898][ T3821] loop0: rw=3, sector=9263463871208, nr_sectors = 8388600 limit=2048
[  121.752370][ T3821] syz.0.35: attempt to access beyond end of device
[  121.752370][ T3821] loop0: rw=3, sector=9263472259808, nr_sectors = 8388600 limit=2048
[  121.795730][ T3821] syz.0.35: attempt to access beyond end of device
[  121.795730][ T3821] loop0: rw=3, sector=9263480648408, nr_sectors = 8388600 limit=2048
[  121.811408][ T3821] syz.0.35: attempt to access beyond end of device
[  121.811408][ T3821] loop0: rw=3, sector=9263489037008, nr_sectors = 8388600 limit=2048
[  121.846552][ T3382] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  121.875528][ T4229] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  121.883407][  T153] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  121.899265][ T4229] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  121.961651][ T4303] chnl_net:caif_netlink_parms(): no params data found
[  121.991128][ T4229] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  122.003289][ T3658] Bluetooth: hci1: command tx timeout
[  122.133258][  T153] usb 4-1: Using ep0 maxpacket: 16
[  122.243410][ T3658] Bluetooth: hci6: command tx timeout
[  122.273616][  T153] usb 4-1: config 0 has an invalid interface number: 7 but max is 0
[  122.281661][  T153] usb 4-1: config 0 has no interface number 0
[  122.320806][  T153] usb 4-1: config 0 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  122.333207][ T3658] Bluetooth: hci2: command 0x0406 tx timeout
[  122.364998][  T153] usb 4-1: config 0 interface 7 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  122.407075][  T153] usb 4-1: config 0 interface 7 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  122.436793][ T4324] loop2: detected capacity change from 0 to 2364
[  122.461834][  T153] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 4.00
[  122.486058][  T153] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.531350][  T153] usb 4-1: config 0 descriptor??
[  122.576464][ T4303] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.586848][  T153] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.7/input/input21
[  122.608941][ T4303] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.620003][ T4303] device bridge_slave_0 entered promiscuous mode
[  122.814433][ T3382] usb 4-1: USB disconnect, device number 4
[  123.490950][ T4303] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.556689][ T4303] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.622509][ T4303] device bridge_slave_1 entered promiscuous mode
[  125.173944][   T48] Bluetooth: hci6: command tx timeout
[  125.366904][ T4229] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.461377][ T4344] loop2: detected capacity change from 0 to 2048
[  125.494901][ T4229] 8021q: adding VLAN 0 to HW filter on device team0
[  125.506326][ T4303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  125.526622][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  125.536164][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  125.565202][ T4344] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  125.596872][ T4344] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  125.611409][ T4347] loop3: detected capacity change from 0 to 2048
[  125.623468][ T4344] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  125.636801][ T4303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  125.641231][ T4347] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  125.656217][ T4344] UDF-fs: Scanning with blocksize 512 failed
[  125.686572][ T4344] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  125.695605][ T4344] UDF-fs: Scanning with blocksize 1024 failed
[  125.735806][ T4344] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  125.757545][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  125.773829][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  125.782606][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.789783][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.795317][ T4344] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  125.813390][ T4344] UDF-fs: Scanning with blocksize 2048 failed
[  125.833399][ T4344] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  125.855159][ T4344] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  125.894596][ T4344] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  125.902291][ T4344] UDF-fs: Scanning with blocksize 4096 failed
[  125.953230][ T4344] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[  126.027051][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  126.037622][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  126.080746][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  126.097132][ T4354] loop3: detected capacity change from 0 to 2364
[  126.110689][ T3690] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.117919][ T3690] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.146906][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  126.174281][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  126.202300][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  126.213213][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  126.222774][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  126.244080][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  126.278267][ T4303] team0: Port device team_slave_0 added
[  126.317477][ T4363] loop3: detected capacity change from 0 to 128
[  126.338372][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  126.354238][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  126.364211][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  126.373069][ T4364] usb usb9: usbfs: process 4364 (syz.0.155) did not claim interface 1 before use
[  126.384841][ T4303] team0: Port device team_slave_1 added
[  126.552188][ T3821] bio_check_eod: 59537 callbacks suppressed
[  126.552209][ T3821] syz.0.35: attempt to access beyond end of device
[  126.552209][ T3821] loop0: rw=3, sector=9762929503808, nr_sectors = 8388600 limit=2048
[  126.586436][ T3821] syz.0.35: attempt to access beyond end of device
[  126.586436][ T3821] loop0: rw=3, sector=9762937892408, nr_sectors = 8388600 limit=2048
[  127.314907][   T48] Bluetooth: hci6: command tx timeout
[  127.488110][ T4229] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  127.644023][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  127.656033][ T3821] syz.0.35: attempt to access beyond end of device
[  127.656033][ T3821] loop0: rw=3, sector=9762946281008, nr_sectors = 8388600 limit=2048
[  127.763455][ T3821] syz.0.35: attempt to access beyond end of device
[  127.763455][ T3821] loop0: rw=3, sector=9762954669608, nr_sectors = 8388600 limit=2048
[  127.854864][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  127.873702][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  127.888513][ T3821] syz.0.35: attempt to access beyond end of device
[  127.888513][ T3821] loop0: rw=3, sector=9762963058208, nr_sectors = 8388600 limit=2048
[  127.903511][ T3821] syz.0.35: attempt to access beyond end of device
[  127.903511][ T3821] loop0: rw=3, sector=9762971446808, nr_sectors = 8388600 limit=2048
[  127.923064][ T3821] syz.0.35: attempt to access beyond end of device
[  127.923064][ T3821] loop0: rw=3, sector=9762979835408, nr_sectors = 8388600 limit=2048
[  127.966847][ T3821] syz.0.35: attempt to access beyond end of device
[  127.966847][ T3821] loop0: rw=3, sector=9762988224008, nr_sectors = 8388600 limit=2048
[  127.983420][ T4303] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.990393][ T4303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.050589][ T3821] syz.0.35: attempt to access beyond end of device
[  128.050589][ T3821] loop0: rw=3, sector=9762996612608, nr_sectors = 8388600 limit=2048
[  128.067585][ T3821] syz.0.35: attempt to access beyond end of device
[  128.067585][ T3821] loop0: rw=3, sector=9763005001208, nr_sectors = 8388600 limit=2048
[  128.102049][ T4303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.151064][ T4303] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.177408][ T4303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.253841][ T4303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.299359][ T4383] loop3: detected capacity change from 0 to 2048
[  128.343169][ T3740] device hsr_slave_0 left promiscuous mode
[  128.360111][ T3740] device hsr_slave_1 left promiscuous mode
[  128.367834][ T4383] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  128.381988][ T3740] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.403794][ T3740] batman_adv: batadv0: Removing interface: batadv_slave_0
[  128.413386][ T4383] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  128.433677][ T3740] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.441165][ T3740] batman_adv: batadv0: Removing interface: batadv_slave_1
[  128.466048][ T4383] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  128.477770][ T4383] UDF-fs: Scanning with blocksize 512 failed
[  128.511821][ T3740] device bridge_slave_1 left promiscuous mode
[  128.518305][ T4383] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  128.526257][ T3740] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.538879][ T4383] UDF-fs: Scanning with blocksize 1024 failed
[  128.657085][ T3740] device bridge_slave_0 left promiscuous mode
[  128.676341][ T3740] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.708351][ T4383] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  128.821667][ T4383] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  128.928017][ T4383] UDF-fs: Scanning with blocksize 2048 failed
[  129.005794][ T3740] device veth1_macvtap left promiscuous mode
[  129.049022][ T4383] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  129.078579][ T3740] device veth0_macvtap left promiscuous mode
[  129.135077][ T3740] device veth1_vlan left promiscuous mode
[  129.168736][ T4383] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  129.207564][ T3740] device veth0_vlan left promiscuous mode
[  129.295164][ T4383] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  129.331389][ T4383] UDF-fs: Scanning with blocksize 4096 failed
[  129.341330][ T4383] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1)
[  129.363482][   T48] Bluetooth: hci6: command tx timeout
[  129.379870][ T4398] loop2: detected capacity change from 0 to 8
[  129.705575][ T4404] loop3: detected capacity change from 0 to 2364
[  131.553216][ T3821] bio_check_eod: 17178 callbacks suppressed
[  131.553334][ T3821] syz.0.35: attempt to access beyond end of device
[  131.553334][ T3821] loop0: rw=3, sector=9907112760608, nr_sectors = 8388600 limit=2048
[  131.612397][ T3821] syz.0.35: attempt to access beyond end of device
[  131.612397][ T3821] loop0: rw=3, sector=9907121149208, nr_sectors = 8388600 limit=2048
[  131.641138][ T3821] syz.0.35: attempt to access beyond end of device
[  131.641138][ T3821] loop0: rw=3, sector=9907129537808, nr_sectors = 8388600 limit=2048
[  131.692290][ T3821] syz.0.35: attempt to access beyond end of device
[  131.692290][ T3821] loop0: rw=3, sector=9907137926408, nr_sectors = 8388600 limit=2048
[  131.740585][ T3821] syz.0.35: attempt to access beyond end of device
[  131.740585][ T3821] loop0: rw=3, sector=9907146315008, nr_sectors = 8388600 limit=2048
[  131.791078][ T3821] syz.0.35: attempt to access beyond end of device
[  131.791078][ T3821] loop0: rw=3, sector=9907154703608, nr_sectors = 8388600 limit=2048
[  131.804226][ T4406] sched: RT throttling activated
[  131.815918][ T3821] syz.0.35: attempt to access beyond end of device
[  131.815918][ T3821] loop0: rw=3, sector=9907163092208, nr_sectors = 8388600 limit=2048
[  131.830560][ T3821] syz.0.35: attempt to access beyond end of device
[  131.830560][ T3821] loop0: rw=3, sector=9907171480808, nr_sectors = 8388600 limit=2048
[  131.834678][    T7] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  131.845513][ T3821] syz.0.35: attempt to access beyond end of device
[  131.845513][ T3821] loop0: rw=3, sector=9907179869408, nr_sectors = 8388600 limit=2048
[  131.963333][ T3821] syz.0.35: attempt to access beyond end of device
[  131.963333][ T3821] loop0: rw=3, sector=9907188258008, nr_sectors = 8388600 limit=2048
[  132.143129][    T7] usb 4-1: Using ep0 maxpacket: 16
[  132.411773][    T7] usb 4-1: config 0 has an invalid interface number: 7 but max is 0
[  132.419950][    T7] usb 4-1: config 0 has no interface number 0
[  132.433641][    T7] usb 4-1: config 0 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  132.452531][    T7] usb 4-1: config 0 interface 7 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  132.473133][    T7] usb 4-1: config 0 interface 7 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  132.505675][    T7] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 4.00
[  132.520709][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.541598][    T7] usb 4-1: config 0 descriptor??
[  132.564528][ T4415] loop2: detected capacity change from 0 to 2048
[  132.589735][ T4415] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  132.641700][    T7] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.7/input/input22
[  132.667490][ T3740] team0 (unregistering): Port device team_slave_1 removed
[  132.724865][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  132.731256][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  132.788301][ T3740] team0 (unregistering): Port device team_slave_0 removed
[  132.888651][ T3689] usb 4-1: USB disconnect, device number 5
[  132.917748][ T3740] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  133.015542][ T3740] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  133.407581][ T4424] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  133.890896][ T3740] bond0 (unregistering): Released all slaves
[  134.053413][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  134.060902][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  134.204564][ T4229] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.286859][ T4303] device hsr_slave_0 entered promiscuous mode
[  134.315296][ T4303] device hsr_slave_1 entered promiscuous mode
[  134.328423][ T4303] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  134.340695][ T4303] Cannot create hsr debugfs directory
[  134.671442][ T4303] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.806313][ T4303] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.979523][ T4303] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.131097][ T4303] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.234366][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  135.254687][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  135.298407][ T4455] loop3: detected capacity change from 0 to 8
[  135.343153][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  135.361766][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  135.374020][ T4229] device veth0_vlan entered promiscuous mode
[  135.381792][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  135.390594][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  135.417834][ T4229] device veth1_vlan entered promiscuous mode
[  135.511130][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  135.529419][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  135.542347][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  135.560242][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  135.572451][ T4229] device veth0_macvtap entered promiscuous mode
[  135.615635][ T4229] device veth1_macvtap entered promiscuous mode
[  135.638523][ T4303] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  135.678341][ T4303] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  135.709917][ T4229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.735968][ T4229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.794477][ T4229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.831556][ T4229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.860605][ T4229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.871757][ T4229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.881700][ T4229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.892326][ T4229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.902839][ T4229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.917042][ T4229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.937647][ T4229] batman_adv: batadv0: Interface activated: batadv_slave_0
[  135.985826][ T4303] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  136.031056][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  136.042533][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  136.067912][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  136.100321][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  136.141671][ T4303] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  136.176760][ T4229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.207442][ T4229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.250225][ T4229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.305905][ T4229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.353624][ T4229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.436709][ T4229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.489157][ T4229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.524575][ T4229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.558738][ T4229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.585589][ T4229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.587400][ T3821] bio_check_eod: 95999 callbacks suppressed
[  136.587419][ T3821] syz.0.35: attempt to access beyond end of device
[  136.587419][ T3821] loop0: rw=3, sector=10712493858008, nr_sectors = 8388600 limit=2048
[  136.615059][ T4229] batman_adv: batadv0: Interface activated: batadv_slave_1
[  136.650402][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  136.661954][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  136.686353][ T4229] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.707317][ T4229] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.740366][ T4229] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.743077][ T3821] syz.0.35: attempt to access beyond end of device
[  136.743077][ T3821] loop0: rw=3, sector=10712502246608, nr_sectors = 8388600 limit=2048
[  136.753173][ T4229] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.801428][ T3821] syz.0.35: attempt to access beyond end of device
[  136.801428][ T3821] loop0: rw=3, sector=10712510635208, nr_sectors = 8388600 limit=2048
[  136.874463][ T3821] syz.0.35: attempt to access beyond end of device
[  136.874463][ T3821] loop0: rw=3, sector=10712519023808, nr_sectors = 8388600 limit=2048
[  136.961129][ T3821] syz.0.35: attempt to access beyond end of device
[  136.961129][ T3821] loop0: rw=3, sector=10712527412408, nr_sectors = 8388600 limit=2048
[  137.044468][ T3821] syz.0.35: attempt to access beyond end of device
[  137.044468][ T3821] loop0: rw=3, sector=10712535801008, nr_sectors = 8388600 limit=2048
[  137.095274][ T4303] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.104350][ T3821] syz.0.35: attempt to access beyond end of device
[  137.104350][ T3821] loop0: rw=3, sector=10712544189608, nr_sectors = 8388600 limit=2048
[  137.133423][  T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.141801][  T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.183654][ T3821] syz.0.35: attempt to access beyond end of device
[  137.183654][ T3821] loop0: rw=3, sector=10712552578208, nr_sectors = 8388600 limit=2048
[  137.224639][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  137.232793][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  137.264184][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  137.276222][ T3821] syz.0.35: attempt to access beyond end of device
[  137.276222][ T3821] loop0: rw=3, sector=10712560966808, nr_sectors = 8388600 limit=2048
[  137.327835][ T4303] 8021q: adding VLAN 0 to HW filter on device team0
[  137.352076][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  137.352859][  T102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.377216][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  137.399275][ T3690] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.406452][ T3690] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.414354][  T102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.433078][ T3821] syz.0.35: attempt to access beyond end of device
[  137.433078][ T3821] loop0: rw=3, sector=10712569355408, nr_sectors = 8388600 limit=2048
[  137.514270][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  137.522328][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  137.550586][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  137.578198][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  137.603803][ T3686] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.610965][ T3686] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.653310][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  137.662377][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  137.713168][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  137.735728][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  137.754012][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  137.774569][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  137.825412][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  137.842173][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  137.866478][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  137.896239][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  137.923809][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  137.954705][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  139.654438][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  139.662012][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  139.674640][ T4303] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.779561][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  139.789543][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  139.809936][ T4303] device veth0_vlan entered promiscuous mode
[  139.813477][ T3382] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  140.016369][ T4303] device veth1_vlan entered promiscuous mode
[  140.044083][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  140.054654][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  140.067583][ T4521] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  140.071435][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  140.079049][ T3382] usb 3-1: Using ep0 maxpacket: 16
[  140.175674][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  140.189545][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  140.213853][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  140.243247][ T3382] usb 3-1: config 0 interface 0 has no altsetting 0
[  140.273868][ T4303] device veth0_macvtap entered promiscuous mode
[  140.314327][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  140.324399][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  140.386075][ T4303] device veth1_macvtap entered promiscuous mode
[  140.394139][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  140.404585][ T3382] usb 3-1: New USB device found, idVendor=05ac, idProduct=abdf, bcdDevice=3d.49
[  140.413293][ T4335] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  140.434876][ T3382] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.457005][ T3382] usb 3-1: Product: syz
[  140.461230][ T3382] usb 3-1: Manufacturer: syz
[  140.475714][ T4534] loop3: detected capacity change from 0 to 128
[  140.486626][ T3382] usb 3-1: SerialNumber: syz
[  140.523123][ T3382] usb 3-1: config 0 descriptor??
[  140.704250][ T3382] ipheth 3-1:0.0: Unable to find endpoints
[  142.661605][ T3821] bio_check_eod: 28708 callbacks suppressed
[  142.661627][ T3821] syz.0.35: attempt to access beyond end of device
[  142.661627][ T3821] loop0: rw=3, sector=10953397672808, nr_sectors = 8388600 limit=2048
[  143.699419][ T3821] syz.0.35: attempt to access beyond end of device
[  143.699419][ T3821] loop0: rw=3, sector=10953406061408, nr_sectors = 8388600 limit=2048
[  144.027719][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.060333][ T3821] syz.0.35: attempt to access beyond end of device
[  144.060333][ T3821] loop0: rw=3, sector=10953414450008, nr_sectors = 8388600 limit=2048
[  144.069071][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.076248][ T3821] syz.0.35: attempt to access beyond end of device
[  144.076248][ T3821] loop0: rw=3, sector=10953422838608, nr_sectors = 8388600 limit=2048
[  144.108185][    T7] usb 3-1: USB disconnect, device number 3
[  144.128736][ T3821] syz.0.35: attempt to access beyond end of device
[  144.128736][ T3821] loop0: rw=3, sector=10953431227208, nr_sectors = 8388600 limit=2048
[  144.145116][ T3821] syz.0.35: attempt to access beyond end of device
[  144.145116][ T3821] loop0: rw=3, sector=10953439615808, nr_sectors = 8388600 limit=2048
[  144.145161][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.160120][ T3821] syz.0.35: attempt to access beyond end of device
[  144.160120][ T3821] loop0: rw=3, sector=10953448004408, nr_sectors = 8388600 limit=2048
[  144.190129][ T3821] syz.0.35: attempt to access beyond end of device
[  144.190129][ T3821] loop0: rw=3, sector=10953456393008, nr_sectors = 8388600 limit=2048
[  144.221019][ T3821] syz.0.35: attempt to access beyond end of device
[  144.221019][ T3821] loop0: rw=3, sector=10953464781608, nr_sectors = 8388600 limit=2048
[  144.238059][ T3821] syz.0.35: attempt to access beyond end of device
[  144.238059][ T3821] loop0: rw=3, sector=10953473170208, nr_sectors = 8388600 limit=2048
[  144.262950][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.290558][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.301223][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.319277][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.331335][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.349943][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.368682][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.379777][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.397281][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.427063][ T4303] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.483800][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  144.492597][ T3720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  144.532729][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.584781][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.594743][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.605324][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.615226][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.625852][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.627403][    T7] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  144.635847][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.663301][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.676704][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.690371][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.710699][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.749480][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.771017][ T4303] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.783656][ T4154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  144.792465][ T4154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  144.875906][ T4303] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.901249][ T4303] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.917344][ T4303] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.940274][ T4303] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.054198][    T7] usb 3-1: config 0 has no interfaces?
[  145.059738][    T7] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  145.082130][    T7] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.104404][    T7] usb 3-1: config 0 descriptor??
[  145.274481][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.282548][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.364455][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  145.530375][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.564197][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.708959][ T4562] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  145.777531][ T4564] vcan0: tx address claim with dlc 1
[  145.832071][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  145.908555][ T3740] device hsr_slave_0 left promiscuous mode
[  146.016502][ T4569] binder_alloc: binder_alloc_mmap_handler: 4568 20ffd000-20fff000 already mapped failed -16
[  146.112371][ T3740] device hsr_slave_1 left promiscuous mode
[  146.139064][ T3740] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  146.195567][ T3740] batman_adv: batadv0: Removing interface: batadv_slave_0
[  146.230744][ T3740] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  146.305467][ T3740] batman_adv: batadv0: Removing interface: batadv_slave_1
[  146.534278][ T3740] device bridge_slave_1 left promiscuous mode
[  146.679433][ T3740] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.825950][ T4577] loop1: detected capacity change from 0 to 8
[  146.835250][ T3740] device bridge_slave_0 left promiscuous mode
[  146.841701][ T3740] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.125508][ T3740] device veth1_macvtap left promiscuous mode
[  147.141622][ T3740] device veth0_macvtap left promiscuous mode
[  147.163281][ T3740] device veth1_vlan left promiscuous mode
[  147.189626][ T3740] device veth0_vlan left promiscuous mode
[  147.469631][ T4601] vcan0: tx address claim with dlc 1
[  147.663167][ T3821] bio_check_eod: 41651 callbacks suppressed
[  147.663187][ T3821] syz.0.35: attempt to access beyond end of device
[  147.663187][ T3821] loop0: rw=3, sector=11302875137408, nr_sectors = 8388600 limit=2048
[  147.844255][ T3821] syz.0.35: attempt to access beyond end of device
[  147.844255][ T3821] loop0: rw=3, sector=11302883526008, nr_sectors = 8388600 limit=2048
[  147.940040][ T3821] syz.0.35: attempt to access beyond end of device
[  147.940040][ T3821] loop0: rw=3, sector=11302891914608, nr_sectors = 8388600 limit=2048
[  148.045151][ T3821] syz.0.35: attempt to access beyond end of device
[  148.045151][ T3821] loop0: rw=3, sector=11302900303208, nr_sectors = 8388600 limit=2048
[  148.150485][ T4616] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.164083][ T3821] syz.0.35: attempt to access beyond end of device
[  148.164083][ T3821] loop0: rw=3, sector=11302908691808, nr_sectors = 8388600 limit=2048
[  148.214085][ T4616] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.281686][ T3821] syz.0.35: attempt to access beyond end of device
[  148.281686][ T3821] loop0: rw=3, sector=11302917080408, nr_sectors = 8388600 limit=2048
[  148.337600][ T3821] syz.0.35: attempt to access beyond end of device
[  148.337600][ T3821] loop0: rw=3, sector=11302925469008, nr_sectors = 8388600 limit=2048
[  148.404013][ T3821] syz.0.35: attempt to access beyond end of device
[  148.404013][ T3821] loop0: rw=3, sector=11302933857608, nr_sectors = 8388600 limit=2048
[  148.500304][ T3821] syz.0.35: attempt to access beyond end of device
[  148.500304][ T3821] loop0: rw=3, sector=11302942246208, nr_sectors = 8388600 limit=2048
[  148.600902][ T3821] syz.0.35: attempt to access beyond end of device
[  148.600902][ T3821] loop0: rw=3, sector=11302950634808, nr_sectors = 8388600 limit=2048
[  148.685085][ T4627] loop1: detected capacity change from 0 to 8
[  148.838141][ T3740] team0 (unregistering): Port device team_slave_1 removed
[  148.940231][ T3740] team0 (unregistering): Port device team_slave_0 removed
[  148.996263][ T3740] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  149.114092][ T3740] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  149.831465][ T4637] loop1: detected capacity change from 0 to 256
[  149.848312][ T4639] vcan0: tx address claim with dlc 1
[  149.853882][ T4637] exfat: Deprecated parameter 'namecase'
[  149.916919][ T4637] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x80053cc4, utbl_chksum : 0xe619d30d)
[  150.708959][ T3740] bond0 (unregistering): Released all slaves
[  150.888283][ T4603] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  151.149827][ T4670] loop4: detected capacity change from 0 to 256
[  151.177385][ T4670] exfat: Deprecated parameter 'namecase'
[  151.227179][ T4670] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x80053cc4, utbl_chksum : 0xe619d30d)
[  152.429985][   T27] kauditd_printk_skb: 30 callbacks suppressed
[  152.430022][   T27] audit: type=1326 audit(1722485950.758:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4694 comm="syz.1.271" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f74be9773b9 code=0x0
[  152.458151][    C1] vkms_vblank_simulate: vblank timer overrun
[  152.649346][ T4703] loop1: detected capacity change from 0 to 2048
[  152.699854][ T3821] bio_check_eod: 51837 callbacks suppressed
[  152.699875][ T3821] syz.0.35: attempt to access beyond end of device
[  152.699875][ T3821] loop0: rw=3, sector=11737798881608, nr_sectors = 8388600 limit=2048
[  152.779276][ T4703] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  152.816424][ T3821] syz.0.35: attempt to access beyond end of device
[  152.816424][ T3821] loop0: rw=3, sector=11737807270208, nr_sectors = 8388600 limit=2048
[  152.831256][ T3821] syz.0.35: attempt to access beyond end of device
[  152.831256][ T3821] loop0: rw=3, sector=11737815658808, nr_sectors = 8388600 limit=2048
[  152.846916][ T3821] syz.0.35: attempt to access beyond end of device
[  152.846916][ T3821] loop0: rw=3, sector=11737824047408, nr_sectors = 8388600 limit=2048
[  152.861709][ T3821] syz.0.35: attempt to access beyond end of device
[  152.861709][ T3821] loop0: rw=3, sector=11737832436008, nr_sectors = 8388600 limit=2048
[  152.876454][ T3821] syz.0.35: attempt to access beyond end of device
[  152.876454][ T3821] loop0: rw=3, sector=11737840824608, nr_sectors = 8388600 limit=2048
[  152.891211][ T3821] syz.0.35: attempt to access beyond end of device
[  152.891211][ T3821] loop0: rw=3, sector=11737849213208, nr_sectors = 8388600 limit=2048
[  152.906003][ T3821] syz.0.35: attempt to access beyond end of device
[  152.906003][ T3821] loop0: rw=3, sector=11737857601808, nr_sectors = 8388600 limit=2048
[  152.921293][ T3821] syz.0.35: attempt to access beyond end of device
[  152.921293][ T3821] loop0: rw=3, sector=11737865990408, nr_sectors = 8388600 limit=2048
[  152.936503][ T3821] syz.0.35: attempt to access beyond end of device
[  152.936503][ T3821] loop0: rw=3, sector=11737874379008, nr_sectors = 8388600 limit=2048
[  153.110022][ T4709] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  153.582204][ T4699] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  153.633136][ T4699] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 750 with error 28
[  153.673638][ T4699] EXT4-fs (loop1): This should not happen!! Data will be lost
[  153.673638][ T4699] 
[  153.703100][ T4699] EXT4-fs (loop1): Total free blocks count 0
[  153.723123][ T4699] EXT4-fs (loop1): Free/Dirty block details
[  153.729187][ T4699] EXT4-fs (loop1): free_blocks=2415919104
[  153.763307][ T4699] EXT4-fs (loop1): dirty_blocks=784
[  153.789619][ T4699] EXT4-fs (loop1): Block reservation details
[  153.823205][ T4699] EXT4-fs (loop1): i_reserved_data_blocks=47
[  154.184680][    T9] EXT4-fs (loop1): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 32 with error 28
[  155.550133][ T4746] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  156.206915][ T4739] loop3: detected capacity change from 0 to 32768
[  156.263727][ T4739] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.286 (4739)
[  156.336440][ T4739] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  156.383198][ T4739] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  156.392074][ T4739] BTRFS info (device loop3): using free space tree
[  156.608409][ T4777] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  156.654691][ T4739] BTRFS info (device loop3): enabling ssd optimizations
[  157.193329][ T4790] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  157.827932][ T3821] bio_check_eod: 29224 callbacks suppressed
[  157.827954][ T3821] syz.0.35: attempt to access beyond end of device
[  157.827954][ T3821] loop0: rw=3, sector=11983031214008, nr_sectors = 8388600 limit=2048
[  157.949879][ T3821] syz.0.35: attempt to access beyond end of device
[  157.949879][ T3821] loop0: rw=3, sector=11983039602608, nr_sectors = 8388600 limit=2048
[  157.964875][ T3821] syz.0.35: attempt to access beyond end of device
[  157.964875][ T3821] loop0: rw=3, sector=11983047991208, nr_sectors = 8388600 limit=2048
[  157.995204][ T3821] syz.0.35: attempt to access beyond end of device
[  157.995204][ T3821] loop0: rw=3, sector=11983056379808, nr_sectors = 8388600 limit=2048
[  158.048925][ T4109] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  158.155405][ T3821] syz.0.35: attempt to access beyond end of device
[  158.155405][ T3821] loop0: rw=3, sector=11983064768408, nr_sectors = 8388600 limit=2048
[  158.205940][  T153] usb 3-1: USB disconnect, device number 4
[  158.264982][ T3821] syz.0.35: attempt to access beyond end of device
[  158.264982][ T3821] loop0: rw=3, sector=11983073157008, nr_sectors = 8388600 limit=2048
[  158.397829][ T4804] netlink: 8 bytes leftover after parsing attributes in process `syz.1.306'.
[  158.408847][ T3821] syz.0.35: attempt to access beyond end of device
[  158.408847][ T3821] loop0: rw=3, sector=11983081545608, nr_sectors = 8388600 limit=2048
[  158.512990][ T3821] syz.0.35: attempt to access beyond end of device
[  158.512990][ T3821] loop0: rw=3, sector=11983089934208, nr_sectors = 8388600 limit=2048
[  158.623009][ T3821] syz.0.35: attempt to access beyond end of device
[  158.623009][ T3821] loop0: rw=3, sector=11983098322808, nr_sectors = 8388600 limit=2048
[  158.748747][ T3821] syz.0.35: attempt to access beyond end of device
[  158.748747][ T3821] loop0: rw=3, sector=11983106711408, nr_sectors = 8388600 limit=2048
[  159.408321][   T27] audit: type=1326 audit(1722485957.738:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4823 comm="syz.4.312" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f86321773b9 code=0x0
[  159.542220][ T4827] loop1: detected capacity change from 0 to 512
[  159.616241][ T4829] loop4: detected capacity change from 0 to 2048
[  159.629111][ T4827] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  159.685918][ T4827] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038 (0x7fffffff)
[  159.759936][ T4829] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  160.205508][ T4303] EXT4-fs (loop1): unmounting filesystem.
[  160.564257][ T4840] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  160.633100][ T4826] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  160.689972][ T4826] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1478 with error 28
[  160.732993][ T4826] EXT4-fs (loop4): This should not happen!! Data will be lost
[  160.732993][ T4826] 
[  160.773035][ T4826] EXT4-fs (loop4): Total free blocks count 0
[  160.783456][ T4826] EXT4-fs (loop4): Free/Dirty block details
[  160.809782][ T4826] EXT4-fs (loop4): free_blocks=2415919104
[  160.830033][ T4826] EXT4-fs (loop4): dirty_blocks=1520
[  160.846499][ T4826] EXT4-fs (loop4): Block reservation details
[  160.873078][ T4826] EXT4-fs (loop4): i_reserved_data_blocks=93
[  161.072343][ T4849] process 'syz.2.318' launched './file0' with NULL argv: empty string added
[  161.083433][ T4848] netlink: 8 bytes leftover after parsing attributes in process `syz.0.317'.
[  161.247407][ T3743] EXT4-fs (loop4): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 32 with error 28
[  161.416051][ T4858] netlink: 24 bytes leftover after parsing attributes in process `syz.2.323'.
[  161.633355][  T153] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  162.003695][  T153] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  162.024277][  T153] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  162.079213][  T153] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  162.120255][  T153] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  162.151842][  T153] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  162.353470][  T153] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  162.369767][  T153] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  162.439026][  T153] usb 1-1: Product: syz
[  162.503812][  T153] usb 1-1: Manufacturer: syz
[  162.833007][ T3821] bio_check_eod: 34262 callbacks suppressed
[  162.833110][ T3821] syz.0.35: attempt to access beyond end of device
[  162.833110][ T3821] loop0: rw=3, sector=12270525313208, nr_sectors = 8388600 limit=2048
[  163.304674][ T3821] syz.0.35: attempt to access beyond end of device
[  163.304674][ T3821] loop0: rw=3, sector=12270533701808, nr_sectors = 8388600 limit=2048
[  163.370868][ T3821] syz.0.35: attempt to access beyond end of device
[  163.370868][ T3821] loop0: rw=3, sector=12270542090408, nr_sectors = 8388600 limit=2048
[  163.386784][  T153] cdc_wdm 1-1:1.0: skipping garbage
[  163.392045][  T153] cdc_wdm 1-1:1.0: skipping garbage
[  163.398549][ T3821] syz.0.35: attempt to access beyond end of device
[  163.398549][ T3821] loop0: rw=3, sector=12270550479008, nr_sectors = 8388600 limit=2048
[  163.418444][  T153] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  163.423114][ T3821] syz.0.35: attempt to access beyond end of device
[  163.423114][ T3821] loop0: rw=3, sector=12270558867608, nr_sectors = 8388600 limit=2048
[  163.424421][  T153] cdc_wdm 1-1:1.0: Unknown control protocol
[  163.463560][ T3821] syz.0.35: attempt to access beyond end of device
[  163.463560][ T3821] loop0: rw=3, sector=12270567256208, nr_sectors = 8388600 limit=2048
[  163.478327][ T3821] syz.0.35: attempt to access beyond end of device
[  163.478327][ T3821] loop0: rw=3, sector=12270575644808, nr_sectors = 8388600 limit=2048
[  163.516285][ T3821] syz.0.35: attempt to access beyond end of device
[  163.516285][ T3821] loop0: rw=3, sector=12270584033408, nr_sectors = 8388600 limit=2048
[  163.571234][ T3821] syz.0.35: attempt to access beyond end of device
[  163.571234][ T3821] loop0: rw=3, sector=12270592422008, nr_sectors = 8388600 limit=2048
[  163.642563][  T153] usb 1-1: USB disconnect, device number 2
[  163.652049][ T3821] syz.0.35: attempt to access beyond end of device
[  163.652049][ T3821] loop0: rw=3, sector=12270600810608, nr_sectors = 8388600 limit=2048
[  163.783094][   T26] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  164.153358][   T26] usb 2-1: config 0 has no interfaces?
[  164.159122][   T26] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  164.193673][ T4886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.332'.
[  164.201496][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.243367][   T26] usb 2-1: config 0 descriptor??
[  164.335469][ T4888] device syzkaller0 entered promiscuous mode
[  164.533278][ T4895] netlink: 24 bytes leftover after parsing attributes in process `syz.0.336'.
[  165.687344][ T4919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.346'.
[  167.685078][   T48] Bluetooth: hci6: command 0x0406 tx timeout
[  167.842992][ T3821] bio_check_eod: 53635 callbacks suppressed
[  167.843013][ T3821] syz.0.35: attempt to access beyond end of device
[  167.843013][ T3821] loop0: rw=3, sector=12720531760208, nr_sectors = 8388600 limit=2048
[  167.870341][ T3821] syz.0.35: attempt to access beyond end of device
[  167.870341][ T3821] loop0: rw=3, sector=12720540148808, nr_sectors = 8388600 limit=2048
[  167.892887][ T3821] syz.0.35: attempt to access beyond end of device
[  167.892887][ T3821] loop0: rw=3, sector=12720548537408, nr_sectors = 8388600 limit=2048
[  167.931529][ T3821] syz.0.35: attempt to access beyond end of device
[  167.931529][ T3821] loop0: rw=3, sector=12720556926008, nr_sectors = 8388600 limit=2048
[  167.958494][ T3821] syz.0.35: attempt to access beyond end of device
[  167.958494][ T3821] loop0: rw=3, sector=12720565314608, nr_sectors = 8388600 limit=2048
[  167.965580][ T4930] loop4: detected capacity change from 0 to 32768
[  168.002047][ T3821] syz.0.35: attempt to access beyond end of device
[  168.002047][ T3821] loop0: rw=3, sector=12720573703208, nr_sectors = 8388600 limit=2048
[  168.025563][ T3821] syz.0.35: attempt to access beyond end of device
[  168.025563][ T3821] loop0: rw=3, sector=12720582091808, nr_sectors = 8388600 limit=2048
[  168.040635][ T3821] syz.0.35: attempt to access beyond end of device
[  168.040635][ T3821] loop0: rw=3, sector=12720590480408, nr_sectors = 8388600 limit=2048
[  168.056411][ T3821] syz.0.35: attempt to access beyond end of device
[  168.056411][ T3821] loop0: rw=3, sector=12720598869008, nr_sectors = 8388600 limit=2048
[  168.071635][ T3821] syz.0.35: attempt to access beyond end of device
[  168.071635][ T3821] loop0: rw=3, sector=12720607257608, nr_sectors = 8388600 limit=2048
[  168.121380][ T4930] XFS (loop4): Mounting V5 Filesystem
[  168.278021][ T4930] XFS (loop4): Ending clean mount
[  168.312240][ T4930] XFS (loop4): Quotacheck needed: Please wait.
[  168.397664][ T4930] XFS (loop4): Quotacheck: Done.
[  168.457847][   T27] audit: type=1804 audit(1722485966.788:61): pid=4930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.347" name="/newroot/33/file0/bus" dev="loop4" ino=9290 res=1 errno=0
[  168.569789][   T27] audit: type=1804 audit(1722485966.898:62): pid=4939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.347" name="/newroot/33/file0/bus" dev="loop4" ino=9290 res=1 errno=0
[  168.669531][   T27] audit: type=1804 audit(1722485966.998:63): pid=4939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.347" name="/newroot/33/file0/bus" dev="loop4" ino=9290 res=1 errno=0
[  168.835756][ T4229] XFS (loop4): Unmounting Filesystem
[  169.298727][ T4801] usb 2-1: USB disconnect, device number 5
[  169.676653][ T3695] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  169.933092][ T3695] usb 5-1: Using ep0 maxpacket: 8
[  170.070350][ T3695] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  170.084854][ T3695] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  170.273204][ T3695] usb 5-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=e2.d0
[  170.282637][ T3695] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.298714][ T3695] usb 5-1: Product: syz
[  170.304464][ T3695] usb 5-1: Manufacturer: syz
[  170.309186][ T3695] usb 5-1: SerialNumber: syz
[  170.321667][ T3695] usb 5-1: config 0 descriptor??
[  170.572557][ T4922] bond0: (slave erspan0): Error -99 calling set_mac_address
[  170.753114][ T3695] usb 5-1: probing VID:PID(0424:012C)   
[  170.760462][ T3695] usb 5-1: vub300 testing UNKNOWN EndPoint(0) 05
[  170.793012][ T3695] usb 5-1: vub300 ignoring EndPoint(0) 05
[  170.798807][ T3695] usb 5-1: vub300 testing UNKNOWN EndPoint(1) 0C
[  170.842968][ T3695] usb 5-1: vub300 ignoring EndPoint(1) 0C
[  170.859036][ T3695] usb 5-1: Could not find two sets of bulk-in/out endpoint pairs
[  170.885594][ T3695] vub300: probe of 5-1:0.0 failed with error -22
[  170.953184][ T3695] usb 5-1: USB disconnect, device number 5
[  170.993200][ T4952] netlink: 24 bytes leftover after parsing attributes in process `syz.3.352'.
[  171.594580][ T4976] program syz.1.363 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  171.682049][ T4975] device syzkaller0 entered promiscuous mode
[  171.819530][ T4984] netlink: 24 bytes leftover after parsing attributes in process `syz.1.366'.
[  172.867627][ T3821] bio_check_eod: 128357 callbacks suppressed
[  172.867649][ T3821] syz.0.35: attempt to access beyond end of device
[  172.867649][ T3821] loop0: rw=3, sector=13797351176408, nr_sectors = 8388600 limit=2048
[  172.933097][ T3821] syz.0.35: attempt to access beyond end of device
[  172.933097][ T3821] loop0: rw=3, sector=13797359565008, nr_sectors = 8388600 limit=2048
[  172.952547][ T3821] syz.0.35: attempt to access beyond end of device
[  172.952547][ T3821] loop0: rw=3, sector=13797367953608, nr_sectors = 8388600 limit=2048
[  172.976791][ T3821] syz.0.35: attempt to access beyond end of device
[  172.976791][ T3821] loop0: rw=3, sector=13797376342208, nr_sectors = 8388600 limit=2048
[  172.998475][ T3821] syz.0.35: attempt to access beyond end of device
[  172.998475][ T3821] loop0: rw=3, sector=13797384730808, nr_sectors = 8388600 limit=2048
[  173.023662][ T3821] syz.0.35: attempt to access beyond end of device
[  173.023662][ T3821] loop0: rw=3, sector=13797393119408, nr_sectors = 8388600 limit=2048
[  173.039471][ T3821] syz.0.35: attempt to access beyond end of device
[  173.039471][ T3821] loop0: rw=3, sector=13797401508008, nr_sectors = 8388600 limit=2048
[  173.055488][ T3821] syz.0.35: attempt to access beyond end of device
[  173.055488][ T3821] loop0: rw=3, sector=13797409896608, nr_sectors = 8388600 limit=2048
[  173.077182][ T3821] syz.0.35: attempt to access beyond end of device
[  173.077182][ T3821] loop0: rw=3, sector=13797418285208, nr_sectors = 8388600 limit=2048
[  173.100646][ T3821] syz.0.35: attempt to access beyond end of device
[  173.100646][ T3821] loop0: rw=3, sector=13797426673808, nr_sectors = 8388600 limit=2048
[  173.234630][ T4993] netlink: 4 bytes leftover after parsing attributes in process `syz.0.369'.
[  173.303017][ T3695] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  173.572970][ T3695] usb 2-1: Using ep0 maxpacket: 8
[  173.731686][ T3695] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  173.743133][ T3695] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  173.925072][ T3695] usb 2-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=e2.d0
[  173.934387][ T3695] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.943663][ T3695] usb 2-1: Product: syz
[  173.948115][ T3695] usb 2-1: Manufacturer: syz
[  173.952800][ T3695] usb 2-1: SerialNumber: syz
[  173.960112][ T3695] usb 2-1: config 0 descriptor??
[  174.353080][ T3695] usb 2-1: probing VID:PID(0424:012C)   
[  174.359671][ T3695] usb 2-1: vub300 testing UNKNOWN EndPoint(0) 05
[  174.366794][ T3695] usb 2-1: vub300 ignoring EndPoint(0) 05
[  174.372812][ T3695] usb 2-1: vub300 testing UNKNOWN EndPoint(1) 0C
[  174.379731][ T3695] usb 2-1: vub300 ignoring EndPoint(1) 0C
[  174.385918][ T3695] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs
[  174.394819][ T3695] vub300: probe of 2-1:0.0 failed with error -22
[  174.412604][ T3695] usb 2-1: USB disconnect, device number 6
[  175.828752][  T153] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  176.173015][ T3695] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  176.223159][  T153] usb 5-1: config 0 has an invalid interface number: 69 but max is 1
[  176.241557][  T153] usb 5-1: config 0 has no interface number 1
[  176.349059][ T5028] netlink: 4 bytes leftover after parsing attributes in process `syz.0.384'.
[  176.391905][ T5030] loop3: detected capacity change from 0 to 256
[  176.447692][  T153] usb 5-1: New USB device found, idVendor=1b3d, idProduct=0157, bcdDevice=a5.17
[  176.457039][ T3695] usb 2-1: Using ep0 maxpacket: 8
[  176.461454][ T5030] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  176.478937][ T5018] loop2: detected capacity change from 0 to 32768
[  176.485893][  T153] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.495900][  T153] usb 5-1: Product: syz
[  176.500705][  T153] usb 5-1: Manufacturer: syz
[  176.515483][ T5018] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.379 (5018)
[  176.528243][  T153] usb 5-1: SerialNumber: syz
[  176.536370][  T153] usb 5-1: config 0 descriptor??
[  176.546463][ T5018] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  176.561677][ T5018] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  176.571895][ T5018] BTRFS info (device loop2): using free space tree
[  176.583304][ T3695] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  176.594609][  T153] hub 5-1:0.69: bad descriptor, ignoring hub
[  176.600722][  T153] hub: probe of 5-1:0.69 failed with error -5
[  176.612966][ T3695] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  176.624001][  T153] ftdi_sio 5-1:0.69: FTDI USB Serial Device converter detected
[  176.632662][  T153] ftdi_sio ttyUSB0: unknown device type: 0xa517
[  176.688779][ T5036] loop3: detected capacity change from 0 to 256
[  176.691644][  T153] hub 5-1:0.0: bad descriptor, ignoring hub
[  176.701713][  T153] hub: probe of 5-1:0.0 failed with error -5
[  176.729159][  T153] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  176.747784][  T153] ftdi_sio ttyUSB1: unknown device type: 0xa517
[  176.813461][ T3695] usb 2-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=e2.d0
[  176.855065][ T3695] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.864372][ T5018] BTRFS info (device loop2): enabling ssd optimizations
[  176.910351][ T3695] usb 2-1: Product: syz
[  176.923131][ T3695] usb 2-1: Manufacturer: syz
[  176.933302][ T3695] usb 2-1: SerialNumber: syz
[  176.951813][ T3695] usb 2-1: config 0 descriptor??
[  176.970332][  T153] usb 5-1: USB disconnect, device number 6
[  176.991365][  T153] ftdi_sio 5-1:0.69: device disconnected
[  177.010098][  T153] ftdi_sio 5-1:0.0: device disconnected
[  177.045084][ T5039] device syzkaller0 entered promiscuous mode
[  177.062331][ T4147] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  177.343081][ T3695] usb 2-1: probing VID:PID(0424:012C)   
[  177.349745][ T3695] usb 2-1: vub300 testing UNKNOWN EndPoint(0) 05
[  177.373193][ T3695] usb 2-1: vub300 ignoring EndPoint(0) 05
[  177.378975][ T3695] usb 2-1: vub300 testing UNKNOWN EndPoint(1) 0C
[  177.409732][ T3695] usb 2-1: vub300 ignoring EndPoint(1) 0C
[  177.442970][ T3695] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs
[  177.467110][ T3695] vub300: probe of 2-1:0.0 failed with error -22
[  177.491724][ T3695] usb 2-1: USB disconnect, device number 7
[  177.880683][ T3821] bio_check_eod: 127979 callbacks suppressed
[  177.880814][ T3821] syz.0.35: attempt to access beyond end of device
[  177.880814][ T3821] loop0: rw=3, sector=14870999701808, nr_sectors = 8388600 limit=2048
[  177.941555][ T5078] loop2: detected capacity change from 0 to 8
[  178.332883][ T3821] syz.0.35: attempt to access beyond end of device
[  178.332883][ T3821] loop0: rw=3, sector=14871008090408, nr_sectors = 8388600 limit=2048
[  178.473913][ T3821] syz.0.35: attempt to access beyond end of device
[  178.473913][ T3821] loop0: rw=3, sector=14871016479008, nr_sectors = 8388600 limit=2048
[  178.517633][ T3821] syz.0.35: attempt to access beyond end of device
[  178.517633][ T3821] loop0: rw=3, sector=14871024867608, nr_sectors = 8388600 limit=2048
[  178.567520][ T3821] syz.0.35: attempt to access beyond end of device
[  178.567520][ T3821] loop0: rw=3, sector=14871033256208, nr_sectors = 8388600 limit=2048
[  178.620248][ T3821] syz.0.35: attempt to access beyond end of device
[  178.620248][ T3821] loop0: rw=3, sector=14871041644808, nr_sectors = 8388600 limit=2048
[  178.676436][ T3821] syz.0.35: attempt to access beyond end of device
[  178.676436][ T3821] loop0: rw=3, sector=14871050033408, nr_sectors = 8388600 limit=2048
[  178.700460][ T5083] loop1: detected capacity change from 0 to 256
[  178.735770][ T3821] syz.0.35: attempt to access beyond end of device
[  178.735770][ T3821] loop0: rw=3, sector=14871058422008, nr_sectors = 8388600 limit=2048
[  178.737144][ T5083] exfat: Bad value for 'gid'
[  178.827612][ T3821] syz.0.35: attempt to access beyond end of device
[  178.827612][ T3821] loop0: rw=3, sector=14871066810608, nr_sectors = 8388600 limit=2048
[  178.884216][ T3821] syz.0.35: attempt to access beyond end of device
[  178.884216][ T3821] loop0: rw=3, sector=14871075199208, nr_sectors = 8388600 limit=2048
[  178.904178][ T5089] loop2: detected capacity change from 0 to 256
[  179.115778][ T5089] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  179.148952][ T5094] loop3: detected capacity change from 0 to 256
[  180.209428][ T5058] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  180.366037][ T5096] loop4: detected capacity change from 0 to 32768
[  180.396494][ T5096] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.399 (5096)
[  180.423035][ T5096] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  180.451247][ T5096] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  180.470600][ T5096] BTRFS info (device loop4): using free space tree
[  180.766142][ T5096] BTRFS info (device loop4): enabling ssd optimizations
[  180.824375][ T5127] loop3: detected capacity change from 0 to 8
[  180.885850][ T5058] usb 3-1: config 0 has an invalid interface number: 69 but max is 1
[  180.960863][ T5058] usb 3-1: config 0 has no interface number 1
[  181.204794][ T5058] usb 3-1: New USB device found, idVendor=1b3d, idProduct=0157, bcdDevice=a5.17
[  181.256207][ T5058] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.550090][ T5058] usb 3-1: Product: syz
[  181.559580][ T5058] usb 3-1: Manufacturer: syz
[  181.564839][ T5058] usb 3-1: SerialNumber: syz
[  181.571262][ T5058] usb 3-1: config 0 descriptor??
[  181.613699][ T5058] hub 3-1:0.69: bad descriptor, ignoring hub
[  181.620540][ T5058] hub: probe of 3-1:0.69 failed with error -5
[  181.635884][ T4229] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  181.646900][ T5058] ftdi_sio 3-1:0.69: FTDI USB Serial Device converter detected
[  181.656891][ T5058] ftdi_sio ttyUSB0: unknown device type: 0xa517
[  181.671387][ T5058] hub 3-1:0.0: bad descriptor, ignoring hub
[  181.677735][ T5058] hub: probe of 3-1:0.0 failed with error -5
[  181.700003][ T5058] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  181.721701][ T5058] ftdi_sio ttyUSB1: unknown device type: 0xa517
[  182.021155][ T5060] usb 3-1: USB disconnect, device number 5
[  182.028512][ T5060] ftdi_sio 3-1:0.69: device disconnected
[  182.053497][ T5060] ftdi_sio 3-1:0.0: device disconnected
[  182.678815][ T5143] loop2: detected capacity change from 0 to 512
[  182.693586][ T5143] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  182.701111][ T5143] UDF-fs: Scanning with blocksize 512 failed
[  182.708923][ T5143] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  182.724327][ T5143] UDF-fs: Scanning with blocksize 1024 failed
[  182.731130][ T5143] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  182.745454][ T5143] UDF-fs: Scanning with blocksize 2048 failed
[  182.754188][ T5143] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  182.779823][ T5143] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  182.889370][ T3821] bio_check_eod: 72314 callbacks suppressed
[  182.901641][ T3821] syz.0.35: attempt to access beyond end of device
[  182.901641][ T3821] loop0: rw=3, sector=15477696808208, nr_sectors = 8388600 limit=2048
[  182.918352][ T3821] syz.0.35: attempt to access beyond end of device
[  182.918352][ T3821] loop0: rw=3, sector=15477705196808, nr_sectors = 8388600 limit=2048
[  182.934963][ T3821] syz.0.35: attempt to access beyond end of device
[  182.934963][ T3821] loop0: rw=3, sector=15477713585408, nr_sectors = 8388600 limit=2048
[  182.963820][ T3821] syz.0.35: attempt to access beyond end of device
[  182.963820][ T3821] loop0: rw=3, sector=15477721974008, nr_sectors = 8388600 limit=2048
[  182.985579][ T3821] syz.0.35: attempt to access beyond end of device
[  182.985579][ T3821] loop0: rw=3, sector=15477730362608, nr_sectors = 8388600 limit=2048
[  183.006891][ T3821] syz.0.35: attempt to access beyond end of device
[  183.006891][ T3821] loop0: rw=3, sector=15477738751208, nr_sectors = 8388600 limit=2048
[  183.028690][ T3821] syz.0.35: attempt to access beyond end of device
[  183.028690][ T3821] loop0: rw=3, sector=15477747139808, nr_sectors = 8388600 limit=2048
[  183.052341][ T3821] syz.0.35: attempt to access beyond end of device
[  183.052341][ T3821] loop0: rw=3, sector=15477755528408, nr_sectors = 8388600 limit=2048
[  183.086472][ T5147] loop2: detected capacity change from 0 to 512
[  183.087369][ T3821] syz.0.35: attempt to access beyond end of device
[  183.087369][ T3821] loop0: rw=3, sector=15477763917008, nr_sectors = 8388600 limit=2048
[  183.099278][ T5147] ext4: Unknown parameter 'obj_type'
[  183.108503][ T3821] syz.0.35: attempt to access beyond end of device
[  183.108503][ T3821] loop0: rw=3, sector=15477772305608, nr_sectors = 8388600 limit=2048
[  183.298080][ T5149] loop2: detected capacity change from 0 to 256
[  183.330531][ T5149] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  183.482389][ T5151] loop2: detected capacity change from 0 to 256
[  184.823033][ T5129] netlink: 12 bytes leftover after parsing attributes in process `syz.3.405'.
[  185.289609][ T5168] loop1: detected capacity change from 0 to 512
[  185.343252][ T5168] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  185.350785][ T5168] UDF-fs: Scanning with blocksize 512 failed
[  185.403237][ T5168] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  185.411314][ T5168] UDF-fs: Scanning with blocksize 1024 failed
[  185.440071][ T5168] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  185.454802][ T5168] UDF-fs: Scanning with blocksize 2048 failed
[  185.461091][ T5171] capability: warning: `syz.3.421' uses deprecated v2 capabilities in a way that may be insecure
[  185.482230][ T5168] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  185.515888][ T5168] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  185.837492][ T5160] loop4: detected capacity change from 0 to 32768
[  185.870361][ T5160] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.416 (5160)
[  185.910623][ T5160] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  185.952993][ T5160] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  185.961752][ T5160] BTRFS info (device loop4): using free space tree
[  186.003977][   T48] Bluetooth: hci3: command 0x0406 tx timeout
[  186.187834][ T5190] device syzkaller0 entered promiscuous mode
[  186.308204][ T5160] BTRFS info (device loop4): enabling ssd optimizations
[  186.533925][ T4229] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  187.893176][ T3821] bio_check_eod: 95203 callbacks suppressed
[  187.899728][ T3821] syz.0.35: attempt to access beyond end of device
[  187.899728][ T3821] loop0: rw=3, sector=16276400580008, nr_sectors = 8388600 limit=2048
[  188.137831][ T3821] syz.0.35: attempt to access beyond end of device
[  188.137831][ T3821] loop0: rw=3, sector=16276408968608, nr_sectors = 8388600 limit=2048
[  188.361197][ T3821] syz.0.35: attempt to access beyond end of device
[  188.361197][ T3821] loop0: rw=3, sector=16276417357208, nr_sectors = 8388600 limit=2048
[  188.477684][ T3821] syz.0.35: attempt to access beyond end of device
[  188.477684][ T3821] loop0: rw=3, sector=16276425745808, nr_sectors = 8388600 limit=2048
[  188.493537][ T3821] syz.0.35: attempt to access beyond end of device
[  188.493537][ T3821] loop0: rw=3, sector=16276434134408, nr_sectors = 8388600 limit=2048
[  188.533768][ T3821] syz.0.35: attempt to access beyond end of device
[  188.533768][ T3821] loop0: rw=3, sector=16276442523008, nr_sectors = 8388600 limit=2048
[  188.570436][ T3821] syz.0.35: attempt to access beyond end of device
[  188.570436][ T3821] loop0: rw=3, sector=16276450911608, nr_sectors = 8388600 limit=2048
[  188.619480][ T3821] syz.0.35: attempt to access beyond end of device
[  188.619480][ T3821] loop0: rw=3, sector=16276459300208, nr_sectors = 8388600 limit=2048
[  188.669437][ T3821] syz.0.35: attempt to access beyond end of device
[  188.669437][ T3821] loop0: rw=3, sector=16276467688808, nr_sectors = 8388600 limit=2048
[  188.725900][ T3821] syz.0.35: attempt to access beyond end of device
[  188.725900][ T3821] loop0: rw=3, sector=16276476077408, nr_sectors = 8388600 limit=2048
[  189.143348][ T5233] binder: BINDER_SET_CONTEXT_MGR already set
[  189.150663][ T5233] binder: 5230:5233 ioctl 4018620d 20000040 returned -16
[  191.713130][ T3688] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  192.098613][ T3688] usb 1-1: config 0 has an invalid interface number: 69 but max is 1
[  192.106962][ T3688] usb 1-1: config 0 has no interface number 1
[  192.293921][ T3688] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0157, bcdDevice=a5.17
[  192.303425][ T3688] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.311549][ T3688] usb 1-1: Product: syz
[  192.316327][ T3688] usb 1-1: Manufacturer: syz
[  192.320951][ T3688] usb 1-1: SerialNumber: syz
[  192.328029][ T3688] usb 1-1: config 0 descriptor??
[  192.373685][ T3688] hub 1-1:0.69: bad descriptor, ignoring hub
[  192.389979][ T3688] hub: probe of 1-1:0.69 failed with error -5
[  192.403758][ T3688] ftdi_sio 1-1:0.69: FTDI USB Serial Device converter detected
[  192.413897][ T3688] ftdi_sio ttyUSB0: unknown device type: 0xa517
[  192.421087][ T3688] hub 1-1:0.0: bad descriptor, ignoring hub
[  192.427550][ T3688] hub: probe of 1-1:0.0 failed with error -5
[  192.434620][ T3688] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  192.444621][ T3688] ftdi_sio ttyUSB1: unknown device type: 0xa517
[  192.485803][ T5217] netlink: 'syz.1.434': attribute type 7 has an invalid length.
[  192.863717][ T3688] usb 1-1: USB disconnect, device number 3
[  192.874343][ T3688] ftdi_sio 1-1:0.69: device disconnected
[  192.903031][ T3821] bio_check_eod: 76322 callbacks suppressed
[  192.903048][ T3821] syz.0.35: attempt to access beyond end of device
[  192.903048][ T3821] loop0: rw=3, sector=16916719195208, nr_sectors = 8388600 limit=2048
[  192.931006][ T3688] ftdi_sio 1-1:0.0: device disconnected
[  192.968864][ T3821] syz.0.35: attempt to access beyond end of device
[  192.968864][ T3821] loop0: rw=3, sector=16916727583808, nr_sectors = 8388600 limit=2048
[  192.994050][ T3821] syz.0.35: attempt to access beyond end of device
[  192.994050][ T3821] loop0: rw=3, sector=16916735972408, nr_sectors = 8388600 limit=2048
[  193.025496][ T3821] syz.0.35: attempt to access beyond end of device
[  193.025496][ T3821] loop0: rw=3, sector=16916744361008, nr_sectors = 8388600 limit=2048
[  193.100525][ T3821] syz.0.35: attempt to access beyond end of device
[  193.100525][ T3821] loop0: rw=3, sector=16916752749608, nr_sectors = 8388600 limit=2048
[  193.173185][ T3821] syz.0.35: attempt to access beyond end of device
[  193.173185][ T3821] loop0: rw=3, sector=16916761138208, nr_sectors = 8388600 limit=2048
[  193.200821][ T5260] loop2: detected capacity change from 0 to 512
[  193.212613][ T5262] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  193.229480][ T3821] syz.0.35: attempt to access beyond end of device
[  193.229480][ T3821] loop0: rw=3, sector=16916769526808, nr_sectors = 8388600 limit=2048
[  193.294201][ T3821] syz.0.35: attempt to access beyond end of device
[  193.294201][ T3821] loop0: rw=3, sector=16916777915408, nr_sectors = 8388600 limit=2048
[  193.382115][ T3821] syz.0.35: attempt to access beyond end of device
[  193.382115][ T3821] loop0: rw=3, sector=16916786304008, nr_sectors = 8388600 limit=2048
[  193.471449][ T3821] syz.0.35: attempt to access beyond end of device
[  193.471449][ T3821] loop0: rw=3, sector=16916794692608, nr_sectors = 8388600 limit=2048
[  193.497770][ T5270] netlink: 'syz.3.455': attribute type 7 has an invalid length.
[  193.887631][ T5277] loop7: detected capacity change from 0 to 16384
[  194.101586][  T120] I/O error, dev loop7, sector 512 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  194.112762][  T120] Buffer I/O error on dev loop7, logical block 64, lost async page write
[  194.165567][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  194.172054][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  194.223791][ T5285] I/O error, dev loop7, sector 520 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  194.253109][ T5277] I/O error, dev loop7, sector 2816 op 0x0:(READ) flags 0x80700 phys_seg 6 prio class 2
[  194.273257][ T5285] Buffer I/O error on dev loop7, logical block 65, lost async page write
[  194.587545][ T5267] loop4: detected capacity change from 0 to 40427
[  194.640945][ T5267] F2FS-fs (loop4): invalid crc value
[  194.688355][ T5267] F2FS-fs (loop4): Found nat_bits in checkpoint
[  194.893659][ T5267] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  195.015955][   T27] audit: type=1804 audit(1722485993.348:64): pid=5267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.454" name="/newroot/54/bus/file1" dev="loop4" ino=10 res=1 errno=0
[  195.071389][ T5301] capability: warning: `syz.1.464' uses 32-bit capabilities (legacy support in use)
[  195.113894][ T5301] program syz.1.464 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  196.953446][ T5321] loop7: detected capacity change from 0 to 16384
[  197.161264][ T5321] I/O error, dev loop7, sector 1792 op 0x0:(READ) flags 0x80700 phys_seg 16 prio class 2
[  197.179232][ T5324] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  197.205245][ T5324] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  197.395630][ T5331] loop1: detected capacity change from 0 to 512
[  197.423304][ T5331] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  197.478315][ T5331] EXT4-fs (loop1): 1 truncate cleaned up
[  197.492979][ T5331] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  197.514690][   T27] audit: type=1800 audit(1722485995.848:65): pid=5331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.476" name="bus" dev="loop1" ino=18 res=0 errno=0
[  197.567717][   T27] audit: type=1800 audit(1722485995.848:66): pid=5331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.476" name="bus" dev="loop1" ino=18 res=0 errno=0
[  197.913058][ T3821] bio_check_eod: 35408 callbacks suppressed
[  197.913080][ T3821] syz.0.35: attempt to access beyond end of device
[  197.913080][ T3821] loop0: rw=3, sector=17213784687008, nr_sectors = 8388600 limit=2048
[  198.297146][ T3821] syz.0.35: attempt to access beyond end of device
[  198.297146][ T3821] loop0: rw=3, sector=17213793075608, nr_sectors = 8388600 limit=2048
[  198.647970][ T3821] syz.0.35: attempt to access beyond end of device
[  198.647970][ T3821] loop0: rw=3, sector=17213801464208, nr_sectors = 8388600 limit=2048
[  198.765608][ T3821] syz.0.35: attempt to access beyond end of device
[  198.765608][ T3821] loop0: rw=3, sector=17213809852808, nr_sectors = 8388600 limit=2048
[  198.776244][   T27] audit: type=1326 audit(1722485997.108:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5343 comm="syz.3.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d6f3773b9 code=0x7ffc0000
[  198.780253][ T3821] syz.0.35: attempt to access beyond end of device
[  198.780253][ T3821] loop0: rw=3, sector=17213818241408, nr_sectors = 8388600 limit=2048
[  198.830272][ T3821] syz.0.35: attempt to access beyond end of device
[  198.830272][ T3821] loop0: rw=3, sector=17213826630008, nr_sectors = 8388600 limit=2048
[  198.863412][   T27] audit: type=1326 audit(1722485997.148:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5343 comm="syz.3.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d6f3773b9 code=0x7ffc0000
[  198.933005][ T3821] syz.0.35: attempt to access beyond end of device
[  198.933005][ T3821] loop0: rw=3, sector=17213835018608, nr_sectors = 8388600 limit=2048
[  198.948694][   T27] audit: type=1326 audit(1722485997.148:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5343 comm="syz.3.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f9d6f3773b9 code=0x7ffc0000
[  198.967932][ T4303] EXT4-fs (loop1): unmounting filesystem.
[  199.020814][   T27] audit: type=1326 audit(1722485997.148:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5343 comm="syz.3.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d6f3773b9 code=0x7ffc0000
[  199.053645][ T3821] syz.0.35: attempt to access beyond end of device
[  199.053645][ T3821] loop0: rw=3, sector=17213843407208, nr_sectors = 8388600 limit=2048
[  199.103439][   T27] audit: type=1326 audit(1722485997.148:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5343 comm="syz.3.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d6f3773b9 code=0x7ffc0000
[  199.136072][ T5352] loop1: detected capacity change from 0 to 64
[  199.164738][ T3821] syz.0.35: attempt to access beyond end of device
[  199.164738][ T3821] loop0: rw=3, sector=17213851795808, nr_sectors = 8388600 limit=2048
[  199.260776][ T3821] syz.0.35: attempt to access beyond end of device
[  199.260776][ T3821] loop0: rw=3, sector=17213860184408, nr_sectors = 8388600 limit=2048
[  199.342592][ T5356] loop3: detected capacity change from 0 to 64
[  199.392029][ T5333] loop4: detected capacity change from 0 to 40427
[  199.440763][ T5333] F2FS-fs (loop4): invalid crc value
[  199.503020][ T5356] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  199.524366][ T5333] F2FS-fs (loop4): Found nat_bits in checkpoint
[  199.633901][ T5361] program syz.1.486 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  199.710783][ T5333] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  199.878470][   T27] audit: type=1804 audit(1722485998.188:72): pid=5333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.475" name="/newroot/56/bus/file1" dev="loop4" ino=10 res=1 errno=0
[  199.964442][ T5369] loop1: detected capacity change from 0 to 8
[  199.971227][ T5369] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  200.209214][ T5371] loop3: detected capacity change from 0 to 4096
[  200.242657][ T5371] NILFS (loop3): invalid segment: Checksum error in segment payload
[  200.260319][ T5371] NILFS (loop3): trying rollback from an earlier position
[  200.542577][ T5371] NILFS (loop3): recovery complete
[  200.694920][ T5376] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  201.291205][ T5371] overlayfs: upper fs does not support tmpfile.
[  201.327068][ T5371] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  201.353012][ T5371] overlayfs: failed to set xattr on upper
[  201.375385][ T5378] loop1: detected capacity change from 0 to 512
[  201.409618][ T5371] overlayfs: ...falling back to index=off,metacopy=off.
[  201.442704][ T5378] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  201.542416][ T5378] EXT4-fs (loop1): 1 truncate cleaned up
[  201.550112][ T5378] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  201.580632][   T27] audit: type=1800 audit(1722485999.908:73): pid=5378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.492" name="bus" dev="loop1" ino=18 res=0 errno=0
[  201.699945][   T27] audit: type=1800 audit(1722485999.928:74): pid=5378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.492" name="bus" dev="loop1" ino=18 res=0 errno=0
[  201.782077][ T5384] loop4: detected capacity change from 0 to 256
[  201.864152][   T27] audit: type=1800 audit(1722486000.198:75): pid=5384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.490" name="bus" dev="loop4" ino=1048701 res=0 errno=0
[  202.128328][   T27] audit: type=1326 audit(1722486000.458:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5386 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  202.423037][   T27] audit: type=1326 audit(1722486000.458:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5386 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  202.720793][   T27] audit: type=1326 audit(1722486000.478:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5386 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  202.858000][   T27] audit: type=1326 audit(1722486000.478:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5386 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  202.923504][ T3821] bio_check_eod: 25895 callbacks suppressed
[  202.923524][ T3821] syz.0.35: attempt to access beyond end of device
[  202.923524][ T3821] loop0: rw=3, sector=17431049427008, nr_sectors = 8388600 limit=2048
[  203.091375][   T27] audit: type=1326 audit(1722486000.478:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5386 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  203.388755][ T3821] syz.0.35: attempt to access beyond end of device
[  203.388755][ T3821] loop0: rw=3, sector=17431057815608, nr_sectors = 8388600 limit=2048
[  203.906734][ T5400] loop4: detected capacity change from 0 to 64
[  204.229532][ T3821] syz.0.35: attempt to access beyond end of device
[  204.229532][ T3821] loop0: rw=3, sector=17431066204208, nr_sectors = 8388600 limit=2048
[  204.304502][ T3821] syz.0.35: attempt to access beyond end of device
[  204.304502][ T3821] loop0: rw=3, sector=17431074592808, nr_sectors = 8388600 limit=2048
[  204.321223][ T5400] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  204.439140][ T4303] EXT4-fs (loop1): unmounting filesystem.
[  204.474196][ T3821] syz.0.35: attempt to access beyond end of device
[  204.474196][ T3821] loop0: rw=3, sector=17431082981408, nr_sectors = 8388600 limit=2048
[  204.563128][ T3821] syz.0.35: attempt to access beyond end of device
[  204.563128][ T3821] loop0: rw=3, sector=17431091370008, nr_sectors = 8388600 limit=2048
[  204.660360][ T3821] syz.0.35: attempt to access beyond end of device
[  204.660360][ T3821] loop0: rw=3, sector=17431099758608, nr_sectors = 8388600 limit=2048
[  204.763536][ T3821] syz.0.35: attempt to access beyond end of device
[  204.763536][ T3821] loop0: rw=3, sector=17431108147208, nr_sectors = 8388600 limit=2048
[  204.860675][ T3821] syz.0.35: attempt to access beyond end of device
[  204.860675][ T3821] loop0: rw=3, sector=17431116535808, nr_sectors = 8388600 limit=2048
[  204.894083][ T3658] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  204.911213][ T3658] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  204.919888][ T3658] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  204.930922][ T3821] syz.0.35: attempt to access beyond end of device
[  204.930922][ T3821] loop0: rw=3, sector=17431124924408, nr_sectors = 8388600 limit=2048
[  204.948742][ T3658] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  204.952163][ T5409] loop4: detected capacity change from 0 to 8192
[  204.965721][ T3658] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  204.974434][ T3658] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  204.988258][ T5409] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  205.010667][ T5409] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal
[  205.020382][ T5409] REISERFS (device loop4): using ordered data mode
[  205.033829][ T5409] reiserfs: using flush barriers
[  205.042186][ T5409] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  205.062767][ T5409] REISERFS (device loop4): checking transaction log (loop4)
[  205.341145][ T5409] REISERFS (device loop4): Using tea hash to sort names
[  205.373571][ T5409] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  205.587399][   T27] audit: type=1326 audit(1722486003.918:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5423 comm="syz.0.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  205.645351][ T5415] chnl_net:caif_netlink_parms(): no params data found
[  205.671296][   T27] audit: type=1326 audit(1722486003.968:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5423 comm="syz.0.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f67309773b9 code=0x7ffc0000
[  205.991405][ T5433] loop4: detected capacity change from 0 to 512
[  206.164868][ T5437] binder: BINDER_SET_CONTEXT_MGR already set
[  206.170967][ T5437] binder: 5427:5437 ioctl 4018620d 20000040 returned -16
[  206.764544][ T5433] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  206.805623][ T5433] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038 (0x7fffffff)
[  206.915972][ T5415] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.943022][ T5415] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.984251][ T5415] device bridge_slave_0 entered promiscuous mode
[  207.036749][ T5415] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.065193][ T3658] Bluetooth: hci0: command tx timeout
[  207.406049][ T5415] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.635836][ T5415] device bridge_slave_1 entered promiscuous mode
[  207.907702][ T5447] loop1: detected capacity change from 0 to 64
[  207.931827][ T4229] EXT4-fs (loop4): unmounting filesystem.
[  207.945780][ T5447] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  207.973025][ T3821] bio_check_eod: 12311 callbacks suppressed
[  207.973041][ T3821] syz.0.35: attempt to access beyond end of device
[  207.973041][ T3821] loop0: rw=3, sector=17534405367608, nr_sectors = 8388600 limit=2048
[  208.001583][ T5415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  208.020628][ T5415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  208.129988][ T5451] netlink: 12 bytes leftover after parsing attributes in process `syz.4.514'.
[  208.133970][ T3821] syz.0.35: attempt to access beyond end of device
[  208.133970][ T3821] loop0: rw=3, sector=17534413756208, nr_sectors = 8388600 limit=2048
[  208.161541][ T5415] team0: Port device team_slave_0 added
[  208.181032][ T5453] loop3: detected capacity change from 0 to 256
[  208.189863][ T5415] team0: Port device team_slave_1 added
[  208.262989][ T3821] syz.0.35: attempt to access beyond end of device
[  208.262989][ T3821] loop0: rw=3, sector=17534422144808, nr_sectors = 8388600 limit=2048
[  208.301472][ T5415] batman_adv: batadv0: Adding interface: batadv_slave_0
[  208.319048][ T5415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.363283][ T5415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  208.363728][ T3821] syz.0.35: attempt to access beyond end of device
[  208.363728][ T3821] loop0: rw=3, sector=17534430533408, nr_sectors = 8388600 limit=2048
[  208.384773][ T5415] batman_adv: batadv0: Adding interface: batadv_slave_1
[  208.422143][ T5415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.468374][ T5415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.517076][ T3821] syz.0.35: attempt to access beyond end of device
[  208.517076][ T3821] loop0: rw=3, sector=17534438922008, nr_sectors = 8388600 limit=2048
[  208.661227][ T3821] syz.0.35: attempt to access beyond end of device
[  208.661227][ T3821] loop0: rw=3, sector=17534447310608, nr_sectors = 8388600 limit=2048
[  208.681226][ T3821] syz.0.35: attempt to access beyond end of device
[  208.681226][ T3821] loop0: rw=3, sector=17534455699208, nr_sectors = 8388600 limit=2048
[  208.686120][ T5453] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000005)
[  208.733203][ T5453] exFAT-fs (loop3): Filesystem has been set read-only
[  208.750655][ T3821] syz.0.35: attempt to access beyond end of device
[  208.750655][ T3821] loop0: rw=3, sector=17534464087808, nr_sectors = 8388600 limit=2048
[  208.897892][ T5453] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000005)
[  209.077270][ T3821] syz.0.35: attempt to access beyond end of device
[  209.077270][ T3821] loop0: rw=3, sector=17534472476408, nr_sectors = 8388600 limit=2048
[  209.123634][ T3658] Bluetooth: hci0: command tx timeout
[  209.158026][ T5458] loop4: detected capacity change from 0 to 8192
[  209.375368][ T3821] syz.0.35: attempt to access beyond end of device
[  209.375368][ T3821] loop0: rw=3, sector=17534480865008, nr_sectors = 8388600 limit=2048
[  209.406309][ T5458] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  209.436286][ T5458] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal
[  209.473794][ T5458] REISERFS (device loop4): using ordered data mode
[  209.504985][ T4109] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000005)
[  209.553728][ T5458] reiserfs: using flush barriers
[  209.563200][ T5415] device hsr_slave_0 entered promiscuous mode
[  209.569314][ T4109] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000005)
[  209.579511][ T5415] device hsr_slave_1 entered promiscuous mode
[  209.585798][ T5458] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  209.627393][ T5415] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  209.644015][   T27] kauditd_printk_skb: 2 callbacks suppressed
[  209.644031][   T27] audit: type=1326 audit(1722486007.978:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5464 comm="syz.1.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74be9773b9 code=0x7ffc0000
[  209.662635][ T5415] Cannot create hsr debugfs directory
[  209.693338][ T5458] REISERFS (device loop4): checking transaction log (loop4)
[  209.721786][   T27] audit: type=1326 audit(1722486007.978:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5464 comm="syz.1.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f74be9773b9 code=0x7ffc0000
[  209.806367][   T27] audit: type=1326 audit(1722486007.978:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5464 comm="syz.1.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74be9773b9 code=0x7ffc0000
[  209.890158][ T5467] loop1: detected capacity change from 0 to 2048
[  209.902471][   T27] audit: type=1326 audit(1722486007.978:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5464 comm="syz.1.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74be9773b9 code=0x7ffc0000
[  210.001460][ T5458] REISERFS (device loop4): Using tea hash to sort names
[  210.022778][ T5458] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  210.038855][ T5467] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  210.144860][   T27] audit: type=1800 audit(1722486008.478:89): pid=5467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.521" name="bus" dev="loop1" ino=18 res=0 errno=0
[  210.236862][ T4224] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.330751][ T4303] EXT4-fs (loop1): unmounting filesystem.
[  210.456376][ T4224] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.643261][ T4224] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.769977][ T5476] device syz_tun entered promiscuous mode
[  210.810287][ T5476] device macsec1 entered promiscuous mode
[  210.836764][ T5476] device syz_tun left promiscuous mode
[  210.976604][ T4224] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.992958][ T5214] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  211.107716][ T5415] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.203348][ T3658] Bluetooth: hci0: command tx timeout
[  211.269617][   T48] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  211.343516][   T48] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  211.368017][ T3656] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  211.377647][   T48] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  211.385968][   T48] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  211.393493][ T3656] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  211.493657][ T5486] loop1: detected capacity change from 0 to 64
[  211.523416][ T5214] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  211.660545][ T5415] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.327497][ T5214] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.335672][ T5214] usb 5-1: Product: syz
[  212.340432][ T5214] usb 5-1: Manufacturer: syz
[  212.345177][ T5214] usb 5-1: SerialNumber: syz
[  212.351989][ T5214] usb 5-1: config 0 descriptor??
[  212.437757][ T5491] loop1: detected capacity change from 0 to 256
[  212.539527][ T5415] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.663410][   T14] usb 5-1: USB disconnect, device number 7
[  212.672742][ T5491] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005)
[  212.703066][ T5491] exFAT-fs (loop1): Filesystem has been set read-only
[  212.720378][ T5491] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005)
[  212.732462][ T5415] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.789857][ T4303] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005)
[  212.819642][ T4303] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000005)
[  212.990901][ T3821] bio_check_eod: 39548 callbacks suppressed
[  212.990922][ T3821] syz.0.35: attempt to access beyond end of device
[  212.990922][ T3821] loop0: rw=3, sector=17866241606408, nr_sectors = 8388600 limit=2048
[  213.026671][ T3821] syz.0.35: attempt to access beyond end of device
[  213.026671][ T3821] loop0: rw=3, sector=17866249995008, nr_sectors = 8388600 limit=2048
[  213.044912][ T3821] syz.0.35: attempt to access beyond end of device
[  213.044912][ T3821] loop0: rw=3, sector=17866258383608, nr_sectors = 8388600 limit=2048
[  213.060810][ T3821] syz.0.35: attempt to access beyond end of device
[  213.060810][ T3821] loop0: rw=3, sector=17866266772208, nr_sectors = 8388600 limit=2048
[  213.076392][ T3821] syz.0.35: attempt to access beyond end of device
[  213.076392][ T3821] loop0: rw=3, sector=17866275160808, nr_sectors = 8388600 limit=2048
[  213.091278][ T3821] syz.0.35: attempt to access beyond end of device
[  213.091278][ T3821] loop0: rw=3, sector=17866283549408, nr_sectors = 8388600 limit=2048
[  213.106150][ T3821] syz.0.35: attempt to access beyond end of device
[  213.106150][ T3821] loop0: rw=3, sector=17866291938008, nr_sectors = 8388600 limit=2048
[  213.124357][ T3821] syz.0.35: attempt to access beyond end of device
[  213.124357][ T3821] loop0: rw=3, sector=17866300326608, nr_sectors = 8388600 limit=2048
[  213.139172][ T3821] syz.0.35: attempt to access beyond end of device
[  213.139172][ T3821] loop0: rw=3, sector=17866308715208, nr_sectors = 8388600 limit=2048
[  213.154031][ T3821] syz.0.35: attempt to access beyond end of device
[  213.154031][ T3821] loop0: rw=3, sector=17866317103808, nr_sectors = 8388600 limit=2048
[  213.259761][ T5415] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  213.283044][   T48] Bluetooth: hci0: command tx timeout
[  213.327743][ T5415] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  213.523446][   T48] Bluetooth: hci2: command tx timeout
[  213.569926][ T5415] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  213.645119][ T5415] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  213.815936][ T5481] chnl_net:caif_netlink_parms(): no params data found
[  213.985811][ T5505] device syz_tun entered promiscuous mode
[  214.001245][ T5505] device macsec1 entered promiscuous mode
[  214.047796][ T5505] device syz_tun left promiscuous mode
[  214.093430][ T3658] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  214.110818][ T3658] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  214.119607][ T3658] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  214.128031][ T3658] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  214.136464][ T3658] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  214.145741][ T3658] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  214.407269][ T5511] loop7: detected capacity change from 0 to 16384
[  214.473793][ T5481] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.492355][ T5481] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.502352][ T5481] device bridge_slave_0 entered promiscuous mode
[  214.511156][ T5481] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.518351][ T5481] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.526820][ T5481] device bridge_slave_1 entered promiscuous mode
[  214.601275][ T5520] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  214.608185][ T5511] I/O error, dev loop7, sector 1280 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 2
[  214.630110][ T5520] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  214.720700][ T4224] device hsr_slave_0 left promiscuous mode
[  214.745372][ T4224] device hsr_slave_1 left promiscuous mode
[  214.772280][ T4224] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  214.783283][ T4224] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.803729][ T4224] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.811293][ T4224] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.836021][ T4224] device bridge_slave_1 left promiscuous mode
[  214.842331][ T4224] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.862732][ T4224] device bridge_slave_0 left promiscuous mode
[  214.869189][ T4224] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.942261][ T4224] device veth1_macvtap left promiscuous mode
[  214.958805][ T4224] device veth0_macvtap left promiscuous mode
[  214.967316][ T4224] device veth1_vlan left promiscuous mode
[  214.980084][ T4224] device veth0_vlan left promiscuous mode
[  215.073220][ T5130] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  215.606511][   T48] Bluetooth: hci2: command tx timeout
[  215.643995][ T5130] usb 1-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  215.661532][ T5130] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.669925][ T5130] usb 1-1: Product: syz
[  215.674185][ T5130] usb 1-1: Manufacturer: syz
[  215.678833][ T5130] usb 1-1: SerialNumber: syz
[  215.701897][ T5130] usb 1-1: config 0 descriptor??
[  215.758081][ T4224] team0 (unregistering): Port device team_slave_1 removed
[  215.822096][ T4224] team0 (unregistering): Port device team_slave_0 removed
[  215.899429][ T4224] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  215.957725][ T4224] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  215.992544][   T26] usb 1-1: USB disconnect, device number 4
[  216.163275][   T48] Bluetooth: hci4: command tx timeout
[  216.655801][ T4224] bond0 (unregistering): Released all slaves
[  216.659649][ T5531] x_tables: ip_tables: socket.2 match: invalid size 8 (kernel) != (user) 568
[  216.738067][ T5532] netlink: 4 bytes leftover after parsing attributes in process `syz.0.545'.
[  216.781900][ T5415] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.809238][ T5481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.831651][ T5531] netlink: 48 bytes leftover after parsing attributes in process `syz.0.545'.
[  216.861007][ T5481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.879711][ T5415] 8021q: adding VLAN 0 to HW filter on device team0
[  216.919354][ T4799] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  216.928423][ T4799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  217.004617][ T5130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  217.021687][ T5130] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  217.030830][ T5130] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.038043][ T5130] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.081550][ T5481] team0: Port device team_slave_0 added
[  217.091030][ T5481] team0: Port device team_slave_1 added
[  217.112684][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  217.128309][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  217.137485][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  217.146508][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.153730][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.183438][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  217.231778][ T5538] device syz_tun entered promiscuous mode
[  217.239280][ T5538] device macsec1 entered promiscuous mode
[  217.250475][ T5538] device syz_tun left promiscuous mode
[  217.312625][ T4799] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  217.361446][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  217.377928][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  217.394333][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  217.413520][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  217.422198][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  217.440987][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  217.472504][ T5481] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.487342][ T5481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.552992][ T5481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.585687][ T5481] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.592667][ T5481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.672947][ T5481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.696068][   T48] Bluetooth: hci2: command tx timeout
[  217.702197][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  217.721537][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  217.734166][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  217.789830][ T5415] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  217.924081][ T5481] device hsr_slave_0 entered promiscuous mode
[  217.951307][ T5481] device hsr_slave_1 entered promiscuous mode
[  217.993047][ T3821] bio_check_eod: 151765 callbacks suppressed
[  217.993066][ T3821] syz.0.35: attempt to access beyond end of device
[  217.993066][ T3821] loop0: rw=3, sector=19139421371408, nr_sectors = 8388600 limit=2048
[  218.015622][ T5481] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  218.033210][ T5481] Cannot create hsr debugfs directory
[  218.042532][ T5507] chnl_net:caif_netlink_parms(): no params data found
[  218.133190][ T3821] syz.0.35: attempt to access beyond end of device
[  218.133190][ T3821] loop0: rw=3, sector=19139429760008, nr_sectors = 8388600 limit=2048
[  218.243521][   T48] Bluetooth: hci4: command tx timeout
[  218.272481][ T3821] syz.0.35: attempt to access beyond end of device
[  218.272481][ T3821] loop0: rw=3, sector=19139438148608, nr_sectors = 8388600 limit=2048
[  218.293966][ T3821] syz.0.35: attempt to access beyond end of device
[  218.293966][ T3821] loop0: rw=3, sector=19139446537208, nr_sectors = 8388600 limit=2048
[  218.302797][ T5555] loop4: detected capacity change from 0 to 1024
[  218.316481][ T5555] EXT4-fs: Ignoring removed nomblk_io_submit option
[  218.347373][ T3821] syz.0.35: attempt to access beyond end of device
[  218.347373][ T3821] loop0: rw=3, sector=19139454925808, nr_sectors = 8388600 limit=2048
[  218.364052][ T5555] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  218.366600][ T5507] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.390336][ T3821] syz.0.35: attempt to access beyond end of device
[  218.390336][ T3821] loop0: rw=3, sector=19139463314408, nr_sectors = 8388600 limit=2048
[  218.414583][ T5507] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.433426][ T5507] device bridge_slave_0 entered promiscuous mode
[  218.462555][ T5507] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.481436][ T3821] syz.0.35: attempt to access beyond end of device
[  218.481436][ T3821] loop0: rw=3, sector=19139471703008, nr_sectors = 8388600 limit=2048
[  218.500167][ T5507] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.514290][ T5507] device bridge_slave_1 entered promiscuous mode
[  218.526770][ T4229] EXT4-fs (loop4): unmounting filesystem.
[  218.553392][ T3821] syz.0.35: attempt to access beyond end of device
[  218.553392][ T3821] loop0: rw=3, sector=19139480091608, nr_sectors = 8388600 limit=2048
[  218.592997][ T3821] syz.0.35: attempt to access beyond end of device
[  218.592997][ T3821] loop0: rw=3, sector=19139488480208, nr_sectors = 8388600 limit=2048
[  218.633465][ T3821] syz.0.35: attempt to access beyond end of device
[  218.633465][ T3821] loop0: rw=3, sector=19139496868808, nr_sectors = 8388600 limit=2048
[  218.711814][ T5507] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  218.758009][ T5507] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  218.827466][ T5567] loop4: detected capacity change from 0 to 256
[  218.841336][ T5567] MINIX-fs: mounting file system with errors, running fsck is recommended
[  218.856359][ T5130] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  218.878398][ T5130] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  218.898990][ T5415] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.009406][ T5507] team0: Port device team_slave_0 added
[  219.034601][ T5507] team0: Port device team_slave_1 added
[  219.129407][ T5507] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.153141][ T5507] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.202694][ T5572] x_tables: ip_tables: socket.2 match: invalid size 8 (kernel) != (user) 568
[  219.223373][ T5507] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  219.253268][ T5132] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  219.262210][ T5132] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  219.332683][ T5574] netlink: 4 bytes leftover after parsing attributes in process `syz.4.555'.
[  219.548452][ T5507] batman_adv: batadv0: Adding interface: batadv_slave_1
[  219.555904][ T5507] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.582856][ T5507] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  219.809277][   T48] Bluetooth: hci2: command tx timeout
[  219.913221][ T5572] netlink: 48 bytes leftover after parsing attributes in process `syz.4.555'.
[  220.357264][   T48] Bluetooth: hci4: command tx timeout
[  220.403128][   T28] INFO: task segctord:3831 blocked for more than 143 seconds.
[  220.411055][   T28]       Not tainted 6.1.102-syzkaller #0
[  220.426557][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  220.436208][   T28] task:segctord        state:D stack:28248 pid:3831  ppid:2      flags:0x00004000
[  220.445611][   T28] Call Trace:
[  220.448916][   T28]  <TASK>
[  220.451868][   T28]  __schedule+0x143f/0x4570
[  220.464620][   T28]  ? release_firmware_map_entry+0x186/0x186
[  220.480314][   T28]  ? print_irqtrace_events+0x210/0x210
[  220.498855][   T28]  ? _raw_spin_lock_irq+0xdb/0x110
[  220.526697][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  220.547705][   T28]  schedule+0xbf/0x180
[  220.551849][   T28]  rwsem_down_write_slowpath+0xea1/0x14b0
[  220.561628][   T28]  ? rwsem_down_write_slowpath+0x9e3/0x14b0
[  220.577091][   T28]  ? down_write_killable_nested+0x90/0x90
[  220.601823][   T28]  ? read_lock_is_recursive+0x10/0x10
[  220.610363][   T28]  ? rcu_is_watching+0x11/0xb0
[  220.634657][   T28]  nilfs_transaction_lock+0x25c/0x4f0
[  220.640120][   T28]  nilfs_segctor_thread+0x547/0x11a0
[  220.652936][   T28]  ? print_irqtrace_events+0x210/0x210
[  220.658464][   T28]  ? nilfs_iput_work_func+0x70/0x70
[  220.673295][   T28]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  220.679269][   T28]  ? release_firmware_map_entry+0x186/0x186
[  220.692923][   T28]  ? wake_bit_function+0x210/0x210
[  220.698100][   T28]  ? _raw_spin_unlock+0x40/0x40
[  220.715742][   T28]  ? __kthread_parkme+0x168/0x1c0
[  220.720847][   T28]  kthread+0x28d/0x320
[  220.742985][   T28]  ? nilfs_iput_work_func+0x70/0x70
[  220.748345][   T28]  ? kthread_blkcg+0xd0/0xd0
[  220.763092][   T28]  ret_from_fork+0x1f/0x30
[  220.767593][   T28]  </TASK>
[  220.770689][   T28] 
[  220.770689][   T28] Showing all locks held in the system:
[  220.786681][   T28] 1 lock held by rcu_tasks_kthre/12:
[  220.792107][   T28]  #0: ffffffff8d32af10 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  220.798148][ T5415] device veth0_vlan entered promiscuous mode
[  220.832049][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  220.839141][   T28] 1 lock held by rcu_tasks_trace/13:
[  220.845673][   T28]  #0: ffffffff8d32b710 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  220.848164][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  220.873083][   T28] 1 lock held by khungtaskd/28:
[  220.878068][   T28]  #0: ffffffff8d32ad40 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[  220.878545][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  220.905508][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  220.913204][   T28] 2 locks held by getty/3399:
[  220.917914][   T28]  #0: ffff888028e74098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  220.943206][   T28]  #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0
[  220.953759][   T28] 3 locks held by kworker/0:7/3695:
[  220.958979][   T28]  #0: ffff88814b192138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  220.970488][   T28]  #1: ffffc9000441fd20 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  220.986665][   T28]  #2: ffffffff8e4f7668 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xcc/0x16b0
[  221.001969][   T28] 2 locks held by syz.0.35/3821:
[  221.010777][   T28] 1 lock held by segctord/3831:
[  221.021390][   T28]  #0: ffff8880795842a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25c/0x4f0
[  221.041835][   T28] 4 locks held by kworker/u4:9/4224:
[  221.059760][   T28]  #0: ffff888012a1e938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  221.079390][   T28]  #1: ffffc90003d5fd20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  221.091832][   T28]  #2: ffffffff8e4eb310 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60
[  221.110564][   T28]  #3: ffffffff8e4f7668 (rtnl_mutex){+.+.}-{3:3}, at: cangw_pernet_exit_batch+0x1c/0x90
[  221.121868][   T28] 2 locks held by kworker/1:13/4801:
[  221.134126][   T28]  #0: ffff888012872138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  221.152694][   T28]  #1: ffffc90009d37d20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  221.172978][   T28] 1 lock held by syz-executor/5415:
[  221.179094][   T28]  #0: ffffffff8e4f7668 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x7c1/0xff0
[  221.195239][   T28] 7 locks held by syz-executor/5481:
[  221.207261][   T28]  #0: ffff88807e632460 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x269/0xbc0
[  221.221301][   T28]  #1: ffff88805793a088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1e7/0x4f0
[  221.233055][   T28]  #2: ffff8880215a6bd0 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20b/0x4f0
[  221.243469][   T28]  #3: ffffffff8de20fc8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xf8/0x480
[  221.262540][   T28]  #4: ffff8880578e60e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xb6/0x880
[  221.282356][   T28]  #5: ffff8880589682f8 (&devlink->lock_key#10){+.+.}-{3:3}, at: nsim_drv_remove+0x54/0x160
[  221.295549][   T28]  #6: ffffffff8d330200 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x48/0x5f0
[  221.313313][   T28] 2 locks held by syz-executor/5507:
[  221.318632][   T28]  #0: ffffffff8e4f7668 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x7c1/0xff0
[  221.328692][   T28]  #1: ffffffff8d330338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4f0/0x930
[  221.340689][   T28] 
[  221.349805][ T5415] device veth1_vlan entered promiscuous mode
[  221.356798][   T28] =============================================
[  221.356798][   T28] 
[  221.376345][   T28] NMI backtrace for cpu 1
[  221.380722][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.1.102-syzkaller #0
[  221.388632][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  221.398690][   T28] Call Trace:
[  221.401969][   T28]  <TASK>
[  221.404900][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  221.409594][   T28]  ? nf_tcp_handle_invalid+0x642/0x642
[  221.415062][   T28]  ? panic+0x764/0x764
[  221.419132][   T28]  ? vprintk_emit+0x622/0x740
[  221.423825][   T28]  ? printk_sprint+0x490/0x490
[  221.428601][   T28]  ? nmi_cpu_backtrace+0x252/0x560
[  221.433727][   T28]  nmi_cpu_backtrace+0x4e1/0x560
[  221.438683][   T28]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  221.444844][   T28]  ? _printk+0xd1/0x111
[  221.449001][   T28]  ? panic+0x764/0x764
[  221.453075][   T28]  ? __wake_up_klogd+0xcc/0x100
[  221.457940][   T28]  ? panic+0x764/0x764
[  221.462049][   T28]  ? nmi_trigger_cpumask_backtrace+0xe2/0x3f0
[  221.468127][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  221.474207][   T28]  nmi_trigger_cpumask_backtrace+0x1b0/0x3f0
[  221.480231][   T28]  watchdog+0xf88/0xfd0
[  221.484404][   T28]  ? watchdog+0x1f8/0xfd0
[  221.488743][   T28]  kthread+0x28d/0x320
[  221.492813][   T28]  ? hungtask_pm_notify+0x50/0x50
[  221.497845][   T28]  ? kthread_blkcg+0xd0/0xd0
[  221.502436][   T28]  ret_from_fork+0x1f/0x30
[  221.506878][   T28]  </TASK>
[  221.510581][   T28] Sending NMI from CPU 1 to CPUs 0:
[  221.515993][    C0] NMI backtrace for cpu 0
[  221.516004][    C0] CPU: 0 PID: 3821 Comm: syz.0.35 Not tainted 6.1.102-syzkaller #0
[  221.516023][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  221.516034][    C0] RIP: 0010:check_preemption_disabled+0x63/0x110
[  221.516059][    C0] Code: 44 24 08 0f 85 c7 00 00 00 89 d8 48 83 c4 10 5b 41 5c 41 5e 41 5f c3 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 <74> c9 49 89 f6 49 89 ff 65 4c 8b 25 2d 7c 5d 75 41 f6 44 24 2f 04
[  221.516084][    C0] RSP: 0018:ffffc900046773e8 EFLAGS: 00000046
[  221.516100][    C0] RAX: 0000000080000000 RBX: 0000000000000000 RCX: ffffffff816a6cdb
[  221.516113][    C0] RDX: 0000000000000000 RSI: ffffffff8b0c0f20 RDI: ffffffff8b5d5ba0
[  221.516126][    C0] RBP: ffffc90004677578 R08: dffffc0000000000 R09: fffffbfff1d337ae
[  221.516140][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff920008cee8c
[  221.516152][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000246
[  221.516165][    C0] FS:  00007f5b9f7c26c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  221.516181][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  221.516194][    C0] CR2: 00007f86322d4338 CR3: 000000007f286000 CR4: 00000000003506f0
[  221.516210][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  221.516220][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  221.516231][    C0] Call Trace:
[  221.516236][    C0]  <NMI>
[  221.516242][    C0]  ? nmi_cpu_backtrace+0x3de/0x560
[  221.516273][    C0]  ? read_lock_is_recursive+0x10/0x10
[  221.516302][    C0]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  221.516327][    C0]  ? nmi_handle+0x25/0x440
[  221.516363][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  221.516390][    C0]  ? nmi_handle+0x12e/0x440
[  221.516416][    C0]  ? nmi_handle+0x25/0x440
[  221.516443][    C0]  ? check_preemption_disabled+0x63/0x110
[  221.516462][    C0]  ? default_do_nmi+0x62/0x150
[  221.516489][    C0]  ? exc_nmi+0xa8/0x100
[  221.516514][    C0]  ? end_repeat_nmi+0x16/0x31
[  221.516542][    C0]  ? lock_acquire+0xeb/0x5a0
[  221.516566][    C0]  ? check_preemption_disabled+0x63/0x110
[  221.516586][    C0]  ? check_preemption_disabled+0x63/0x110
[  221.516607][    C0]  ? check_preemption_disabled+0x63/0x110
[  221.516627][    C0]  </NMI>
[  221.516632][    C0]  <TASK>
[  221.516639][    C0]  lock_acquire+0x1bd/0x5a0
[  221.516667][    C0]  ? read_lock_is_recursive+0x10/0x10
[  221.516699][    C0]  ? mempool_resize+0x850/0x850
[  221.516721][    C0]  ? bio_associate_blkg+0x1b/0x1c0
[  221.516743][    C0]  bio_associate_blkg+0x38/0x1c0
[  221.516763][    C0]  ? bio_associate_blkg+0x1b/0x1c0
[  221.516784][    C0]  bio_alloc_bioset+0x70f/0x11b0
[  221.516810][    C0]  blk_next_bio+0x35/0x150
[  221.516830][    C0]  __blkdev_issue_discard+0x377/0x570
[  221.516861][    C0]  blkdev_issue_discard+0xf0/0x1c0
[  221.516890][    C0]  ? __blkdev_issue_discard+0x570/0x570
[  221.516918][    C0]  ? __might_sleep+0xb0/0xb0
[  221.516941][    C0]  nilfs_sufile_trim_fs+0x109e/0x1360
[  221.516973][    C0]  ? nilfs_sufile_set_suinfo+0xf60/0xf60
[  221.517002][    C0]  ? __might_fault+0xbd/0x110
[  221.517028][    C0]  nilfs_ioctl+0x1188/0x24a0
[  221.517052][    C0]  ? nilfs_ioctl_prepare_clean_segments+0x880/0x880
[  221.517078][    C0]  ? do_vfs_ioctl+0xc55/0x2a90
[  221.517098][    C0]  ? __x64_compat_sys_ioctl+0x80/0x80
[  221.517115][    C0]  ? __lock_acquire+0x1f80/0x1f80
[  221.517139][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  221.517159][    C0]  ? __kmem_cache_free+0x25c/0x3c0
[  221.517182][    C0]  ? tomoyo_path_number_perm+0x61b/0x7f0
[  221.517201][    C0]  ? tomoyo_path_number_perm+0x68a/0x7f0
[  221.517220][    C0]  ? tomoyo_path_number_perm+0x1f2/0x7f0
[  221.517239][    C0]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  221.517272][    C0]  ? __fget_files+0x28/0x4a0
[  221.517299][    C0]  ? __fget_files+0x28/0x4a0
[  221.517316][    C0]  ? __fget_files+0x435/0x4a0
[  221.517333][    C0]  ? __fget_files+0x28/0x4a0
[  221.517353][    C0]  ? bpf_lsm_file_ioctl+0x5/0x10
[  221.517371][    C0]  ? security_file_ioctl+0x7d/0xa0
[  221.517388][    C0]  ? nilfs_ioctl_prepare_clean_segments+0x880/0x880
[  221.517409][    C0]  __se_sys_ioctl+0xf1/0x160
[  221.517437][    C0]  do_syscall_64+0x3b/0xb0
[  221.517459][    C0]  ? clear_bhb_loop+0x45/0xa0
[  221.517482][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  221.517504][    C0] RIP: 0033:0x7f5b9e9773b9
[  221.517523][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.517537][    C0] RSP: 002b:00007f5b9f7c2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  221.517554][    C0] RAX: ffffffffffffffda RBX: 00007f5b9eb05f80 RCX: 00007f5b9e9773b9
[  221.517567][    C0] RDX: 0000000020000680 RSI: 00000000c0185879 RDI: 0000000000000004
[  221.517578][    C0] RBP: 00007f5b9e9e48e6 R08: 0000000000000000 R09: 0000000000000000
[  221.517590][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  221.517600][    C0] R13: 000000000000000b R14: 00007f5b9eb05f80 R15: 00007ffebec0b4f8
[  221.517621][    C0]  </TASK>
[  222.102452][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  222.109355][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.102-syzkaller #0
[  222.117265][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  222.127335][   T28] Call Trace:
[  222.130625][   T28]  <TASK>
[  222.133649][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  222.138381][   T28]  ? nf_tcp_handle_invalid+0x642/0x642
[  222.143879][   T28]  ? panic+0x764/0x764
[  222.147980][   T28]  ? llist_add_batch+0x160/0x1d0
[  222.152960][   T28]  ? vscnprintf+0x59/0x80
[  222.157319][   T28]  panic+0x318/0x764
[  222.161243][   T28]  ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0
[  222.167439][   T28]  ? memcpy_page_flushcache+0xfc/0xfc
[  222.172854][   T28]  ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0
[  222.179048][   T28]  ? nmi_trigger_cpumask_backtrace+0x33a/0x3f0
[  222.185246][   T28]  ? nmi_trigger_cpumask_backtrace+0x33f/0x3f0
[  222.191449][   T28]  watchdog+0xfc7/0xfd0
[  222.195643][   T28]  ? watchdog+0x1f8/0xfd0
[  222.200016][   T28]  kthread+0x28d/0x320
[  222.204113][   T28]  ? hungtask_pm_notify+0x50/0x50
[  222.209165][   T28]  ? kthread_blkcg+0xd0/0xd0
[  222.213781][   T28]  ret_from_fork+0x1f/0x30
[  222.218245][   T28]  </TASK>
[  222.221591][   T28] Kernel Offset: disabled
[  222.225920][   T28] Rebooting in 86400 seconds..