last executing test programs:

12.32601359s ago: executing program 0 (id=2711):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000002c0)='batadv_slave_1\x00', 0x10)
bind$xdp(r0, &(0x7f00000001c0)={0x2c, 0x0, 0x0, 0x17}, 0x10)

11.818406047s ago: executing program 0 (id=2712):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x1f84, &(0x7f0000000900)={0x0, 0x6c3b, 0x13580, 0x0, 0xfffffffd}, &(0x7f00000009c0), &(0x7f0000000980))
ppoll(&(0x7f0000000040)=[{r1}], 0x1, 0x0, 0x0, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r4, @ANYBLOB="01e5ff000000000004003b1c210008000300", @ANYRES32=r3, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x19}, @IFLA_XDP_EXPECTED_FD={0x8, 0x8, r7}]}]}, 0x34}}, 0x0)
faccessat(0xffffffffffffffff, 0x0, 0x5)
ioctl$IOCTL_START_ACCEL_DEV(0xffffffffffffffff, 0x40096102, &(0x7f00000003c0)={{&(0x7f0000000880)={'Accelerator0\x00', {&(0x7f0000000500)=@adf_dec={@format={'Dc', '3', 'NumConcurrentRequests\x00'}, {0xf}, {&(0x7f0000000300)=@adf_str={@normal='NumberCyInstances\x00', {"45f928550337f235b3264d05728217bddb6783ab05e0ffd128dc646959f36b51b772d0dce662e19743baeace1bdc271d3c94725cf5077f3b3d6c2f7a62c9c9ab"}}}}}, {&(0x7f0000000800)={'GENERAL\x00', {&(0x7f0000000740)=@adf_str={@normal='NumberDcInstances\x00', {"1b71b3bcba0900a4978bfe6c32828e13a4bbd649a4b4914ebd2366d385e350afd615999cb706d69963a6828a50649d338c672b6041d370e8e5e6c80de3194c21"}, {&(0x7f00000005c0)=@adf_str={@normal='NumberCyInstances\x00', {"fc0f04c270ca103ca0443b01d995a58b66132b14e690d641d7715bf75b15cac233d905f0bf40f52030571f5ea230c4d664c7b177fe33cfe57125c534abf2257b"}}}}}}}}}, 0x4})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)
preadv(r8, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000680), 0x20000, 0x0)
write$binfmt_script(r10, &(0x7f0000000240), 0x3af4701e)
sendfile(r9, r5, 0x0, 0x10000a007)

10.796286146s ago: executing program 4 (id=2716):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x728e, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="f80000000000000019010000100000000e60ff463cf87a199c591c93fd4d503b099db590a2b7dc8914b2ba3ed069b38a6cf88b8eb4c4c92505afff841f35d511835b5ce018a6bbc39db4ce3f01a3cff957248132208030cea9f26f5d4215b6a25a7e7a0ce06c530b117748ac26d45ac48ffad4a5461a055a31b3c08a03275351c0ec9acc6e82596ce596860e90f279d9003356ec80cae1a416f285ef6ce62cc47c5cd5aceb8cd12e50f9ea358bf2330bc4ea5bb9dbfa6045917b6dcc5b5169ed3601d7f0eb2194065e620fc6eeb02587010c87b07f6489c55f3182493590f32049b2bb91088d7d48667bdee57c01ae9624000000000000006800000000000000170100000100000016eacf51099c253841426fa44acd1a363e6ece37f7516f48ef8a0a212eb8bf6592e7c44f8ab484b7bb9e60d990b202059727e4bf1fc193affb71284b07cc8730cd9d30fde287ddd4eabccbebc89ac701f600000000000000780000000000000029000000070000005f1e7ceb7dd125c48c19da6999023c7204301c32eb3b7ee07f0a6cc0864045c4e4aacf67e7bbf9c9bccf84ebdee9ad598e13e95b051249c0c228e90eec4600dc113c1bed83e5782e25895db8e14463af090792b99ac4ddfb672ee2274b30011f180000000000000000010000000000000600000001000000dfc55e8fce5afd2c021b9c28566c9479c87d7884f0c529cf5a8abfa79dbcfdca3dbdbfd02976831a84bbd514e8a2c34e0207866260fadf99c57a2dd183606511b27c9f10e55f52a2c88884388e64904872042a449559a02b6a8c04ef7d1f5ab8d6b74e78543cfe29774aaead2583a2ff1846830667b560c9826b18c44a7d9ab817b50caf8dec20d28b3d14f094a834200379457c70b85250ce82575d8b302c677effc62d819e57989688d6edb9c1da69167337b8cd15bb0da6479df6bcb1e9bef72d7fcbd479a974f46d97bb7de9f1a5956f39458e7234cfacf8b9e188c165f8e26610c833fc916ce9000000000000002000000000000000020100008000000089223b88a6b64604a700000000000000c8000000000000001301000001000000f85c3cdd5699e7b22336e65f0d52c9b1cf70718f0a74707d45970aa3298fb919947d14035549d5b5c04a7394f75ac6f1e21c3cf43fde56f59a9ddfb2ceffe97d7700d080e7a926ea94fe7d15b5d07311b1f415bd29f1c9bd8639b2af4dd9206a090a5dca7c72ddc68c93a28451953c7c296dc4aaedfeb94a27cf86bce1e7570d22995c3e2a6eb1755632044d7fed1daf83eb3fef4aa23ecb47e896525a203e65591446eee14c1b3f928c1a9a6b1c1878ce00000000000000000100000000000011000000ff7f00008a7e5d4c6904768bfcd141817749d4ba3f5c703012123412fc7beb86e3e658565e10a2722751787ceabbbc3ae1ef4ba4d9024fd2c2a0aca946d949f38c948ffc0ee6fc0be851359a42b6c826b2c26381cc2b4d0b876f26385cab3173e65ed06efa99ca8de0ac8c7d8e5ae8ab6a21675b0bd31dc99e84a7bcef0db2b1277855bb428ac810fa71dc91e914bed10939cf91935d784bd1fefd8303464e400092f6de3348f802771ee518b4b1705b43377dec0b98f093808d774e3847f1ae2e56f087581c9fdd234c5d6f672b8ace8734986f5d8767f282ecff06b2f3ea03bac24cbf84176245dd8b6b59d6000000000000007800000000000000110100000f000000152e19b3b19f1edf83407b5746e7fe4015029d14a6972dea398ad702c910c1d52aac69d83385d9e1e86563029553d977b70f4ed755253d23117fe90f04c1a876fbbc58611810bb1de77eae52f1e3d005a4755386298db2d08592c52907d971460f00000000000000100700"], 0xc48}, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0)

9.075281788s ago: executing program 5 (id=2718):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xb, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet(0x2, 0x4000000000000001, 0x0)
socket$inet6(0xa, 0x2, 0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='io\x00')
pread64(r3, &(0x7f00000004c0)=""/251, 0xfb, 0x4)

8.00387054s ago: executing program 5 (id=2720):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='htcp\x00', 0x5)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)

7.954671043s ago: executing program 4 (id=2721):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r2=>0x0})
bind$xdp(r0, &(0x7f00000001c0)={0x2c, 0x0, r2, 0x17}, 0x10)

7.595199533s ago: executing program 2 (id=2722):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x90)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

7.486124352s ago: executing program 2 (id=2723):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x80, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r2, 0x4)
sendmsg$unix(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

7.423170991s ago: executing program 2 (id=2724):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "90737f0000fffffffffffffbff95647fffffeb"})
r1 = dup(r0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x82f6, 0xff, "0800000000000002"})
read(r1, &(0x7f0000000c80)=""/4096, 0x1000)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0xff)

7.239420263s ago: executing program 0 (id=2725):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
connect$tipc(0xffffffffffffffff, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2}, 0x10)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000180)='./file0\x00', 0x2804049, &(0x7f0000000c00)=ANY=[], 0x41, 0x304, &(0x7f0000001880)="$eJzs3M9rE1sUwPGTNG3SlDZZPB6v7/HoRTe6Gdq4V4K0IAaU2og/QJg2Ew0Zk5CJlRSxceXWf8PQZTdS0PoHdOPOlRtx043gpqA1ksykSdpJG1ObtOT7gXJP594zP3In4czAzPadV4/TSUtL6gXxBpR4RUqyKxKuRo6lcRHxiEdqzYi9MGA3Jbk49u3j/0pEorHY7LxSc9GFSxGl1MTU26fP1s5tFsZur09s+GUr/GD7a+Tz1t9bk9s/Fx6lLJWyVCZbULpazH4q6IumoRIpK60pddM0dMtQqYxl5O3+bMHZrORyRaVnEuPBXN6wLKVniiptFFUhqwr5otIf6qmM0jRNjQdlcOxM1Zrc7+bFy/PzerTLjS51mYc/bvPQ3ny+/uV5X2ntiZdPbp8AAMBpVa///c31/05r/e9xWm9z/e8oSala/9+6e+96B/X/xkib+j97oP53ri+kpT9pZqn/uxU4uCheHuq+/scZkR8VKa9J4xv94v7adC2g/gcAAAAAAAAAAAAAAAAAAAAA4CzYqVRClUolVG29YsfVP7/zwEj9/37vJ05G8/zbc+2rzjrzPyCaHtwLiJgvl+PLcbu1+6NJSYkphkxLSH7UzgeHHc9di816VE1Y3pmrTv7qcnyoNX9GQhJ2z5+x81Vr/rAEm/MjEpK/3PMjrvkjcuF8U74mIfmwJFkxJVE7rxv5z2eUunojti9/VBIuT8wBAAAAAHAWaWqP6/W7prXrt/M7uT8w7Xp97pN/ff09dgAAAAAABoVVXEnrpmnkjwxeOxlHDv7iDOx4zccNhjs9Cn/na35TCzzt1hzY++ie/NPDI20E9XcyHzp41BnU0uXcnlnt/T4fO5jqy9Z91ZO+aUmw7eCJIbcP/LDA77yVubpkt7JvzOX1/74XV65MHjHLJxT09GcIAAAAQA80iv5+7wkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOrF68T6/cxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfFrwAAAP//CgoTZA==")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r4, 0xc0185879, &(0x7f00000004c0)={@desc={0x4100, 0x0, @desc4}})

6.886250505s ago: executing program 2 (id=2726):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000000740)=""/234, 0xea, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000000)=""/106, 0xfe4e, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000440)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)

6.839651369s ago: executing program 5 (id=2727):
syz_emit_ethernet(0x7e3, &(0x7f0000001180)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd606410a607ad000000000000000000000000ffff00000000fe8000000000000000000000000000aa840000000000009f"], 0x0)

6.787503342s ago: executing program 4 (id=2728):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000039c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b6"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={0x0, 0x7}, 0xc)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000180)=0x7d)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f040100010f0000000000f2150609000040"})
ppoll(&(0x7f0000000080)=[{r1}], 0x1, 0x0, 0x0, 0x0)
r2 = syz_open_pts(r1, 0x0)
r3 = dup3(r2, r1, 0x0)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000001d00)='net/unix\x00')
r5 = fanotify_init(0x0, 0x1)
readv(r5, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/183, 0xb7}], 0x1)
fanotify_mark(r5, 0x1, 0x40000011, r4, 0x0)

6.549329955s ago: executing program 5 (id=2729):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x7f, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72", 0x0, 0x8, 0x60000000}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00"/11, @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f00000002c0)=ANY=[@ANYBLOB="b700000002000000bfa30000000000007603000028feffff7a0af0fff8ffffff61a4f0ff000000005d040000000000007f000000000000002704000001ed0a0025000000170000003e040000000000007b0300fe000000002d03000000000000c600f9ffffff00009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef7054803d0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d85827513acd02b5a655a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f08050ec6850600000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf8707f0d5217e9bb5a05d9e22ce67f1231bd236ed200073826593c4e1a0f50a74bb482e486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e9978931485747292c6fe6e188750cf4f87cce2aa7d67c6133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc1caa80e64461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5fea5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87dd4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f6260a483632a2ab447f88dd6efec73a0271a19ca3aa860aa4dcaeebe3d53040b853a7c02a5fcc08b3a572969bbe91c921ac1476027772c87d172ab29967e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f522df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bdaa075fdd88d22230592a790000000000000000000000003527dfd01b47000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7c54d5cb9076b81b7741ec03877afb520400000000000000c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399fa5ee0b41e14a6fe6894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014fa841061e63d40f4e536314beda5738fee012365f963b2a85e7d8075c333475b9f0284405e30700000041285fbe0bdd37220e31d4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe8c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df96d49f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21da4fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696ebc2ab3f4b642f36c9006c0067e24a64aa8c53df824a4ee271e35ed90000800847683c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68ad9fa2b2528798df1c36fc438d9c98f168490b41e158bb2e2d8ed19d44b9cce67c9c522b5136be09ed1b97ea3d5b317508df23e92c56fc2eb74d27d3861d91745b8fb9f6cc20e9f8b174000c62c4a2b212332a073fc5d0be7347e41454cb27e081c43e92ae7f9f046600db85d945a4666b588629ce0809d5c8506308688db21ec04d365497bf900600"/2767], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r6, &(0x7f00000004c0)=ANY=[], 0x78)
sendfile(r5, r6, &(0x7f00000001c0), 0x8bb98)
fcntl$addseals(r6, 0x409, 0x8)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000000))
prlimit64(0xffffffffffffffff, 0x2, &(0x7f0000000100)={0x6, 0x80000001}, &(0x7f0000000240))
fallocate(r6, 0x0, 0x0, 0x3)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000005c0))
userfaultfd(0x80001)

5.730822224s ago: executing program 0 (id=2731):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
r1 = fsopen(&(0x7f0000000100)='sysfs\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='iocharset=cp865,utf8=1,utf8=0,utf8=1,iocharset=utf8,sys_immutable,uni_xlate=0,uni_xlate=1,uni_xlate=1,gid=', @ANYRESHEX, @ANYBLOB='A\x00'], 0x1, 0x193, &(0x7f0000000b00)="$eJzs281qE10YB/B/+vataV0kC1fiYpauQtMrMEgFMSAoWSgIim1AOlKwENCF7c6FN+HluNUrcdmFMNJOYz9IQEGb2Px+m3ngzB+ec2A+zsA8v/V6Z2t3b/hs+DnNRiNLd1LksJF2ljJ2EADgKjmsqnyrqqq6dpDVT6mqatYdAQB/m+c/ACyex0+ePuj1+5uPiqKZlB9Gg9GgPtbjvWFepcx21tPK9xy9IJyo63v3+5vrxbF2Ppb7J/n90eC/8/luWmlPznfrfHE+/3/WzuY30sqNyfmNifmV3F45k++kla8vs5syWznKnubfd4vi7sP+hfz14/MAAADgKugUP03cv3c608brfK/xy98HLuyvl3NzebZzB4BFtff23c6Lstx+M6/Fl7W60XnpZ3oxXtJ56ef3i9XMRRt/sGgkmYM2/qGiOV6xGd6UgEtxevXPuhMAAAAAAAAAAAAAAGCay/ivaNZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDx/AgAAP//fVyNVw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x101100, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
unshare(0x6a040000)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
gettid()
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40c0}, 0x44)
r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0xa0042, 0x0)
write$tcp_mem(r3, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, r0, 0x1, &(0x7f0000000000))
fsmount(r1, 0x0, 0x0)
capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000040))
fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000080)='syss\x00\x00', &(0x7f0000000400)='\x00', 0x1)

5.506916127s ago: executing program 2 (id=2732):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000002c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80, &(0x7f0000000540)={[{@nobh}, {@acl}, {@auto_da_alloc}, {@resuid}, {@journal_checksum}, {@norecovery}, {@prjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x7}}]}, 0x6, 0x652, &(0x7f0000000dc0)="$eJzs3U9oHF8dAPDvzGbzS9L4SysiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7d/SFKwtWACHhQURLwW6UXw7F169yZC9eZZqCIVC1q6P2Z2ttlsZrNJmuwm2c8HNjvz5m3e++7bt/NmZ99OAANrKvuTRpyOeHcriZho2TYejY1TRb7X/356O7slUa9/919JJEVaM39S3J8oVkYi4s9XIz5d2VruyuMnd+dq9YafRJxfvffw/MrjJ+eW7s3dWbizcH/2wtcuXpr5+uzF2ZaK7t2J4v7a9e98/pc//eFXF/9SO5fE5bhZ/fF8tMWxX6ZiKt4VIbamD0XEpWyh5Hk5ao5BCAOtUrweqxHx2ZiISr7WMBFLv+hr5YADVa9E1LeXdMsAHFW6Nwyq5jigeWxffhyctK3f7MHIpDdeXWkcAG2Nf6j4yGEkPzYae520HBk1Pts4uQ/lZ2W8fTry7O3TyWex6XOIN+9bZ2gfyulkbT0iPlcWf5LX7WQeaRZ/uulYP3tFzETEcFG/b31AHVpfXQfxOcx2dhN/azukEXG5uM/Sr+6x/PaPtXodPwCD6cWVYke+lq1t7P+ysUdz/BMl45/xDz8lk+v3/q/z+K+5vx/Jxz1p2zgsG7PcKP+X1faEv//82q87ld8Y/00+a96y8ptjwV54tR4x2Rb/z7Jgi/FPFn9S0v5ZlluXd1bGt1/+81qnbf2Ov/484kzp8c/GqDRb2ub85PnFpdrCTONvaRl//NMPftep/PL4PzqASMtl7T/WIf6W9k/bH5c9Jw/L/+V6e8Ifbjy/16n88a7tn/5jOGkcbw4XKT9aX11dno0YTq4XWYr0udXV5Qvbx9vI86ae38824j/7pfL+v+n13xbVaPMtcwcefu/u607b9vL6bzmZ/K6+wzp0ksU/3739t/T/LO1XOyzjv99/9IVO2zrHX82f4xJb3l8BAAAAAACAhjQ/B5uk0++X03R6ujFf9jMxltYerKx+efHBo/vzEWfz70NW00iT/CsjE431ZHGptjBbfB+2uX6hbf0rEXEqIn5TGc3Xp28/qM33O3gAAAAAAAAAAAAAAAAAAAA4JE4U8/+b16n+T6Ux/x8YEN0vMLfl+g/AMXGQF5gEDre8/2+3i/+4d3UBesv+HwbXXvv/yD7XA+g9+38YXPo/DC79HwaX/g+Da2i93zUA+sX+HwAAAACOpVNffPG3JCLWvjGa3zLDxTaTfuF4q+4qd+XA6gH0nh4Ng+v9qX+DfRg4Oxr//6/4ccCDrw7QB0lZYj44qG/f+V+UPnKDrxYDAAAAAAAAAAAAwL45c7rz/P/dzQ0GjhrT/mBwfcD8fz8dAEecn/6HweUYH+gyi7/zpf67zf8HAAAAAAAAAAAAAPbNeH5L0uliLvB4pOn0dMSnIuJkVJPFpdrCTER8HBF/rVQ/ytZn+11pAAAAAAAAAAAAAAAAAAAAOGZWHj+5O1erLSy3Lvx/S0oPF37/MqLHhTavgto9c30HebZd+Gbs8lGR9L4JRqPnTdDDhaGWlCRiLWv5Q1Gx5ZU4HNXIF/r8xgQAAAAAAAAAAAAAAAAAAAOoZe5xucnf9rhGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANB7G9f/77IwP9Z4wI4yb17od4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNH0SQAAAP//Kbg8mA==")
unlink(&(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x418484, &(0x7f0000000440), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
r0 = open(0x0, 0x185102, 0x0)
mmap(&(0x7f00005b9000/0x4000)=nil, 0x4000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240), 0x0, 0x1300, 0x0, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x20, &(0x7f0000000bc0)=ANY=[@ANYBLOB="05000000000000009500000000000000b7080000000000007b8af8ff00000000b7080000380000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000b7080000000000007b8af8ff00000000b7080000050000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008ed000085814a385551eba6820000000000000085200000010008001830150000000020000000000000000034a0c308c5ec39b03059ffb16e6dfc4c867b585ac4debf2dc98d4f78678af5644084db2294"], &(0x7f0000000440)='GPL\x00', 0x401, 0x93, &(0x7f0000000480)=""/147, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0xa, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000780), &(0x7f0000000980)=[{0x1, 0x1}, {0x1, 0x0, 0xf, 0x1}, {0x5, 0x2, 0x6}, {0x0, 0x2, 0x0, 0x7}, {0x0, 0x3, 0x6}, {0x0, 0x1}, {0x0, 0x0, 0x5, 0x5}, {0x0, 0x3, 0x1000000, 0x8}], 0x10, 0x7, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84, 0x144, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x20000)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r5, 0xc0605345, &(0x7f00000000c0)={0x6, 0x2, {0xffffffffffffffff, 0x1, 0x1, 0x3, 0x100}})

4.583947361s ago: executing program 4 (id=2734):
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
io_setup(0x9, &(0x7f00000000c0)=<r0=>0x0)
io_getevents(r0, 0x1, 0x1, &(0x7f0000000000)=[{}], 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = eventfd2(0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000001740)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x1, r2}])

4.031498248s ago: executing program 3 (id=2736):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x80, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r2, 0x4)
sendmsg$unix(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

4.031203148s ago: executing program 1 (id=2737):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000180)={@remote}, 0x14)

3.961780352s ago: executing program 4 (id=2738):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
r0 = getpgid(0xffffffffffffffff)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@nfc_llcp, &(0x7f0000000700)=0x80, 0x80000)
sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe2$9p(0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, 0x0, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000080), 0x0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r3, &(0x7f0000000180)="eb", 0x1, 0x80, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @private0}, 0x1c)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f00000001c0), &(0x7f0000000340)=0x8)
syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000640), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000010000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0x360, 0x178, 0x178, 0x360, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@multicast1, [], @ipv6=@loopback, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv4=@multicast1}}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x468)

3.906587695s ago: executing program 3 (id=2739):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='htcp\x00', 0x5)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)

3.027320746s ago: executing program 1 (id=2740):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000080)=0x1, 0x12)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000000), 0x0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x5453, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000800), 0xffffffffffffffff)
r6 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000e80)='ns/net\x00')
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x24, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8, 0x1d, r6}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r7, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)

2.797215877s ago: executing program 4 (id=2741):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2)
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
pipe(&(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000002180)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000702000000feffff7a0af0ff1800000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000009000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100f51f00000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16d875fe369258673b5df11cc2afb53611cc320000bc0b80e80eae8f5e64becef4db2ce77c55dbaca340e4a01e2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151f07bd4e97d62ecc645e143a60f1c6edc76609077909826151e2b42bf005007e8b0db51662de6d87c41cd3ade010e9468bda6f82881eb8c9cfa72bba6708eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf101000500496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b4207e6078625cb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6d2676bef8310f7032775cfd75652f87b039d543000000000000000008ce31344b554aca78a00000000000000e63a0dba7f6b25e8d5e40a3a571a5dfde3b4dca2d38a9c0ea7b5bcd49f977c609915c7601080d10b96af1eb55922b2ad13a0eeefae505f4535cd9dc69fbab92150c7e74e5c5b051ddf6399b0d00eee5c3afee38cdc55b8d3fbbe210bdec686a23503f4a5f5734a9e204dbc327ec8f9851d273fa07369c419942509198605ff2781f4d2d4685d762d4764f7ff762e09116946137b7ab812a2d408b57206093eea233054c6aa08bffc8a076d476bc28fc21d5297997a7c71f38ee2d7102d0a7bea32f51aba25da0f72b895ec90882f56730236b30e656a1ab2fcb80df49afa05d8c9d5bdc3c1feed5c593a5d84825df543749d993a583abe77ea37d0a0b4683166c5cb0969aa18035859d8699fd6f4f2e1cf9a44152afe1bef320c"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x1f2f, 0x241, 0x38f, &(0x7f00000007c0)="9f44948721919580684010a486dd", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r4, 0x0, 0xc, 0x0, 0x0)
setsockopt$inet_int(r4, 0x0, 0x17, &(0x7f0000000040)=0xe, 0x36)
close(r3)
pipe(&(0x7f0000000080))
close(0xffffffffffffffff)
rt_sigtimedwait(&(0x7f0000000140)={[0xfffffffffffffff9]}, 0x0, 0x0, 0x8)

2.682102071s ago: executing program 0 (id=2742):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="3c0000001000010400570000ebffffffffffffcd", @ANYRES32=0x0, @ANYBLOB="0051010000000000140035007465616d5f736c6176655f310000000008000a00", @ANYRES32], 0x3c}}, 0x4008040)

2.631515593s ago: executing program 3 (id=2743):
sched_setscheduler(0x0, 0x1, 0x0)
fchdir(0xffffffffffffffff)
r0 = gettid()
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
write$rfkill(r1, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1}, 0x8)
write$rfkill(r1, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
inotify_init1(0x0)

2.448476016s ago: executing program 1 (id=2744):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
r0 = getpgid(0xffffffffffffffff)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
accept4(0xffffffffffffffff, &(0x7f0000000680)=@nfc_llcp, &(0x7f0000000700)=0x80, 0x80000)
sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe2$9p(0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, 0x0, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000080), 0x0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r3, &(0x7f0000000180)="eb", 0x1, 0x80, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @private0}, 0x1c)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f00000001c0), &(0x7f0000000340)=0x8)

1.486542457s ago: executing program 0 (id=2745):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000340)={0x24, &(0x7f0000000700)=ANY=[@ANYBLOB="40010c906622449627364c720000000000000000"], &(0x7f0000000140)=ANY=[@ANYBLOB="04"], &(0x7f0000000740)={0x0, 0x22, 0x9, {[@local=@item_012={0x0, 0x2, 0xa}, @main=@item_4={0x3, 0x0, 0x8, "4eea65b3"}, @local=@item_012={0x2, 0x2, 0x0, 'eD'}]}}, &(0x7f0000000300)={0x0, 0x21, 0x9, {0x9, 0x21, 0x7f, 0x1, 0x1, {0x22, 0x7f}}}}, &(0x7f00000006c0)={0x2c, &(0x7f0000000380)=ANY=[@ANYBLOB="40174c00000090623bd0bc9cac459d261091f671678366de4d7e8ce10f095d6568a05166d320f4c9941bdb8e59adbeacadafaf8c6ab7030d7d12409e0966f9d138506950790b4896de9f50a99a20e86ab611"], &(0x7f0000000400)={0x0, 0xa, 0x1, 0xa}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x8}, &(0x7f0000000640)={0x20, 0x1, 0x46, "ac426717248aeeaf46f09c0b24d551240822e5af194cdf1de91c805bb0c036ed76686d63ca5a43a68ae68718856a626867b12722dd3b2dfa60257e66b629d69f6535a15ecd5b"}, &(0x7f0000000480)={0x20, 0x3, 0x1, 0x4}})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = fsopen(&(0x7f0000000080)='binder\x00', 0x0)
r2 = fsmount(r1, 0x0, 0x20)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x70000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
syz_emit_ethernet(0x1bb, &(0x7f0000000780)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x185, 0x3a, 0x0, @remote, @mcast2, {[@fragment={0x2b, 0x0, 0x49, 0x1, 0x0, 0x9, 0x68}, @routing={0x3b, 0x6, 0x1, 0x5, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2={0xfc, 0x2, '\x00', 0x1}, @private1]}, @hopopts={0x2b, 0x2, '\x00', [@padn={0x1, 0x1, [0x0]}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x8}, @padn={0x1, 0x1, [0x0]}]}, @srh={0x2f, 0x4, 0x4, 0x2, 0x78, 0x28, 0x8f, [@empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}, @routing={0x2, 0xc, 0x0, 0x97, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}, @loopback, @private2, @remote, @mcast1]}, @routing={0x6c, 0x6, 0x1, 0x7, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @remote, @private0={0xfc, 0x0, '\x00', 0x1}]}], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x9, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac150"}, {0x0, 0x1, "0000000500000000260004"}]}}}}}}, 0x0)
syz_emit_ethernet(0x29a, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaa00aaaaaaaaaa0086dd60cb653e02643a00fe800000000000000000000000000000fe80000000000000000000000000000086009078000000000000000000000000000d7db4265c9f6aa3b46521199ea778d105c24ab977edb940e63f49a7129f45462e5eecc39f468544e3c13aa9017ccd638e784912ef2c2589d0d45cf0ed4bbe909218459bcbeaf63697aef1702b895af582b2e3b5cd435f497d415f29c5d941df10c1ca58197441e0e9b3400d9800081598a4a8a719ffe0621615f6d04dcae3360546cf06f2665bae2296931fd1d71c1f7e8f222b9ddc4e0bfb5e5c9a484353b785e79b4d8181cf146261723484c54803466e8b0034130c3818a2eaac43f1a6efc4f7772852ea05bff405aa28758ba53e0f2060e4e027f24bb723a5571d0da2ebeb3fe47f34e606cb3987e3681841f511126b773758e143f6be25d6965fcca35155fec3f970e2067f5db8a5de787eaf96b5957e6b988c02ae9fe26ec3118d9fdcca129d1269b290f687cde5b4eaba737c806335ca0d1e43697d144c6df4dc0d31e84004bc22e87b6e2daab5674479c76a1be360d309e7e7e5fa089032b331a3ceea18d92124681c0b78a0f1665ffcba0bee11950f6b4912bb302b3e648fad7ff4862ccc823e720fdb20af8ab0a6a09dfcdacf69923d60a0efeacf81e1e7e17db9547a4962bdec794c013af7210e54d43f3fe7da2f88c674f4cfd818f6a7461368bf62f1d5f98fd90f4eb74bf0559f1c6b1ebec57dba007f143108ca4be3fa330cc21a411b0b7af23ebd9282be17fb702a5ca61650b283eec78e0280e4f2713b42bd4e3615c48c55c1abe5827601038109736f9c6b7242e7c9c917309397b864eedf5ca71db1debb609b63c1b54955706017731319e0cc41083f99bd11da748b47d8715080899eb15caf19df36632b73bb22596b"], 0x0)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x100000000000600d, 0x1)
r3 = syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x0)
r4 = dup2(0xffffffffffffffff, r3)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000340)={'\x00', 0x0, 0x43, 0x10000})
ioctl$BLKTRACESETUP(r4, 0x1275, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)

1.293389733s ago: executing program 1 (id=2746):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
userfaultfd(0x801)
socket(0x10, 0x803, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000080)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)

1.212671795s ago: executing program 2 (id=2747):
bpf$ITER_CREATE(0x21, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
gettid()
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7})
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100001)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)

1.212119397s ago: executing program 5 (id=2748):
socket$kcm(0x10, 0x2, 0x0)
setxattr$incfs_size(&(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x3)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r1, 0x0, 0x0)
syz_clone3(0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioctl$SOUND_PCM_READ_BITS(0xffffffffffffffff, 0x80045005, &(0x7f0000000000))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040f0411000b08"], 0x7)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
getpeername$l2tp6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)

423.820954ms ago: executing program 1 (id=2749):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0)
socket(0x10, 0x80002, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

323.537704ms ago: executing program 5 (id=2750):
socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000003040)={@val={0x8, 0x800}, @val, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x89, 0x0, @rand_addr, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}, 0x36)

210.666387ms ago: executing program 3 (id=2751):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x80, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r2, 0x4)
sendmsg$unix(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

121.128792ms ago: executing program 1 (id=2752):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
chown(0x0, 0xee01, 0x0)

82.714449ms ago: executing program 3 (id=2753):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x40046207, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x8, 0x0, &(0x7f00000003c0)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0xc, 0x0, &(0x7f0000000400)=[@dead_binder_done={0x400c6313}], 0x0, 0x0, 0x0})

0s ago: executing program 3 (id=2754):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
r1 = fsopen(&(0x7f0000000100)='sysfs\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='iocharset=cp865,utf8=1,utf8=0,utf8=1,iocharset=utf8,sys_immutable,uni_xlate=0,uni_xlate=1,uni_xlate=1,gid=', @ANYRESHEX, @ANYBLOB='A\x00'], 0x1, 0x193, &(0x7f0000000b00)="$eJzs281qE10YB/B/+vataV0kC1fiYpauQtMrMEgFMSAoWSgIim1AOlKwENCF7c6FN+HluNUrcdmFMNJOYz9IQEGb2Px+m3ngzB+ec2A+zsA8v/V6Z2t3b/hs+DnNRiNLd1LksJF2ljJ2EADgKjmsqnyrqqq6dpDVT6mqatYdAQB/m+c/ACyex0+ePuj1+5uPiqKZlB9Gg9GgPtbjvWFepcx21tPK9xy9IJyo63v3+5vrxbF2Ppb7J/n90eC/8/luWmlPznfrfHE+/3/WzuY30sqNyfmNifmV3F45k++kla8vs5syWznKnubfd4vi7sP+hfz14/MAAADgKugUP03cv3c608brfK/xy98HLuyvl3NzebZzB4BFtff23c6Lstx+M6/Fl7W60XnpZ3oxXtJ56ef3i9XMRRt/sGgkmYM2/qGiOV6xGd6UgEtxevXPuhMAAAAAAAAAAAAAAGCay/ivaNZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDx/AgAAP//fVyNVw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x101100, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
unshare(0x6a040000)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
gettid()
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40c0}, 0x44)
r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0xa0042, 0x0)
write$tcp_mem(r3, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, r0, 0x1, &(0x7f0000000000))
fsmount(r1, 0x0, 0x0)
capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000040))
fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000080)='syss\x00\x00', &(0x7f0000000400)='\x00', 0x1)

kernel console output (not intermixed with test programs):

02 ff ff ff ff ff ff ff fb  ................
[ 1086.705917][ T1173] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[ 1086.715691][ T1173] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[ 1086.717729][T15456] XFS (loop2): Quotacheck needed: Please wait.
[ 1086.731184][T15444] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x14 len 4 error 74
[ 1086.751915][T15453] XFS (loop1): Unmount and run xfs_repair
[ 1086.769167][T15453] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[ 1086.776935][T15453] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[ 1086.786009][T15453] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80  ..P.............
[ 1086.794974][T15453] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[ 1086.804274][T15453] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[ 1086.814515][T15453] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[ 1086.823970][T15453] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[ 1086.833634][T15453] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[ 1086.845638][T15453] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[ 1086.885194][T15453] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x14 len 4 error 74
[ 1086.910771][T15453] XFS (loop1): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[ 1086.932517][T15456] XFS (loop2): Quotacheck: Done.
[ 1086.992408][T15444] XFS (loop0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[ 1087.017706][T14354] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1087.083489][T15453] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[ 1087.120635][T15444] XFS (loop0): Please unmount the filesystem and rectify the problem(s)
[ 1087.192387][T15444] loop0: writeback error on inode 9286, offset 0, sector 18692
[ 1087.533459][T14405] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1087.550367][T14763] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1088.705539][T15511] loop2: detected capacity change from 0 to 1024
[ 1088.742595][T15511] EXT4-fs: Ignoring removed nobh option
[ 1088.804552][T15511] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1088.996130][T15518] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1089.016555][T15511] loop2: detected capacity change from 0 to 2048
[ 1089.408213][T15515] loop5: detected capacity change from 0 to 32768
[ 1089.583951][T15511] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1089.681808][   T29] audit: type=1800 audit(1727664592.427:113): pid=15511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2019" name="bus" dev="loop2" ino=18 res=0 errno=0
[ 1090.510403][T15515] XFS (loop5): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[ 1090.762691][T15515] XFS (loop5): Starting recovery (logdev: internal)
[ 1090.961860][T15515] XFS (loop5): Ending recovery (logdev: internal)
[ 1090.976732][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1091.070128][T15553] loop3: detected capacity change from 0 to 764
[ 1091.128916][T15553] rock: corrupted directory entry. extent=32, offset=2044, size=237
[ 1091.223579][T15553] Symlink component flag not implemented
[ 1091.254179][T15553] Symlink component flag not implemented
[ 1091.266519][T15553] Symlink component flag not implemented (128)
[ 1091.293059][T15553] Symlink component flag not implemented (122)
[ 1091.301448][T13628] XFS (loop5): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[ 1091.801179][T15572] loop3: detected capacity change from 0 to 512
[ 1091.813535][T15572] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1091.829892][T15570] loop5: detected capacity change from 0 to 8192
[ 1091.932383][T15572] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1092.007716][T15570] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1092.063979][T15572] EXT4-fs error (device loop3): __ext4_iget:4952: inode #11: block 1: comm syz.3.2039: invalid block
[ 1092.104520][T15572] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.2039: couldn't read orphan inode 11 (err -117)
[ 1092.165042][T15572] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1092.259027][T15572] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.2039: Directory hole found for htree leaf block 0
[ 1092.331144][T15578] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1092.395751][T15580] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.2039: Directory hole found for htree leaf block 0
[ 1092.600891][T15572] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.2039: Directory hole found for htree leaf block 0
[ 1092.665045][T15583] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2042'.
[ 1092.683099][T15586] loop0: detected capacity change from 0 to 1024
[ 1092.748367][T15586] EXT4-fs: Ignoring removed nobh option
[ 1092.782477][T15586] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1092.919353][T12152] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1093.303553][T15595] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2046'.
[ 1093.338799][T15586] loop0: detected capacity change from 0 to 2048
[ 1093.662907][T15586] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1093.785152][   T29] audit: type=1800 audit(1727664596.557:114): pid=15586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2044" name="bus" dev="loop0" ino=18 res=0 errno=0
[ 1094.247785][T15604] 9pnet_fd: Insufficient options for proto=fd
[ 1094.408835][T15608] loop5: detected capacity change from 0 to 512
[ 1094.522846][T15608] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1094.539580][T15608] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1094.698000][T15608] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1094.709002][T15608] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1094.718278][T15608] EXT4-fs (loop5): blocks per group (41) and clusters per group (32768) inconsistent
[ 1094.806497][T15618] loop2: detected capacity change from 0 to 128
[ 1094.876637][T14763] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1095.510732][T15628] fuse: Bad value for 'fd'
[ 1096.048537][T15629] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2057'.
[ 1096.092824][T15618] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1096.118397][T15618] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1097.114074][T15633] loop4: detected capacity change from 0 to 2048
[ 1097.162884][T15633] EXT4-fs: Ignoring removed orlov option
[ 1097.295482][T15640] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1097.310110][T15633] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1098.245502][T15658] loop3: detected capacity change from 0 to 1024
[ 1098.288698][T15644] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1098.320025][T15658] EXT4-fs: Ignoring removed nobh option
[ 1098.390969][T15658] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1098.518640][T15644] EXT4-fs (loop4): Remounting filesystem read-only
[ 1098.809516][T15658] loop3: detected capacity change from 0 to 2048
[ 1098.903293][T15658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1098.995715][   T29] audit: type=1800 audit(1727664601.797:115): pid=15658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2065" name="bus" dev="loop3" ino=18 res=0 errno=0
[ 1099.116614][T13650] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1099.999054][T12152] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1100.152408][T15679] loop4: detected capacity change from 0 to 512
[ 1100.180918][T15679] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[ 1100.727877][T15687] loop3: detected capacity change from 0 to 128
[ 1100.769454][T15687] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[ 1102.768135][T15700] fuse: Bad value for 'fd'
[ 1103.854299][T15703] loop5: detected capacity change from 0 to 512
[ 1103.896780][T15703] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[ 1104.253170][T15709] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2080'.
[ 1104.334879][T15709] geneve2: entered promiscuous mode
[ 1104.515009][T15693] loop4: detected capacity change from 0 to 32768
[ 1104.548668][T15693] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1104.855878][T15724] loop5: detected capacity change from 0 to 1024
[ 1104.863728][T15724] EXT4-fs: Ignoring removed nobh option
[ 1104.877753][T15724] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1104.984891][T15693] XFS (loop4): Ending clean mount
[ 1105.006987][T15693] XFS (loop4): Quotacheck needed: Please wait.
[ 1105.133686][T15693] XFS (loop4): Quotacheck: Done.
[ 1105.434776][T13650] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1107.371173][T15746] loop1: detected capacity change from 0 to 128
[ 1108.347007][T15758] loop4: detected capacity change from 0 to 128
[ 1108.456321][T15758] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[ 1109.503982][T15763] loop3: detected capacity change from 0 to 512
[ 1109.579772][T15763] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[ 1110.701043][T15780] fuse: Bad value for 'fd'
[ 1111.680110][T15789] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1112.200867][T15798] loop0: detected capacity change from 0 to 512
[ 1112.971943][T15801] loop0: detected capacity change from 0 to 1024
[ 1115.555691][T15810] loop1: detected capacity change from 0 to 128
[ 1115.872339][ T1261] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.878688][ T1261] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.051663][T15810] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[ 1116.176188][T15810] syz.1.2106: attempt to access beyond end of device
[ 1116.176188][T15810] loop1: rw=3, sector=6950, nr_sectors = 2 limit=128
[ 1116.189745][T15810] syz.1.2106: attempt to access beyond end of device
[ 1116.189745][T15810] loop1: rw=2051, sector=6952, nr_sectors = 942 limit=128
[ 1116.377939][T15814] loop5: detected capacity change from 0 to 128
[ 1116.639890][T15818] loop4: detected capacity change from 0 to 512
[ 1116.897526][T15818] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[ 1117.212942][T15823] loop1: detected capacity change from 0 to 32768
[ 1117.516807][T15834] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1117.905136][T15835] loop2: detected capacity change from 0 to 32768
[ 1117.975133][T15823] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1118.008753][T15835] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1118.249723][T15823] XFS (loop1): Ending clean mount
[ 1118.264241][T15835] XFS (loop2): Ending clean mount
[ 1118.289287][T15835] XFS (loop2): Quotacheck needed: Please wait.
[ 1118.408941][T15835] XFS (loop2): Quotacheck: Done.
[ 1118.848960][T14405] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1119.471021][T15866] loop4: detected capacity change from 0 to 512
[ 1119.493405][T14354] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1119.978120][T15869] loop4: detected capacity change from 0 to 1024
[ 1120.891261][T15874] fuse: Bad value for 'fd'
[ 1122.684928][T15882] loop5: detected capacity change from 0 to 128
[ 1123.900239][T15882] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[ 1123.940901][T15881] syz.5.2123: attempt to access beyond end of device
[ 1123.940901][T15881] loop5: rw=3, sector=6950, nr_sectors = 2 limit=128
[ 1123.954346][T15881] syz.5.2123: attempt to access beyond end of device
[ 1123.954346][T15881] loop5: rw=2051, sector=6952, nr_sectors = 942 limit=128
[ 1124.614132][T15886] Cannot find set identified by id 0 to match
[ 1124.695930][T15894] Non-string source
[ 1124.752864][T15894] loop2: detected capacity change from 0 to 2048
[ 1124.783344][T15876] loop3: detected capacity change from 0 to 32768
[ 1124.794240][T15876] XFS: ikeep mount option is deprecated.
[ 1124.841392][T15876] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1124.867062][T15894]  loop2: p1 p2 p3
[ 1125.021958][ T4678]  loop2: p1 p2 p3
[ 1125.087453][T15876] XFS (loop3): Ending clean mount
[ 1125.100718][T15876] XFS (loop3): Quotacheck needed: Please wait.
[ 1125.136852][T15910] loop1: detected capacity change from 0 to 128
[ 1125.172140][T15912] xt_TCPMSS: Only works on TCP SYN packets
[ 1125.185742][T15910] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1125.227509][T15910] ext4 filesystem being mounted at /31/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1125.278422][ T8700] udevd[8700]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1125.281401][ T5287] udevd[5287]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[ 1125.303420][ T5703] udevd[5703]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[ 1125.349309][ T8700] udevd[8700]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[ 1125.373636][ T5546] udevd[5546]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1125.423028][T15915] loop2: detected capacity change from 0 to 512
[ 1125.427599][T15876] XFS (loop3): Quotacheck: Done.
[ 1125.435417][ T5703] udevd[5703]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[ 1125.446494][T15915] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1125.494844][T12152] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1125.523629][T15915] EXT4-fs error (device loop2): __ext4_iget:4952: inode #11: block 1: comm syz.2.2129: invalid block
[ 1125.537536][T15915] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.2129: couldn't read orphan inode 11 (err -117)
[ 1125.551355][T15915] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1125.640984][T15915] EXT4-fs error (device loop2): ext4_add_entry:2437: inode #2: comm syz.2.2129: Directory hole found for htree leaf block 0
[ 1125.673348][T15915] EXT4-fs error (device loop2): ext4_add_entry:2437: inode #2: comm syz.2.2129: Directory hole found for htree leaf block 0
[ 1125.749387][T15915] EXT4-fs error (device loop2): ext4_add_entry:2437: inode #2: comm syz.2.2129: Directory hole found for htree leaf block 0
[ 1125.830771][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1125.946849][T15918] fuse: Bad value for 'fd'
[ 1126.095547][T15923] loop2: detected capacity change from 0 to 512
[ 1126.130107][T14405] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1126.339797][T15926] loop3: detected capacity change from 0 to 128
[ 1126.569863][T15928] loop2: detected capacity change from 0 to 1024
[ 1128.486302][T15924] loop0: detected capacity change from 0 to 65536
[ 1128.583698][T15924] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1129.123867][T15924] XFS (loop0): Ending clean mount
[ 1129.142760][T15924] XFS (loop0): Quotacheck needed: Please wait.
[ 1129.229674][T15950] ALSA: seq fatal error: cannot create timer (-22)
[ 1129.239369][T15950] ALSA: seq fatal error: cannot create timer (-22)
[ 1129.277751][T15924] XFS (loop0): Quotacheck: Done.
[ 1129.316999][T14763] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1129.390135][T15933] loop2: detected capacity change from 0 to 65536
[ 1129.841052][T15933] XFS (loop2): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1129.984558][T15964] fuse: Bad value for 'fd'
[ 1130.716194][T15933] XFS (loop2): Ending clean mount
[ 1130.726521][T15933] XFS (loop2): Quotacheck needed: Please wait.
[ 1130.877546][ T5288] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1130.913564][T15933] XFS (loop2): Quotacheck: Done.
[ 1131.018535][T14354] XFS (loop2): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1131.093813][ T5288] usb 2-1: Using ep0 maxpacket: 32
[ 1131.129713][ T5288] usb 2-1: New USB device found, idVendor=0421, idProduct=04d8, bcdDevice=6a.33
[ 1131.140624][ T5288] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1131.167793][ T5288] usb 2-1: config 0 descriptor??
[ 1131.185738][ T5288] usb 2-1: bad CDC descriptors
[ 1131.191090][ T5288] cdc_acm 2-1:0.0: Zero length descriptor references
[ 1131.225628][ T5288] cdc_acm 2-1:0.0: probe with driver cdc_acm failed with error -22
[ 1131.390672][T15965] loop1: detected capacity change from 0 to 16
[ 1131.432295][T15965] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1131.472769][T15965] syz.1.2139: attempt to access beyond end of device
[ 1131.472769][T15965] loop1: rw=0, sector=8, nr_sectors = 16 limit=16
[ 1131.486422][T15965] erofs: (device loop1): z_erofs_read_folio: read error -5 @ 8200 of nid 36
[ 1131.496932][T15965] syz.1.2139: attempt to access beyond end of device
[ 1131.496932][T15965] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[ 1131.512526][T15965] syz.1.2139: attempt to access beyond end of device
[ 1131.512526][T15965] loop1: rw=524288, sector=8, nr_sectors = 16 limit=16
[ 1131.527096][T15965] syz.1.2139: attempt to access beyond end of device
[ 1131.527096][T15965] loop1: rw=0, sector=8, nr_sectors = 16 limit=16
[ 1131.540558][T15965] erofs: (device loop1): z_erofs_read_folio: read error -5 @ 8200 of nid 36
[ 1131.552968][T15965] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1131.631999][T15971] loop3: detected capacity change from 0 to 32768
[ 1131.642081][T15965] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1131.749785][ T5288] XFS (loop3): Metadata CRC error detected at xfs_sb_read_verify+0x303/0x440, xfs_sb_quiet block 0x0 
[ 1131.761797][ T5288] XFS (loop3): Unmount and run xfs_repair
[ 1131.767545][ T5288] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[ 1131.775403][ T5288] 00000000: 58 46 53 42 00 00 08 00 00 00 00 00 00 00 20 00  XFSB.......... .
[ 1131.784350][ T5288] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1131.794643][ T5288] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[ 1131.803714][ T5288] 00000030: 00 00 00 00 00 00 01 00 00 00 00 00 00 00 24 40  ..............$@
[ 1131.812766][ T5288] 00000040: 00 00 00 00 00 00 24 41 00 00 00 00 00 00 24 42  ......$A......$B
[ 1131.821799][ T5288] 00000050: 00 00 00 02 00 00 20 00 00 00 00 01 00 00 00 00  ...... .........
[ 1131.830666][ T5288] 00000060: 00 00 12 00 b4 b5 02 00 04 00 00 02 00 00 00 00  ................
[ 1131.839673][ T5288] 00000070: 00 00 00 00 00 00 00 00 0b 09 0a 01 0d 00 00 32  ...............2
[ 1132.213977][T15975] loop2: detected capacity change from 0 to 32768
[ 1132.224704][T15975] XFS: ikeep mount option is deprecated.
[ 1132.317372][T15975] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1132.435363][T15975] XFS (loop2): Ending clean mount
[ 1132.456459][T15975] XFS (loop2): Quotacheck needed: Please wait.
[ 1132.536121][T15975] XFS (loop2): Quotacheck: Done.
[ 1132.771020][T15990] loop0: detected capacity change from 0 to 128
[ 1132.779160][ T5235] Bluetooth: hci3: command 0x0406 tx timeout
[ 1132.789120][T15990] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1132.858281][T15990] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1133.331664][T15963] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2139'.
[ 1133.370738][ T8469] usb 2-1: USB disconnect, device number 16
[ 1133.387761][T15994] pim6reg1: entered promiscuous mode
[ 1133.410344][T15994] pim6reg1: entered allmulticast mode
[ 1133.503694][T16002] loop5: detected capacity change from 0 to 128
[ 1133.532301][T16001] fuse: Unknown parameter '0x0000000000000004'
[ 1133.600235][T16002] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1133.617246][T16005] loop3: detected capacity change from 0 to 512
[ 1133.632545][T16005] EXT4-fs: Ignoring removed nobh option
[ 1133.649799][T16005] EXT4-fs (loop3): blocks per group (71) and clusters per group (20800) inconsistent
[ 1133.655317][T14354] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1133.694121][T16002] ext4 filesystem being mounted at /96/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1133.756269][T16008] loop4: detected capacity change from 0 to 512
[ 1133.869260][T16012] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1134.343174][T16017] loop4: detected capacity change from 0 to 1024
[ 1134.456660][T16018] input: syz0 as /devices/virtual/input/input15
[ 1135.096986][T16020] loop0: detected capacity change from 0 to 128
[ 1135.106324][T13628] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1135.191443][T16020] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1135.289526][T16023] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2158'.
[ 1135.293816][T16020] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1135.369021][T16020] UDF-fs: error (device loop0): udf_read_inode: (ino 87) failed !bh
[ 1135.442828][T16031] loop2: detected capacity change from 0 to 128
[ 1135.443362][T16020] UDF-fs: error (device loop0): udf_fill_super: Error in udf_iget, block=3, partition=0
[ 1135.761276][T16033] syzkaller0: entered promiscuous mode
[ 1135.768212][T16038] loop0: detected capacity change from 0 to 2048
[ 1135.779571][T16033] syzkaller0: entered allmulticast mode
[ 1135.784595][T16038] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[ 1135.801678][ T1173] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1135.808186][T16038] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1135.813967][T16032] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2155'.
[ 1135.952653][ T1173] usb 2-1: Using ep0 maxpacket: 32
[ 1136.021663][ T1173] usb 2-1: New USB device found, idVendor=0421, idProduct=04d8, bcdDevice=6a.33
[ 1136.030865][ T1173] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1136.058141][ T1173] usb 2-1: config 0 descriptor??
[ 1136.097036][ T1173] usb 2-1: bad CDC descriptors
[ 1136.115143][ T1173] cdc_acm 2-1:0.0: Zero length descriptor references
[ 1136.142017][ T1173] cdc_acm 2-1:0.0: probe with driver cdc_acm failed with error -22
[ 1136.305079][T16023] loop1: detected capacity change from 0 to 16
[ 1136.327438][T16023] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1136.357430][T16023] syz.1.2158: attempt to access beyond end of device
[ 1136.357430][T16023] loop1: rw=0, sector=8, nr_sectors = 16 limit=16
[ 1136.410089][T16023] erofs: (device loop1): z_erofs_read_folio: read error -5 @ 8200 of nid 36
[ 1136.410700][T16044] syz.1.2158: attempt to access beyond end of device
[ 1136.410700][T16044] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[ 1136.466952][T16044] syz.1.2158: attempt to access beyond end of device
[ 1136.466952][T16044] loop1: rw=524288, sector=8, nr_sectors = 16 limit=16
[ 1136.539822][T16023] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1136.587473][T16023] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1136.644146][ T1173] usb 2-1: USB disconnect, device number 17
[ 1136.931480][T16043] loop5: detected capacity change from 0 to 32768
[ 1136.942344][T16043] XFS: ikeep mount option is deprecated.
[ 1137.346304][T16052] loop2: detected capacity change from 0 to 128
[ 1137.358763][T16043] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1137.389381][T16052] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1137.434640][T16052] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1137.455914][T16043] XFS (loop5): Ending clean mount
[ 1137.463244][T16043] XFS (loop5): Quotacheck needed: Please wait.
[ 1137.591650][T16043] XFS (loop5): Quotacheck: Done.
[ 1137.650797][T16058] fuse: Unknown parameter '0x0000000000000004'
[ 1137.769738][T16063] loop1: detected capacity change from 0 to 512
[ 1137.818644][T16063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1137.831863][T16062] loop2: detected capacity change from 0 to 128
[ 1137.851856][T16063] ext4 filesystem being mounted at /39/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1137.879158][T16062] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1137.892977][ T5249] Bluetooth: hci0: command 0x0406 tx timeout
[ 1137.929139][T16062] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1137.967864][T14405] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1138.316181][T16071] loop2: detected capacity change from 0 to 2048
[ 1138.389400][T16076] loop1: detected capacity change from 0 to 128
[ 1138.389453][T16071] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1138.429372][T16076] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1138.512203][T16076] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1139.067154][   T29] audit: type=1800 audit(1727664641.857:116): pid=16071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2166" name="file2" dev="loop2" ino=16 res=0 errno=0
[ 1139.177472][T14405] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1139.430979][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1139.620205][T16081] input: syz0 as /devices/virtual/input/input16
[ 1139.935044][T14763] UDF-fs: error (device loop0): udf_read_inode: (ino 1313) failed !bh
[ 1139.948289][T14763] UDF-fs: error (device loop0): udf_read_inode: (ino 1313) failed !bh
[ 1140.919373][T16089] loop2: detected capacity change from 0 to 512
[ 1140.932591][T16089] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1140.963082][T16089] EXT4-fs: Ignoring removed bh option
[ 1140.968600][T16089] EXT4-fs: Ignoring removed oldalloc option
[ 1140.983302][T16089] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1141.085215][T16089] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[ 1141.245086][T16093] loop2: detected capacity change from 0 to 128
[ 1142.429280][T16097] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2174'.
[ 1142.576003][T16105] loop2: detected capacity change from 0 to 1024
[ 1143.022789][ T8469] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1143.082058][T16105] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1143.475597][T16105] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.2178: Invalid block bitmap block 0 in block_group 0
[ 1143.491642][ T8469] usb 4-1: Using ep0 maxpacket: 32
[ 1143.553835][T13628] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1143.591695][ T8469] usb 4-1: New USB device found, idVendor=0421, idProduct=04d8, bcdDevice=6a.33
[ 1143.601014][ T8469] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1143.607644][ T7400] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1143.611904][T16105] Quota error (device loop2): write_blk: dquota write failed
[ 1143.635092][T16105] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 1143.666360][T16105] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.2178: Failed to acquire dquot type 0
[ 1143.679235][T16105] EXT4-fs error (device loop2): ext4_free_blocks:6589: comm syz.2.2178: Freeing blocks not in datazone - block = 0, count = 4096
[ 1143.682835][ T8469] usb 4-1: config 0 descriptor??
[ 1143.739999][ T8469] usb 4-1: bad CDC descriptors
[ 1143.746140][ T8469] cdc_acm 4-1:0.0: Zero length descriptor references
[ 1143.753604][ T8469] cdc_acm 4-1:0.0: probe with driver cdc_acm failed with error -22
[ 1143.766202][T16105] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.2178: Invalid inode bitmap blk 0 in block_group 0
[ 1143.786616][T16105] EXT4-fs error (device loop2) in ext4_free_inode:360: Corrupt filesystem
[ 1143.816761][   T65] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-8
[ 1143.849655][T16105] EXT4-fs (loop2): 1 orphan inode deleted
[ 1143.877208][T16105] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1143.929133][   T65] EXT4-fs error (device loop2): ext4_release_dquot:6902: comm kworker/u8:4: Failed to release dquot type 0
[ 1143.955524][T16097] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1143.998323][T16105] EXT4-fs error (device loop2): ext4_search_dir:1505: inode #2: block 16: comm syz.2.2178: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[ 1144.023615][ T7400] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1144.079946][T16097] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1144.128426][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1144.310062][ T5291] usb 4-1: USB disconnect, device number 29
[ 1144.356056][T16120] loop1: detected capacity change from 0 to 128
[ 1144.374905][ T5249] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1144.423236][ T5249] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1144.446062][ T5249] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1144.462952][T16120] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1144.485790][ T7400] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1144.498738][T16123] input: syz0 as /devices/virtual/input/input17
[ 1144.499124][ T5249] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1144.514269][T16120] ext4 filesystem being mounted at /45/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1144.552737][ T5249] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1144.560967][ T5249] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1144.711495][ T7400] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1145.016938][T14405] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1145.341993][ T7400] bridge_slave_1: left allmulticast mode
[ 1145.348115][ T7400] bridge_slave_1: left promiscuous mode
[ 1145.357001][ T7400] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1145.427569][ T7400] bridge_slave_0: left allmulticast mode
[ 1145.506396][ T7400] bridge_slave_0: left promiscuous mode
[ 1145.580144][ T7400] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1145.715920][T16147] loop5: detected capacity change from 0 to 128
[ 1146.616983][ T9302] Bluetooth: hci1: command tx timeout
[ 1147.344474][ T7400] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1147.397298][ T7400] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1147.906882][ T7400] bond0 (unregistering): Released all slaves
[ 1148.366880][T16174] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2196'.
[ 1148.629278][T16182] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2199'.
[ 1148.656359][T16118] chnl_net:caif_netlink_parms(): no params data found
[ 1148.710163][ T9302] Bluetooth: hci1: command tx timeout
[ 1148.763151][T16180] loop2: detected capacity change from 0 to 128
[ 1148.786816][T16180] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1148.819267][T16180] ext4 filesystem being mounted at /52/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1148.853125][T12149] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 1148.865584][T16184] input: syz0 as /devices/virtual/input/input18
[ 1148.998110][T16190] loop4: detected capacity change from 0 to 2048
[ 1149.017290][T16190] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[ 1149.025852][T16190] UDF-fs: Scanning with blocksize 512 failed
[ 1149.041692][T12149] usb 6-1: Using ep0 maxpacket: 32
[ 1149.057242][T12149] usb 6-1: New USB device found, idVendor=0421, idProduct=04d8, bcdDevice=6a.33
[ 1149.066662][T16190] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1149.076752][T12149] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1149.088499][T12149] usb 6-1: config 0 descriptor??
[ 1149.096046][T12149] usb 6-1: bad CDC descriptors
[ 1149.109513][T12149] cdc_acm 6-1:0.0: Zero length descriptor references
[ 1149.117760][T12149] cdc_acm 6-1:0.0: probe with driver cdc_acm failed with error -22
[ 1149.320216][T16174] loop5: detected capacity change from 0 to 16
[ 1149.348344][T14354] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1149.382083][T16174] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1149.492642][T16174] syz.5.2196: attempt to access beyond end of device
[ 1149.492642][T16174] loop5: rw=0, sector=8, nr_sectors = 16 limit=16
[ 1149.511022][T16203] loop4: detected capacity change from 0 to 128
[ 1149.551099][ T7400] hsr_slave_0: left promiscuous mode
[ 1149.563385][T16174] erofs: (device loop5): z_erofs_read_folio: read error -5 @ 8200 of nid 36
[ 1149.605922][ T7400] hsr_slave_1: left promiscuous mode
[ 1149.633563][T16208] syz.5.2196: attempt to access beyond end of device
[ 1149.633563][T16208] loop5: rw=524288, sector=16, nr_sectors = 16 limit=16
[ 1149.652921][T16174] syz.5.2196: attempt to access beyond end of device
[ 1149.652921][T16174] loop5: rw=0, sector=8, nr_sectors = 16 limit=16
[ 1149.667243][T16174] erofs: (device loop5): z_erofs_read_folio: read error -5 @ 8200 of nid 36
[ 1149.685110][T16174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1149.720666][ T7400] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1149.729002][T16174] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1149.742790][ T7400] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1149.768726][ T5288] usb 6-1: USB disconnect, device number 17
[ 1149.813119][ T7400] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1149.861422][ T7400] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1149.989914][ T7400] veth1_macvtap: left promiscuous mode
[ 1150.009472][ T7400] veth0_macvtap: left promiscuous mode
[ 1150.046246][ T7400] veth1_vlan: left promiscuous mode
[ 1150.167208][ T7400] veth0_vlan: left promiscuous mode
[ 1150.821611][ T9302] Bluetooth: hci1: command tx timeout
[ 1150.858572][T16222] loop2: detected capacity change from 0 to 1024
[ 1150.910180][T16222] EXT4-fs: Ignoring removed oldalloc option
[ 1151.034461][T16222] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1151.158867][   T29] audit: type=1326 audit(1727664653.957:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16221 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4db657dff9 code=0x7ffc0000
[ 1151.188773][   T29] audit: type=1326 audit(1727664653.957:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16221 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f4db657dff9 code=0x7ffc0000
[ 1151.258509][   T29] audit: type=1326 audit(1727664653.957:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16221 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4db657dff9 code=0x7ffc0000
[ 1151.295378][   T29] audit: type=1326 audit(1727664653.957:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16221 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f4db657dff9 code=0x7ffc0000
[ 1151.344835][   T29] audit: type=1326 audit(1727664653.957:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16221 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4db657dff9 code=0x7ffc0000
[ 1151.382859][   T29] audit: type=1326 audit(1727664653.957:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16221 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f4db657dff9 code=0x7ffc0000
[ 1151.440025][   T29] audit: type=1326 audit(1727664653.957:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16221 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4db657dff9 code=0x7ffc0000
[ 1151.465876][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1151.475172][   T29] audit: type=1326 audit(1727664653.957:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16221 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4db657dff9 code=0x7ffc0000
[ 1151.475224][   T29] audit: type=1326 audit(1727664653.957:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16221 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4db657dff9 code=0x7ffc0000
[ 1151.475268][   T29] audit: type=1326 audit(1727664653.957:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16221 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4db657e033 code=0x7ffc0000
[ 1152.096006][T16242] loop2: detected capacity change from 0 to 512
[ 1152.132480][T16242] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent
[ 1152.307570][ T7400] team0 (unregistering): Port device team_slave_1 removed
[ 1152.383051][ T7400] team0 (unregistering): Port device team_slave_0 removed
[ 1152.641239][T16247] loop4: detected capacity change from 0 to 128
[ 1152.677783][T16247] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1152.706059][T16247] ext4 filesystem being mounted at /99/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1152.851827][ T9302] Bluetooth: hci1: command tx timeout
[ 1153.250940][T16251] input: syz0 as /devices/virtual/input/input19
[ 1153.269390][T16118] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1153.284723][T16118] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1153.293758][T16118] bridge_slave_0: entered allmulticast mode
[ 1153.301369][T16118] bridge_slave_0: entered promiscuous mode
[ 1153.310293][T16213] netlink: 'syz.3.2207': attribute type 7 has an invalid length.
[ 1153.328106][T16213] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2207'.
[ 1153.355670][T16118] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1153.372228][T16118] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1153.390174][T16118] bridge_slave_1: entered allmulticast mode
[ 1153.401351][T16118] bridge_slave_1: entered promiscuous mode
[ 1153.433091][T13650] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1153.536633][T16118] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1153.568055][T16118] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1154.006554][T16118] team0: Port device team_slave_0 added
[ 1154.188717][T16264] loop4: detected capacity change from 0 to 16
[ 1154.196692][T16118] team0: Port device team_slave_1 added
[ 1154.310527][T16271] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2221'.
[ 1154.336528][T16264] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1154.772590][  T931] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[ 1154.983735][  T931] usb 2-1: Using ep0 maxpacket: 32
[ 1155.215245][T16118] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1155.222440][T16118] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1155.376164][T16118] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1155.482649][T16118] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1155.510090][T16118] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1155.513808][  T931] usb 2-1: New USB device found, idVendor=0421, idProduct=04d8, bcdDevice=6a.33
[ 1155.587286][  T931] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1155.622800][  T931] usb 2-1: config 0 descriptor??
[ 1155.630214][  T931] usb 2-1: bad CDC descriptors
[ 1155.642030][  T931] cdc_acm 2-1:0.0: Zero length descriptor references
[ 1155.644238][T16118] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1155.669430][  T931] cdc_acm 2-1:0.0: probe with driver cdc_acm failed with error -22
[ 1155.909551][T16289] loop2: detected capacity change from 0 to 128
[ 1155.939648][T16271] loop1: detected capacity change from 0 to 16
[ 1156.025984][T16271] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1156.061439][T16118] hsr_slave_0: entered promiscuous mode
[ 1156.102651][T16118] hsr_slave_1: entered promiscuous mode
[ 1156.163807][T16118] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1156.174147][T16118] Cannot create hsr debugfs directory
[ 1156.204740][T16280] loop5: detected capacity change from 0 to 32768
[ 1156.236658][T16271] syz.1.2221: attempt to access beyond end of device
[ 1156.236658][T16271] loop1: rw=0, sector=8, nr_sectors = 16 limit=16
[ 1156.250342][T16271] erofs: (device loop1): z_erofs_read_folio: read error -5 @ 8200 of nid 36
[ 1156.260725][T16271] syz.1.2221: attempt to access beyond end of device
[ 1156.260725][T16271] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[ 1156.284029][T16271] syz.1.2221: attempt to access beyond end of device
[ 1156.284029][T16271] loop1: rw=524288, sector=8, nr_sectors = 16 limit=16
[ 1156.300170][T16271] syz.1.2221: attempt to access beyond end of device
[ 1156.300170][T16271] loop1: rw=0, sector=8, nr_sectors = 16 limit=16
[ 1156.315639][T16271] erofs: (device loop1): z_erofs_read_folio: read error -5 @ 8200 of nid 36
[ 1156.530193][T16271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1156.572505][T16271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1156.693527][T12149] usb 2-1: USB disconnect, device number 18
[ 1156.699896][T16280] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1156.926784][T16280] XFS (loop5): Ending clean mount
[ 1156.974701][T16280] XFS (loop5): Quotacheck needed: Please wait.
[ 1157.091637][T16309] bridge0: port 3(gretap0) entered blocking state
[ 1157.099239][T16280] XFS (loop5): Quotacheck: Done.
[ 1157.115840][T16309] bridge0: port 3(gretap0) entered disabled state
[ 1157.130211][T16309] gretap0: entered allmulticast mode
[ 1157.141864][T16309] gretap0: entered promiscuous mode
[ 1157.158195][T16309] bridge0: port 3(gretap0) entered blocking state
[ 1157.165463][T16309] bridge0: port 3(gretap0) entered forwarding state
[ 1157.184864][T16322] loop4: detected capacity change from 0 to 128
[ 1157.263592][T16322] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1157.276089][T16313] gretap0: left allmulticast mode
[ 1157.286200][T16313] gretap0: left promiscuous mode
[ 1157.298800][T16313] bridge0: port 3(gretap0) entered disabled state
[ 1157.315278][T16322] ext4 filesystem being mounted at /102/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1157.322032][T16323] serio: Serial port pts0
[ 1157.407350][T16331] loop1: detected capacity change from 0 to 1024
[ 1157.426125][T16312] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[ 1157.447095][T16331] EXT4-fs: Mount option(s) incompatible with ext2
[ 1157.548614][T13628] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1157.907597][T16336] syz.1.2230[16336] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1157.908181][T16336] syz.1.2230[16336] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1157.920639][T16336] syz.1.2230[16336] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1158.772870][T13650] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1159.130932][T16354] loop5: detected capacity change from 0 to 128
[ 1159.143437][T16353] loop2: detected capacity change from 0 to 512
[ 1159.156094][T16353] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1159.402465][T16353] EXT4-fs (loop2): blocks per group (255) and clusters per group (8192) inconsistent
[ 1159.599219][T16359] loop4: detected capacity change from 0 to 512
[ 1159.606605][T16359] EXT4-fs: Ignoring removed orlov option
[ 1159.824742][T16344] loop1: detected capacity change from 0 to 40427
[ 1159.869795][T16344] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1159.877885][T16344] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1159.928883][T16363] fuse: Unknown parameter '0x0000000000000004'
[ 1159.932365][T16359] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102]
[ 1159.943825][T16359] System zones: 1-12
[ 1159.958813][T16359] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #15: comm syz.4.2235: casefold flag without casefold feature
[ 1160.095659][T16359] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.2235: couldn't read orphan inode 15 (err -117)
[ 1160.133618][T16344] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1160.174958][T16359] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1160.304862][T16359] EXT4-fs error (device loop4): ext4_add_entry:2437: inode #2: comm syz.4.2235: Directory hole found for htree leaf block 0
[ 1161.038449][T16369] netem: change failed
[ 1161.068121][T16344] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1161.111683][T16344] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1161.382624][T13650] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1162.010055][T16118] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1162.134601][T16118] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1162.242156][T16118] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1162.315352][T16118] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1162.364251][T16374] loop5: detected capacity change from 0 to 32768
[ 1162.637629][T16118] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1162.724985][T16118] 8021q: adding VLAN 0 to HW filter on device team0
[ 1162.914212][ T6067] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1162.921373][ T6067] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1162.988693][ T5922] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1162.996967][ T5922] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1163.132422][T16389] loop2: detected capacity change from 0 to 32768
[ 1163.177422][T16385] loop4: detected capacity change from 0 to 32768
[ 1163.192813][T16385] XFS: ikeep mount option is deprecated.
[ 1163.205317][T16389] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1163.538009][T16374] loop5: detected capacity change from 0 to 32768
[ 1163.610213][T16385] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1163.739115][T16374] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1163.745158][T16389] XFS (loop2): Ending clean mount
[ 1163.793355][T16389] XFS (loop2): Quotacheck needed: Please wait.
[ 1163.873104][T16385] XFS (loop4): Ending clean mount
[ 1163.884669][T16444] xt_hashlimit: size too large, truncated to 1048576
[ 1163.941767][T16385] XFS (loop4): Quotacheck needed: Please wait.
[ 1163.981900][T16374] XFS (loop5): Ending clean mount
[ 1164.001393][T16389] XFS (loop2): Quotacheck: Done.
[ 1164.008160][T16374] XFS (loop5): Quotacheck needed: Please wait.
[ 1164.105216][T16453] loop1: detected capacity change from 0 to 128
[ 1164.123063][T16385] XFS (loop4): Quotacheck: Done.
[ 1164.128273][T16374] XFS (loop5): Quotacheck: Done.
[ 1164.207339][T16118] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1164.254437][T13628] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1164.303250][T16118] veth0_vlan: entered promiscuous mode
[ 1164.315556][T16118] veth1_vlan: entered promiscuous mode
[ 1164.342559][T16118] veth0_macvtap: entered promiscuous mode
[ 1164.377833][T16118] veth1_macvtap: entered promiscuous mode
[ 1164.488090][T16118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1164.498911][T16118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.500937][T14354] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1164.509346][T16118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1164.509373][T16118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.509392][T16118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1164.509414][T16118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.511150][T16118] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1164.571878][T16118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1164.582744][T16118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.592906][T16118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1164.604472][T16118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.614811][T16118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1164.625828][T16118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.636172][T16118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1164.647830][T16118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.659561][T16118] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1164.670839][T16118] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1164.679885][T16118] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1164.688752][T16118] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1164.697747][T16118] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1164.995689][T13650] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1165.579757][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1165.588659][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1165.597524][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1165.632735][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1165.729665][T16466] loop5: detected capacity change from 0 to 512
[ 1165.739251][T16466] EXT4-fs: Ignoring removed orlov option
[ 1166.377770][T16466] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102]
[ 1166.397810][T16466] System zones: 1-12
[ 1166.655044][T16466] EXT4-fs error (device loop5): ext4_orphan_get:1388: inode #15: comm syz.5.2256: casefold flag without casefold feature
[ 1166.683864][T16466] EXT4-fs error (device loop5): ext4_orphan_get:1393: comm syz.5.2256: couldn't read orphan inode 15 (err -117)
[ 1166.777312][T16466] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1166.980943][T16466] EXT4-fs error (device loop5): ext4_add_entry:2437: inode #2: comm syz.5.2256: Directory hole found for htree leaf block 0
[ 1167.811203][T16499] serio: Serial port ptm0
[ 1168.145056][T16469] loop2: detected capacity change from 0 to 32768
[ 1168.373022][T16469] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1168.503497][T16514] loop4: detected capacity change from 0 to 1024
[ 1168.540438][T16514] EXT4-fs: Mount option(s) incompatible with ext2
[ 1168.605455][T16517] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1168.928221][T16519] syz.4.2261[16519] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1168.928734][T16519] syz.4.2261[16519] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1168.942444][T16519] syz.4.2261[16519] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1169.348953][T16469] XFS (loop2): Ending clean mount
[ 1169.480063][T16469] XFS (loop2): Quotacheck needed: Please wait.
[ 1169.622180][T13628] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1169.863527][T16536] loop5: detected capacity change from 0 to 256
[ 1169.978947][T16469] XFS (loop2): Quotacheck: Done.
[ 1170.031109][T16536] FAT-fs (loop5): Directory bread(block 64) failed
[ 1170.037938][T16536] FAT-fs (loop5): Directory bread(block 65) failed
[ 1170.060018][T16536] FAT-fs (loop5): Directory bread(block 66) failed
[ 1170.075829][T16536] FAT-fs (loop5): Directory bread(block 67) failed
[ 1170.085230][T16536] FAT-fs (loop5): Directory bread(block 68) failed
[ 1170.096893][T16536] FAT-fs (loop5): Directory bread(block 69) failed
[ 1170.130494][T16536] FAT-fs (loop5): Directory bread(block 70) failed
[ 1170.147228][T14354] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1170.169437][T16536] FAT-fs (loop5): Directory bread(block 71) failed
[ 1170.184363][T16536] FAT-fs (loop5): Directory bread(block 72) failed
[ 1170.191393][T16536] FAT-fs (loop5): Directory bread(block 73) failed
[ 1171.103257][T16552] loop2: detected capacity change from 0 to 512
[ 1171.238234][T16558] loop0: detected capacity change from 0 to 256
[ 1171.289079][T16552] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[ 1171.315785][T16555] loop4: detected capacity change from 0 to 1764
[ 1171.372653][T16555] iso9660: Bad value for 'dmode'
[ 1172.339662][T16545] loop1: detected capacity change from 0 to 32768
[ 1172.561401][T16545] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1172.668244][T16586] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1173.532528][T16545] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop1": -EINTR
[ 1173.533000][T16545] XFS (loop1): log mount failed
[ 1173.534862][T16595] syz.3.2276[16595] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1173.547628][T16595] syz.3.2276[16595] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1173.559290][T16595] syz.3.2276[16595] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1174.751453][T16599] loop2: detected capacity change from 0 to 512
[ 1174.774281][T16599] EXT4-fs: Ignoring removed orlov option
[ 1174.885173][T16599] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102]
[ 1174.953586][T16599] System zones: 1-12
[ 1175.117430][T16599] EXT4-fs error (device loop2): ext4_orphan_get:1388: inode #15: comm syz.2.2279: casefold flag without casefold feature
[ 1175.135511][T16599] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.2279: couldn't read orphan inode 15 (err -117)
[ 1175.159224][T16599] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1175.359960][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1175.432310][T16616] syz.5.2284[16616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1175.432424][T16616] syz.5.2284[16616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1175.493738][T16616] syz.5.2284[16616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1175.984343][T16614] loop4: detected capacity change from 0 to 2048
[ 1176.121686][T16625] geneve2: entered promiscuous mode
[ 1176.126969][T16625] geneve2: entered allmulticast mode
[ 1176.723067][T16635] loop5: detected capacity change from 0 to 512
[ 1176.738993][T16635] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1176.887345][ T1261] ieee802154 phy0 wpan0: encryption failed: -22
[ 1176.893936][ T1261] ieee802154 phy1 wpan1: encryption failed: -22
[ 1176.908535][T16614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1176.983811][T16635] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b856c118, mo2=0002]
[ 1177.001099][T16635] System zones: 1-12
[ 1177.102237][T16635] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.2289: corrupted in-inode xattr: e_value size too large
[ 1177.119080][T16635] EXT4-fs error (device loop5): ext4_orphan_get:1393: comm syz.5.2289: couldn't read orphan inode 15 (err -117)
[ 1177.285732][T16635] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1177.414362][   T29] kauditd_printk_skb: 40 callbacks suppressed
[ 1177.414414][   T29] audit: type=1800 audit(1727664679.967:167): pid=16614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2283" name="bus" dev="loop4" ino=18 res=0 errno=0
[ 1178.482124][T16649] loop2: detected capacity change from 0 to 512
[ 1178.549469][T16649] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[ 1178.564928][T13650] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1179.479801][T13628] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1181.876809][T16690] loop2: detected capacity change from 0 to 16
[ 1181.886465][T16690] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1182.427992][T16704] input: syz0 as /devices/virtual/input/input20
[ 1182.584764][T16708] loop4: detected capacity change from 0 to 512
[ 1183.264545][T16708] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1183.603412][T16720] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2307'.
[ 1183.645505][T16708] ext4 filesystem being mounted at /115/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1183.663630][T16722] fuse: Bad value for 'fd'
[ 1183.945734][T16727] geneve2: entered promiscuous mode
[ 1183.951016][T16727] geneve2: entered allmulticast mode
[ 1184.111308][T13650] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1185.391452][T16758] loop0: detected capacity change from 0 to 512
[ 1185.712697][T16758] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1186.180372][T16758] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1186.522495][T16775] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1187.059648][T16782] input: syz0 as /devices/virtual/input/input21
[ 1187.063677][T16785] loop1: detected capacity change from 0 to 512
[ 1187.090110][T16118] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1187.128078][T16785] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[ 1187.192813][T16785] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[ 1187.201185][T16785] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1187.275424][T16785] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2322: bg 0: block 361: padding at end of block bitmap is not set
[ 1187.278501][T16773] loop2: detected capacity change from 0 to 32768
[ 1187.297457][T16773] XFS: ikeep mount option is deprecated.
[ 1187.299252][T16785] EXT4-fs (loop1): Remounting filesystem read-only
[ 1187.317786][T16785] EXT4-fs (loop1): 1 truncate cleaned up
[ 1187.352748][T16785] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[ 1187.547670][T16781] loop5: detected capacity change from 0 to 32768
[ 1187.740716][T14405] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[ 1187.820443][T16801] loop0: detected capacity change from 0 to 1024
[ 1187.827781][T16801] EXT4-fs: Ignoring removed oldalloc option
[ 1187.866038][T16801] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[ 1188.069389][T16773] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1188.078353][T16781] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1188.146035][T16801] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1188.211021][T16816] fuse: Unknown parameter '·'
[ 1188.223099][T16773] XFS (loop2): Ending clean mount
[ 1188.236995][T16814] loop4: detected capacity change from 0 to 764
[ 1188.240036][T16773] XFS (loop2): Quotacheck needed: Please wait.
[ 1188.261052][T16814] rock: corrupted directory entry. extent=32, offset=2044, size=237
[ 1188.323112][T16781] XFS (loop5): Ending clean mount
[ 1188.330708][T16781] XFS (loop5): Quotacheck needed: Please wait.
[ 1188.466835][T16773] XFS (loop2): Quotacheck: Done.
[ 1188.480451][T16781] XFS (loop5): Quotacheck: Done.
[ 1188.528122][T16118] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1188.632503][T16818] overlayfs: statfs failed on './file0'
[ 1189.494684][T14354] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1189.666895][T16826] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2333'.
[ 1189.673168][T13628] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1189.901590][T16831] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[ 1191.028748][T16836] loop1: detected capacity change from 0 to 512
[ 1191.041092][T16836] EXT4-fs: quotafile must be on filesystem root
[ 1192.342183][T16841] loop1: detected capacity change from 0 to 512
[ 1192.392734][T16841] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1192.461869][T16841] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1192.462842][T16844] loop2: detected capacity change from 0 to 512
[ 1192.528566][T16844] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent
[ 1193.026086][T16856] fuse: Bad value for 'fd'
[ 1193.867064][T16841] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[ 1195.835554][T16865] loop0: detected capacity change from 0 to 128
[ 1195.887271][T16865] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1195.977140][T16872] loop2: detected capacity change from 0 to 1024
[ 1195.981808][T16865] ext4 filesystem being mounted at /14/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1196.023496][T14405] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1196.087493][T16873] loop4: detected capacity change from 0 to 512
[ 1196.097029][T16872] EXT4-fs: Mount option(s) incompatible with ext2
[ 1196.117064][T16875] loop5: detected capacity change from 0 to 512
[ 1196.127292][T16873] EXT4-fs (loop4): 1 truncate cleaned up
[ 1196.137413][T16873] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1196.184299][T16875] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1196.513584][T16882] syz.2.2343[16882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1196.514136][T16882] syz.2.2343[16882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1196.526378][T16882] syz.2.2343[16882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1197.084438][T16875] EXT4-fs (loop5): 1 truncate cleaned up
[ 1197.225644][T16875] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1197.364529][T13650] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1197.382801][T16118] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1197.433998][T16875] evm: overlay not supported
[ 1197.640517][T16887] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2348'.
[ 1197.956306][T16883] loop1: detected capacity change from 0 to 32768
[ 1197.963597][T16883] XFS: ikeep mount option is deprecated.
[ 1198.997054][T16883] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1199.072055][T16890] veth0_to_team: entered promiscuous mode
[ 1199.156721][T16890] veth0_to_team: entered allmulticast mode
[ 1199.177415][T16907] loop0: detected capacity change from 0 to 512
[ 1199.470969][T16883] XFS (loop1): Ending clean mount
[ 1199.486438][T16883] XFS (loop1): Quotacheck needed: Please wait.
[ 1199.729335][T16907] EXT4-fs (loop0): blocks per group (71) and clusters per group (20800) inconsistent
[ 1199.761890][T16911] loop2: detected capacity change from 0 to 764
[ 1199.770175][T16911] rock: corrupted directory entry. extent=32, offset=2044, size=237
[ 1200.087804][T16883] XFS (loop1): Quotacheck: Done.
[ 1200.201386][T14405] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1200.354294][T14119] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1201.327833][T16920] loop1: detected capacity change from 0 to 40427
[ 1201.556206][T16920] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[ 1201.570921][T16920] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1201.670232][   T65] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1202.229000][T16920] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1202.456655][   T65] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1202.553135][T16920] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1202.585145][T16920] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1202.647582][T16942] loop2: detected capacity change from 0 to 128
[ 1202.768317][T16942] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1202.787684][T16942] ext4 filesystem being mounted at /86/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1202.897078][   T65] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1202.944729][ T5249] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1202.967088][ T5249] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1202.982913][ T5249] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1202.993235][ T5249] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1203.004022][ T5249] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1203.013977][ T5249] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1203.055034][T16950] syz.1.2356: attempt to access beyond end of device
[ 1203.055034][T16950] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[ 1203.135130][   T65] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1203.463354][T14354] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1203.541397][   T65] bridge_slave_1: left allmulticast mode
[ 1203.571755][   T65] bridge_slave_1: left promiscuous mode
[ 1203.577573][   T65] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1204.065836][   T65] bridge_slave_0: left allmulticast mode
[ 1204.072134][   T65] bridge_slave_0: left promiscuous mode
[ 1204.082514][T14405] syz-executor: attempt to access beyond end of device
[ 1204.082514][T14405] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[ 1204.097063][T14405] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[ 1204.100253][   T65] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1204.879334][T16953] overlayfs: failed to resolve './file0': -2
[ 1204.937490][T16931] loop0: detected capacity change from 0 to 65536
[ 1204.988377][T16931] XFS (loop0): Mounting V5 Filesystem 96fa0d02-eac2-4cc4-980a-feab0601d24f
[ 1205.092808][T16931] workqueue: Failed to create a rescuer kthread for wq "xfs-cil/loop0": -EINTR
[ 1205.093831][T16931] XFS (loop0): log mount failed
[ 1205.100467][ T9302] Bluetooth: hci4: command tx timeout
[ 1206.510893][T16988] fuse: Unknown parameter 'grou00000000000000000000'
[ 1206.651993][T16977] loop1: detected capacity change from 0 to 32768
[ 1206.956659][T16977] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1207.172979][ T9302] Bluetooth: hci4: command tx timeout
[ 1207.379377][   T65] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1207.567192][   T65] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1207.627997][T16977] XFS (loop1): Ending clean mount
[ 1207.644527][   T65] bond0 (unregistering): Released all slaves
[ 1208.798574][T16947] chnl_net:caif_netlink_parms(): no params data found
[ 1209.292476][ T9302] Bluetooth: hci4: command tx timeout
[ 1209.673833][T17036] fuse: Bad value for 'fd'
[ 1209.810443][T17038] fuse: Bad value for 'group_id'
[ 1209.821812][   T65] hsr_slave_0: left promiscuous mode
[ 1209.835815][   T65] hsr_slave_1: left promiscuous mode
[ 1209.841628][T17038] fuse: Bad value for 'group_id'
[ 1209.882330][T14405] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1209.904856][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1209.914059][   T65] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1209.942711][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1209.981888][   T65] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1210.041331][   T65] veth1_macvtap: left promiscuous mode
[ 1210.142563][   T65] veth0_macvtap: left promiscuous mode
[ 1210.166693][   T65] veth1_vlan: left promiscuous mode
[ 1211.015764][T17040] overlayfs: failed to resolve './file0': -2
[ 1211.287781][T17051] fuse: Unknown parameter 'grou00000000000000000000'
[ 1211.332359][ T9302] Bluetooth: hci4: command tx timeout
[ 1211.507762][T17057] loop1: detected capacity change from 0 to 2048
[ 1211.528758][T17057] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1211.565244][T17060] loop4: detected capacity change from 0 to 512
[ 1211.746106][T17060] EXT4-fs (loop4): 1 truncate cleaned up
[ 1211.760771][T17060] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1213.175080][T17072] loop0: detected capacity change from 0 to 128
[ 1213.227294][T17072] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1213.265696][T13650] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1213.803354][T17072] ext4 filesystem being mounted at /25/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1214.533804][T16118] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1216.457104][T17101] loop0: detected capacity change from 0 to 512
[ 1216.504301][T17101] EXT4-fs (loop0): blocks per group (71) and clusters per group (20800) inconsistent
[ 1217.216783][T17085] overlayfs: failed to resolve './file0': -2
[ 1218.849518][T17120] loop2: detected capacity change from 0 to 512
[ 1218.854776][   T65] team0 (unregistering): Port device team_slave_1 removed
[ 1218.929277][T17114] loop0: detected capacity change from 0 to 65536
[ 1218.970212][T17120] EXT4-fs (loop2): 1 truncate cleaned up
[ 1218.977488][T17120] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1219.009626][T17114] XFS (loop0): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[ 1219.034334][   T65] team0 (unregistering): Port device team_slave_0 removed
[ 1219.086722][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1219.219670][T17114] XFS (loop0): Ending clean mount
[ 1219.234073][T17114] XFS (loop0): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[ 1223.398114][T17154] loop2: detected capacity change from 0 to 32768
[ 1223.423015][T17154] XFS: ikeep mount option is deprecated.
[ 1223.490488][T17154] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1223.766502][T17154] XFS (loop2): Ending clean mount
[ 1223.912160][T17154] XFS (loop2): Quotacheck needed: Please wait.
[ 1224.088793][T17154] XFS (loop2): Quotacheck: Done.
[ 1224.113092][T16947] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1224.120222][T16947] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1224.175574][T16947] bridge_slave_0: entered allmulticast mode
[ 1224.213443][ T5249] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1224.226288][ T5249] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1224.238083][ T5249] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1224.253071][ T5249] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1224.261159][ T5249] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1224.269097][ T5249] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1224.280626][T16947] bridge_slave_0: entered promiscuous mode
[ 1224.289561][T16947] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1224.297150][T16947] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1224.304395][T16947] bridge_slave_1: entered allmulticast mode
[ 1224.311898][T16947] bridge_slave_1: entered promiscuous mode
[ 1224.437407][T14354] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1224.448491][T16947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1224.534240][T16947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1224.727189][T17191] loop1: detected capacity change from 0 to 8192
[ 1224.729555][T16947] team0: Port device team_slave_0 added
[ 1224.875123][T16947] team0: Port device team_slave_1 added
[ 1224.942492][T17159] overlayfs: failed to resolve './file0': -2
[ 1225.034849][T17200] loop2: detected capacity change from 0 to 512
[ 1225.053836][T17200] EXT4-fs: Ignoring removed i_version option
[ 1225.112120][T17200] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1225.118521][T17200] EXT4-fs error (device loop2): ext4_orphan_get:1414: comm syz.2.2419: bad orphan inode 1
[ 1225.194994][T16947] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1225.231981][T17200] EXT4-fs (loop2): Remounting filesystem read-only
[ 1225.249464][T17200] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1225.284640][T16947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1225.311847][T16947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1225.324478][T16947] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1225.332244][T16947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1225.359030][T16947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1225.673676][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1225.711631][ T5291] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1226.372401][ T9302] Bluetooth: hci2: command tx timeout
[ 1226.419979][T16947] hsr_slave_0: entered promiscuous mode
[ 1226.448642][T16947] hsr_slave_1: entered promiscuous mode
[ 1226.489505][T16947] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1226.520933][T16947] Cannot create hsr debugfs directory
[ 1226.621715][ T5291] usb 2-1: Using ep0 maxpacket: 32
[ 1226.635678][ T5291] usb 2-1: New USB device found, idVendor=0421, idProduct=04d8, bcdDevice=6a.33
[ 1226.645192][ T5291] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1226.657530][ T5291] usb 2-1: config 0 descriptor??
[ 1226.680286][ T5291] usb 2-1: bad CDC descriptors
[ 1226.686039][ T5291] cdc_acm 2-1:0.0: Zero length descriptor references
[ 1226.693224][ T5291] cdc_acm 2-1:0.0: probe with driver cdc_acm failed with error -22
[ 1226.870105][T17209] loop1: detected capacity change from 0 to 16
[ 1226.898087][T17222] loop2: detected capacity change from 0 to 8192
[ 1226.898317][T17209] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1226.965926][T17209] syz.1.2420: attempt to access beyond end of device
[ 1226.965926][T17209] loop1: rw=0, sector=8, nr_sectors = 16 limit=16
[ 1226.981162][T17222]  loop2: p1 < > p2 p4 < p5 >
[ 1226.986752][T17222] loop2: partition table partially beyond EOD, truncated
[ 1226.998886][T17222] loop2: p1 start 8388864 is beyond EOD, truncated
[ 1227.013782][T17222] loop2: p2 size 31064064 extends beyond EOD, truncated
[ 1227.024125][T17222] loop2: p5 size 31064064 extends beyond EOD, truncated
[ 1227.034469][T17209] erofs: (device loop1): z_erofs_read_folio: read error -5 @ 8200 of nid 36
[ 1227.049144][T17209] syz.1.2420: attempt to access beyond end of device
[ 1227.049144][T17209] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[ 1227.062991][T17209] syz.1.2420: attempt to access beyond end of device
[ 1227.062991][T17209] loop1: rw=524288, sector=8, nr_sectors = 16 limit=16
[ 1227.077623][T17209] syz.1.2420: attempt to access beyond end of device
[ 1227.077623][T17209] loop1: rw=0, sector=8, nr_sectors = 16 limit=16
[ 1227.091168][T17209] erofs: (device loop1): z_erofs_read_folio: read error -5 @ 8200 of nid 36
[ 1227.096045][ T4678]  loop2: p1 < > p2 p4 < p5 >
[ 1227.103260][T17209] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1227.119835][ T4678] loop2: partition table partially beyond EOD, truncated
[ 1227.127264][ T4678] loop2: p1 start 8388864 is beyond EOD, truncated
[ 1227.134124][ T4678] loop2: p2 size 31064064 extends beyond EOD, truncated
[ 1227.136896][T17209] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1227.149839][ T4678] loop2: p5 size 31064064 extends beyond EOD, truncated
[ 1227.204594][ T5342] usb 2-1: USB disconnect, device number 19
[ 1227.655516][T17189] chnl_net:caif_netlink_parms(): no params data found
[ 1227.667096][T17234] loop2: detected capacity change from 0 to 512
[ 1227.786980][T17234] EXT4-fs (loop2): 1 truncate cleaned up
[ 1227.832771][T17234] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1227.856012][ T5546] udevd[5546]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[ 1227.870502][ T8700] udevd[8700]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[ 1227.964789][T17241] loop0: detected capacity change from 0 to 128
[ 1228.016277][T17241] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[ 1228.173878][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1228.453618][ T9302] Bluetooth: hci2: command tx timeout
[ 1228.859596][T17241] syz.0.2426: attempt to access beyond end of device
[ 1228.859596][T17241] loop0: rw=3, sector=6950, nr_sectors = 2 limit=128
[ 1228.909809][T17241] syz.0.2426: attempt to access beyond end of device
[ 1228.909809][T17241] loop0: rw=2051, sector=6952, nr_sectors = 942 limit=128
[ 1229.372626][T17257] loop1: detected capacity change from 0 to 164
[ 1229.489082][T17257] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1229.499621][T17258] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[ 1229.907983][T17257] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1231.160972][ T9302] Bluetooth: hci2: command tx timeout
[ 1232.020390][T17264] loop0: detected capacity change from 0 to 32768
[ 1232.108961][T17264] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1232.417432][T17305] loop2: detected capacity change from 0 to 512
[ 1232.439878][T17305] EXT4-fs (loop2): 1 truncate cleaned up
[ 1232.446852][T17305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1232.495956][T17284] loop1: detected capacity change from 0 to 32768
[ 1232.556753][T17264] XFS (loop0): Ending clean mount
[ 1232.613539][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1232.749941][T17311] loop2: detected capacity change from 0 to 512
[ 1232.797440][T17311] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent
[ 1232.854482][T16118] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1233.171744][ T9302] Bluetooth: hci2: command tx timeout
[ 1233.308157][T17316] overlayfs: missing 'lowerdir'
[ 1233.389950][   T65] bond0 (unregistering): Released all slaves
[ 1233.474196][T17320] loop1: detected capacity change from 0 to 256
[ 1233.519028][T17320] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[ 1233.559987][T17320] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[ 1233.742585][T17320] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[ 1233.785651][   T29] audit: type=1800 audit(1727664736.587:168): pid=17320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2444" name="file1" dev="loop1" ino=1048819 res=0 errno=0
[ 1233.857804][T17327] loop2: detected capacity change from 0 to 512
[ 1234.085285][T17331] loop0: detected capacity change from 0 to 512
[ 1234.338673][T17327] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -13
[ 1234.347722][   T29] audit: type=1326 audit(1727664737.037:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.3.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f113d57dff9 code=0x7fc00000
[ 1234.401567][T17331] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2441: bg 0: block 393: padding at end of block bitmap is not set
[ 1234.423400][T17331] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[ 1234.436443][T17331] EXT4-fs (loop0): 2 truncates cleaned up
[ 1234.448780][T17331] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1234.563999][T17327] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945729 > max in inode 13
[ 1234.591681][   T29] audit: type=1326 audit(1727664737.047:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.3.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f113d57dff9 code=0x7fc00000
[ 1234.615307][   T29] audit: type=1326 audit(1727664737.057:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.3.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f113d57dff9 code=0x7fc00000
[ 1234.634401][T17327] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945730 > max in inode 13
[ 1234.637998][   T29] audit: type=1326 audit(1727664737.077:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.3.2442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f113d57dff9 code=0x7fc00000
[ 1234.692267][T17327] EXT4-fs (loop2): 1 truncate cleaned up
[ 1234.699123][T17327] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1234.835805][T17327] fscrypt (loop2, inode 2): Error -61 getting encryption context
[ 1234.868694][T17327] fscrypt (loop2, inode 2): Error -61 getting encryption context
[ 1236.049131][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1236.390402][T16118] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1237.223614][T17189] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1237.230822][T17189] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1237.297424][T17189] bridge_slave_0: entered allmulticast mode
[ 1237.304836][T17189] bridge_slave_0: entered promiscuous mode
[ 1237.313375][T17189] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1237.320490][T17189] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1237.328371][T17189] bridge_slave_1: entered allmulticast mode
[ 1237.336313][T17189] bridge_slave_1: entered promiscuous mode
[ 1237.492364][T17341] loop1: detected capacity change from 0 to 32768
[ 1237.543712][T17341] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[ 1237.640550][T17189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1237.658343][T17189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1237.681824][T17341] XFS (loop1): Ending clean mount
[ 1237.735669][T17341] XFS (loop1): Quotacheck needed: Please wait.
[ 1237.750335][T17189] team0: Port device team_slave_0 added
[ 1237.806810][T17341] XFS (loop1): Quotacheck: Done.
[ 1237.865329][T17341] XFS (loop1): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[ 1237.940522][   T65] hsr_slave_0: left promiscuous mode
[ 1237.982706][   T65] hsr_slave_1: left promiscuous mode
[ 1238.222494][ T1261] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.228843][ T1261] ieee802154 phy1 wpan1: encryption failed: -22
[ 1238.338974][T17350] loop0: detected capacity change from 0 to 32768
[ 1238.388658][T17350] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1238.559742][T17350] XFS (loop0): Ending clean mount
[ 1238.985874][T16118] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1239.849562][T17380] loop2: detected capacity change from 0 to 32768
[ 1239.862811][T17380] XFS: ikeep mount option is deprecated.
[ 1241.577434][T17380] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1241.586877][T17380] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop2": -EINTR
[ 1241.587336][T17380] XFS (loop2): log mount failed
[ 1241.676343][T17408] loop0: detected capacity change from 0 to 512
[ 1241.870772][T17408] EXT4-fs (loop0): 1 truncate cleaned up
[ 1242.059379][T17408] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1242.177160][T16118] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1243.472996][T17189] team0: Port device team_slave_1 added
[ 1244.986195][T17189] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1245.140255][T17189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1245.441557][T17189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1245.849080][T17189] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1245.856513][T17189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1245.883427][T17189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1245.937249][T16947] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1245.977098][T16947] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1245.998828][T17452] loop1: detected capacity change from 0 to 2048
[ 1246.030863][T17452] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[ 1246.060565][T17452] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1246.121283][T16947] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1246.147530][T17455] loop0: detected capacity change from 0 to 1024
[ 1246.184639][T17455] ext4: Unknown parameter 'mask'
[ 1246.282636][T17189] hsr_slave_0: entered promiscuous mode
[ 1246.298700][T17189] hsr_slave_1: entered promiscuous mode
[ 1246.317127][T17189] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1246.327435][T17189] Cannot create hsr debugfs directory
[ 1246.383369][T16947] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1246.562452][T17449] loop2: detected capacity change from 0 to 65536
[ 1246.647211][T17463] loop0: detected capacity change from 0 to 512
[ 1246.835834][T17463] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #12: comm syz.0.2481: corrupted in-inode xattr: invalid ea_ino
[ 1246.857612][T17449] XFS (loop2): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1246.944188][T17471] syz.3.2480[17471] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1246.944732][T17471] syz.3.2480[17471] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1246.957291][T17471] syz.3.2480[17471] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1247.326441][T17463] EXT4-fs (loop0): Remounting filesystem read-only
[ 1247.439181][T17449] XFS (loop2): Ending clean mount
[ 1247.470767][T17449] XFS (loop2): Quotacheck needed: Please wait.
[ 1247.489116][T17463] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1247.593285][T17449] XFS (loop2): Quotacheck: Done.
[ 1247.971469][T14354] XFS (loop2): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1248.686340][T16947] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1248.723162][T16118] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[ 1248.996152][T16947] 8021q: adding VLAN 0 to HW filter on device team0
[ 1249.709396][ T3032] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1249.716783][ T3032] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1249.923460][ T3032] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1249.930635][ T3032] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1251.970965][T17189] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1252.116116][T17189] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1252.188047][T17189] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1252.219325][T17189] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1252.623145][T16947] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1252.749183][T17535] syz.3.2492[17535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1252.749296][T17535] syz.3.2492[17535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1252.760964][T17535] syz.3.2492[17535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1253.220353][T17189] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1253.466409][T17189] 8021q: adding VLAN 0 to HW filter on device team0
[ 1253.487387][T17512] loop2: detected capacity change from 0 to 32768
[ 1253.495058][T17512] XFS: ikeep mount option is deprecated.
[ 1253.549881][ T5922] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1253.557146][ T5922] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1253.602168][T17512] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1253.656730][ T5922] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1253.663937][ T5922] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1253.706011][T17512] XFS (loop2): Ending clean mount
[ 1253.723634][T17512] XFS (loop2): Quotacheck needed: Please wait.
[ 1254.101305][T17564] loop0: detected capacity change from 0 to 128
[ 1254.114773][T17564] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[ 1254.233013][T17564] syz.0.2495: attempt to access beyond end of device
[ 1254.233013][T17564] loop0: rw=3, sector=6950, nr_sectors = 2 limit=128
[ 1254.246798][T17564] syz.0.2495: attempt to access beyond end of device
[ 1254.246798][T17564] loop0: rw=2051, sector=6952, nr_sectors = 942 limit=128
[ 1254.791468][T17512] XFS (loop2): Quotacheck: Done.
[ 1255.020753][T14354] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1255.081555][T17527] loop1: detected capacity change from 0 to 32768
[ 1255.167097][T17527] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1255.270412][T17527] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop1": -EINTR
[ 1255.275662][T17527] XFS (loop1): log mount failed
[ 1255.938580][T17189] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1256.272590][T16947] veth0_vlan: entered promiscuous mode
[ 1256.285686][T16947] veth1_vlan: entered promiscuous mode
[ 1256.318563][T16947] veth0_macvtap: entered promiscuous mode
[ 1256.328151][T16947] veth1_macvtap: entered promiscuous mode
[ 1256.344091][T16947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1256.354766][T16947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1256.364956][T16947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1256.375622][T16947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1256.386119][T16947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1256.397261][T16947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1256.409488][T16947] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1256.459721][T16947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1256.474296][T16947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1256.485060][T16947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1256.496395][T16947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1256.506483][T16947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1256.517391][T16947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1256.527489][T16947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1256.538459][T16947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1256.552784][T16947] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1256.563184][T16947] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.571946][T16947] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.580653][T16947] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1256.590326][T16947] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1258.378943][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1258.433649][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1258.696561][T17189] veth0_vlan: entered promiscuous mode
[ 1258.709233][T17189] veth1_vlan: entered promiscuous mode
[ 1258.734581][T17189] veth0_macvtap: entered promiscuous mode
[ 1258.744594][T17189] veth1_macvtap: entered promiscuous mode
[ 1258.760543][T17189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1258.771150][T17189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1258.781324][T17189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1258.791912][T17189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1258.802580][T17189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1258.813200][T17189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1258.823117][T17189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1258.833621][T17189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1258.845750][T17189] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1258.937627][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[ 1259.160453][ T5922] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1259.168548][ T5922] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1260.872084][T17189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1260.939001][T17189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1260.950846][T17189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1260.965621][T17189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1260.976385][T17189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1260.989537][T17189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1261.000492][T17189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1261.013135][T17189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1261.024667][T17189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1261.028855][T17648] fuse: Unknown parameter 'use00000000000000000000'
[ 1261.044365][T17189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1261.084457][T17189] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1261.145828][T17189] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1261.162549][T17653] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[ 1261.199493][T17189] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1261.229393][T17189] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1261.238632][T17189] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1261.434729][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1261.476419][T17660] loop1: detected capacity change from 0 to 128
[ 1261.479207][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1261.534416][T17660] vfat: Bad value for 'gid'
[ 1261.569585][T17660] vfat: Bad value for 'gid'
[ 1261.610192][ T7400] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1261.742569][ T7400] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1263.562340][T17650] loop2: detected capacity change from 0 to 32768
[ 1263.569631][T17650] XFS: ikeep mount option is deprecated.
[ 1263.948570][T17650] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1264.103991][T17650] XFS (loop2): Ending clean mount
[ 1264.203520][T17667] loop0: detected capacity change from 0 to 32768
[ 1264.219149][T17650] XFS (loop2): Quotacheck needed: Please wait.
[ 1264.666820][T17667] workqueue: Failed to create a rescuer kthread for wq "xfs-reclaim/loop0": -EINTR
[ 1265.620278][T17650] XFS (loop2): Quotacheck: Done.
[ 1265.782222][T17727] fuse: Unknown parameter 'use00000000000000000000'
[ 1265.817773][T14354] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1266.094652][T17710] loop4: detected capacity change from 0 to 40427
[ 1266.150203][T17710] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1266.168189][T17710] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1266.317678][T17741] loop1: detected capacity change from 0 to 1024
[ 1266.324021][T17743] loop5: detected capacity change from 0 to 2048
[ 1266.324750][T17743] EXT4-fs: Ignoring removed orlov option
[ 1266.340936][T17741] EXT4-fs: Mount option(s) incompatible with ext2
[ 1266.350413][T17710] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1266.645776][T17743] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1266.865267][T17761] syz.1.2529[17761] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1266.865807][T17761] syz.1.2529[17761] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1266.878443][T17761] syz.1.2529[17761] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1267.208497][T17710] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1267.233556][T17757] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1267.305248][T17710] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1267.339884][T17757] EXT4-fs (loop5): Remounting filesystem read-only
[ 1267.578940][T16947] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1267.697534][T17778] loop2: detected capacity change from 0 to 128
[ 1267.737550][T17778] vfat: Bad value for 'gid'
[ 1267.746438][T17778] vfat: Bad value for 'gid'
[ 1271.200519][T17795] ALSA: seq fatal error: cannot create timer (-22)
[ 1271.216192][T17795] ALSA: seq fatal error: cannot create timer (-22)
[ 1271.468134][ T5249] Bluetooth: hci1: command 0x0406 tx timeout
[ 1271.907916][T17798] fuse: Bad value for 'fd'
[ 1273.008846][T17806] loop4: detected capacity change from 0 to 32768
[ 1273.016555][T17806] XFS: ikeep mount option is deprecated.
[ 1273.049249][T17791] loop1: detected capacity change from 0 to 32768
[ 1273.160795][   T29] audit: type=1326 audit(1727664775.957:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.0.2544" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f872277dff9 code=0x0
[ 1273.566452][T17806] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1273.756311][   T29] audit: type=1326 audit(1727664776.517:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17807 comm="syz.2.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4db657dff9 code=0x7fc00000
[ 1273.824559][   T29] audit: type=1326 audit(1727664776.627:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17807 comm="syz.2.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4db657dff9 code=0x7fc00000
[ 1273.959091][T17859] syz.3.2549[17859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1273.959673][T17859] syz.3.2549[17859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1273.972234][T17859] syz.3.2549[17859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1274.675281][T17791] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[ 1274.797944][T17791] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop1": -EINTR
[ 1274.799565][T17791] XFS (loop1): log mount failed
[ 1274.936000][T17806] XFS (loop4): Ending clean mount
[ 1274.943562][T17806] XFS (loop4): Quotacheck needed: Please wait.
[ 1275.031019][T17806] XFS (loop4): Quotacheck: Done.
[ 1275.220889][T17189] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1275.516705][T17880] loop1: detected capacity change from 0 to 128
[ 1275.534388][T17881] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1275.553621][T17880] vfat: Bad value for 'gid'
[ 1275.558161][T17880] vfat: Bad value for 'gid'
[ 1276.859121][T17892] ALSA: seq fatal error: cannot create timer (-22)
[ 1276.870571][T17892] ALSA: seq fatal error: cannot create timer (-22)
[ 1278.239760][T17902] loop4: detected capacity change from 0 to 164
[ 1278.289576][T17902] Unable to read rock-ridge attributes
[ 1278.338330][T17901] syz.2.2562: attempt to access beyond end of device
[ 1278.338330][T17901] loop2: rw=4096, sector=0, nr_sectors = 1 limit=0
[ 1278.454979][T17901] XFS (loop2): SB validate failed with error -5.
[ 1278.469186][T17902] Unable to read rock-ridge attributes
[ 1278.547191][   T29] audit: type=1107 audit(1727664781.337:176): pid=17908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='3'
[ 1278.570768][   T41] I/O error, dev loop2, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[ 1278.704366][T17914] loop5: detected capacity change from 0 to 1024
[ 1278.770316][T17913] loop2: detected capacity change from 0 to 1024
[ 1278.782245][T17914] EXT4-fs: Mount option(s) incompatible with ext2
[ 1278.885649][T17913] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[ 1279.081979][T17913] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e11d, mo2=0002]
[ 1279.090773][T17913] System zones: 0-1, 2-3, 4-36, 98-101, 102-102
[ 1279.193241][T17913] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1279.265233][T17922] syz.5.2564[17922] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1279.265762][T17922] syz.5.2564[17922] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1279.277992][T17922] syz.5.2564[17922] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1280.168349][T17928] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1280.280605][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1281.167885][T17943] loop1: detected capacity change from 0 to 16
[ 1281.907457][T17943] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1282.453704][T17926] loop4: detected capacity change from 0 to 32768
[ 1282.653342][T17951] loop1: detected capacity change from 0 to 2048
[ 1282.700299][T17926] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1282.929138][T17951] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[ 1282.966766][T17951] UDF-fs: Scanning with blocksize 512 failed
[ 1283.089094][T17951] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1283.635330][T17926] XFS (loop4): Ending clean mount
[ 1283.773942][T17189] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1284.266570][T17964] loop2: detected capacity change from 0 to 32768
[ 1284.539083][T17964] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1284.659389][T17985] loop5: detected capacity change from 0 to 1024
[ 1284.813279][T17985] EXT4-fs: Mount option(s) incompatible with ext2
[ 1284.912852][T17987] loop4: detected capacity change from 0 to 128
[ 1284.920559][T17987] vfat: Bad value for 'gid'
[ 1284.945035][T17991] loop0: detected capacity change from 0 to 512
[ 1284.972225][T17987] vfat: Bad value for 'gid'
[ 1285.055474][T17991] EXT4-fs (loop0): blocks per group (71) and clusters per group (20800) inconsistent
[ 1285.598928][T17997] syz.5.2585[17997] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1285.599203][T17997] syz.5.2585[17997] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1285.610968][T17997] syz.5.2585[17997] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1285.624353][T17995] ALSA: seq fatal error: cannot create timer (-22)
[ 1285.644225][T17995] ALSA: seq fatal error: cannot create timer (-22)
[ 1288.044193][T17964] XFS (loop2): Ending clean mount
[ 1288.053183][T17964] XFS (loop2): Quotacheck needed: Please wait.
[ 1288.553538][T17964] XFS (loop2): Quotacheck: Done.
[ 1288.961856][T14354] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1291.555569][T18017] loop4: detected capacity change from 0 to 32768
[ 1291.589708][T18017] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/loop4": -EINTR
[ 1293.104534][T18029] loop1: detected capacity change from 0 to 32768
[ 1293.338632][T18029] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1293.367653][T18058] loop5: detected capacity change from 0 to 128
[ 1293.392353][T18058] vfat: Bad value for 'gid'
[ 1293.418182][T18064] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1293.451637][T18058] vfat: Bad value for 'gid'
[ 1293.539966][T18029] XFS (loop1): Ending clean mount
[ 1293.540013][T18035] loop0: detected capacity change from 0 to 40427
[ 1294.571738][T18035] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1294.581059][T18035] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1296.714998][T18029] XFS (loop1): Quotacheck needed: Please wait.
[ 1297.704793][T18035] F2FS-fs (loop0): Failed to start F2FS issue_checkpoint_thread (-4)
[ 1297.722977][T18029] XFS (loop1): Quotacheck: Done.
[ 1300.302395][ T1261] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.308800][ T1261] ieee802154 phy1 wpan1: encryption failed: -22
[ 1301.227782][T14405] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1301.314180][T18103] loop2: detected capacity change from 0 to 128
[ 1301.474295][T18103] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1301.532978][T18103] ext4 filesystem being mounted at /133/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1301.631890][T12149] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1302.260000][T18097] loop0: detected capacity change from 0 to 32768
[ 1302.321701][T12149] usb 4-1: Using ep0 maxpacket: 32
[ 1302.354445][T12149] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1302.397185][T12149] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1302.546448][T14354] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1302.692817][T18097] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1302.703580][T12149] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1302.713910][T12149] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1302.839006][T18126] loop4: detected capacity change from 0 to 16
[ 1303.112368][T18126] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1303.670069][T18097] XFS (loop0): Ending clean mount
[ 1303.745295][T12149] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1303.755862][T12149] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1303.792325][T12149] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1303.804198][T12149] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1304.020857][T12149] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1304.223966][T12149] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1304.390457][T12149] usb 4-1: unable to read config index 5 descriptor/start: -71
[ 1304.468063][T12149] usb 4-1: can't read configurations, error -71
[ 1304.660705][T16118] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1304.844317][    T8] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[ 1304.862205][T18121] loop5: detected capacity change from 0 to 32768
[ 1305.056246][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1305.087159][    T8] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1305.171240][T18129] loop1: detected capacity change from 0 to 65536
[ 1305.175429][    T8] usb 3-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[ 1305.199965][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1305.482693][    T8] usb 3-1: config 0 descriptor??
[ 1305.516103][T18121] XFS (loop5): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[ 1305.538151][T18129] XFS (loop1): Mounting V5 Filesystem 4194cad6-cad4-4798-ac4c-c2118f686eb1
[ 1306.372690][T18121] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop5": -EINTR
[ 1306.373033][T18121] XFS (loop5): log mount failed
[ 1306.397196][    T8] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1306.425376][T18129] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop1": -EINTR
[ 1306.425849][T18129] XFS (loop1): log mount failed
[ 1306.433719][T18159] mkiss: ax0: crc mode is auto.
[ 1306.469493][T18144] loop2: detected capacity change from 0 to 1024
[ 1306.479127][T18144] ext3: Unknown parameter 'measure'
[ 1309.832649][ T8469] usb 3-1: USB disconnect, device number 23
[ 1310.645637][ T8700] udevd[8700]: inotify_add_watch(7, /dev/loop11, 10) failed: No such file or directory
[ 1311.109104][T18210] loop2: detected capacity change from 0 to 128
[ 1311.343627][T18210] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[ 1312.129826][T18186] loop1: detected capacity change from 0 to 32768
[ 1312.189956][T18186] XFS: ikeep mount option is deprecated.
[ 1312.294873][T18186] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1312.767869][T18186] XFS (loop1): Ending clean mount
[ 1313.618641][T18186] XFS (loop1): Quotacheck needed: Please wait.
[ 1314.049449][T18186] XFS (loop1): Quotacheck: Done.
[ 1315.030868][T14405] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1315.191796][ T8469] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[ 1315.366881][ T8469] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1315.377149][ T8469] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1315.390471][ T8469] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[ 1315.402547][ T8469] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1315.414894][ T8469] usb 4-1: config 0 descriptor??
[ 1315.426774][ T8469] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1317.832987][T18287] loop0: detected capacity change from 0 to 128
[ 1317.843828][T18287] vfat: Bad value for 'gid'
[ 1317.848369][T18287] vfat: Bad value for 'gid'
[ 1321.811922][T18289] loop2: detected capacity change from 0 to 512
[ 1321.870529][T18289] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent
[ 1321.902775][ T5333] usb 4-1: USB disconnect, device number 32
[ 1324.791775][T18313] loop2: detected capacity change from 0 to 32768
[ 1324.799520][T18313] XFS: ikeep mount option is deprecated.
[ 1325.759703][ T5333] IPVS: starting estimator thread 0...
[ 1325.769004][T18353] IPVS: lc: SCTP 172.20.20.187:0 - no destination available
[ 1325.783606][T18313] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1325.793003][T18313] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop2": -EINTR
[ 1325.793379][T18313] XFS (loop2): log mount failed
[ 1325.861998][T18354] IPVS: using max 16 ests per chain, 38400 per kthread
[ 1327.507393][ T9302] Bluetooth: hci4: command 0x0406 tx timeout
[ 1327.566228][T18385] input: syz0 as /devices/virtual/input/input24
[ 1330.305075][T18406] loop4: detected capacity change from 0 to 32768
[ 1330.402554][T18406] XFS: ikeep mount option is deprecated.
[ 1330.975253][T18427] 9pnet_virtio: no channels available for device syz
[ 1331.129283][T18406] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1331.248479][T18400] loop0: detected capacity change from 0 to 32768
[ 1331.448885][T18446] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2698'.
[ 1331.463810][T18406] XFS (loop4): Ending clean mount
[ 1331.472003][T18406] XFS (loop4): Quotacheck needed: Please wait.
[ 1331.572644][T18400] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1331.708175][T18406] XFS (loop4): Quotacheck: Done.
[ 1331.858801][T17189] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1332.026807][T18400] XFS (loop0): Ending clean mount
[ 1332.170726][T16118] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1332.246496][T18416] loop1: detected capacity change from 0 to 32768
[ 1332.318463][T18416] XFS (loop1): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 1332.610085][T18416] XFS (loop1): Ending clean mount
[ 1332.625576][ T1173] XFS (loop1): Metadata CRC error detected at xfs_inobt_read_verify+0x41/0xd0, xfs_finobt block 0x20 
[ 1332.644768][ T1173] XFS (loop1): Unmount and run xfs_repair
[ 1332.650526][ T1173] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[ 1332.658098][ T1173] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[ 1332.667417][ T1173] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40  ....... .......@
[ 1332.676733][ T1173] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a  ...B..N....xv...
[ 1332.685861][ T1173] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37  .......F......@7
[ 1332.695002][ T1173] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[ 1332.703991][ T1173] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00  ................
[ 1332.712968][ T1173] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1332.721898][ T1173] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1332.742520][T18416] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x20 len 8 error 74
[ 1332.817551][T18416] XFS (loop1): Failed to initialize disk quotas.
[ 1333.871249][T18486] IPVS: sync thread started: state = MASTER, mcast_ifn = team_slave_1, syncid = 3, id = 0
[ 1334.052563][T14405] XFS (loop1): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 1334.087290][T14405] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair.
[ 1335.079531][T18499] loop1: detected capacity change from 0 to 128
[ 1335.086969][T18499] vfat: Bad value for 'gid'
[ 1335.091596][T18499] vfat: Bad value for 'gid'
[ 1335.108268][T18503] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1335.287736][T18496] block device autoloading is deprecated and will be removed.
[ 1338.638293][T18527] input: syz0 as /devices/virtual/input/input25
[ 1340.022015][T18555] loop0: detected capacity change from 0 to 128
[ 1340.131593][T18555] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[ 1340.831134][T18564] loop0: detected capacity change from 0 to 128
[ 1340.844035][T18564] vfat: Bad value for 'gid'
[ 1340.853158][T18564] vfat: Bad value for 'gid'
[ 1341.035481][T18568] loop2: detected capacity change from 0 to 1024
[ 1341.042849][T18568] EXT4-fs: Ignoring removed nobh option
[ 1341.049316][T18568] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1341.089535][T18568] loop2: detected capacity change from 0 to 2048
[ 1341.869636][T18568] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1341.960512][   T29] audit: type=1800 audit(1727664844.757:177): pid=18568 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2732" name="bus" dev="loop2" ino=18 res=0 errno=0
[ 1343.054743][T18591] xt_connbytes: Forcing CT accounting to be enabled
[ 1343.055278][T18591] Cannot find add_set index 0 as target
[ 1343.914577][T18601] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1343.938107][T18601] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1344.016530][T18603] team_slave_1: entered promiscuous mode
[ 1344.040185][T18601] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1344.068919][T18601] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1344.113952][T18601] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1344.124887][T18603] team0: Port device team_slave_1 removed
[ 1344.136661][T18601] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1344.193016][T18601] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1344.536085][T18601] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1345.251784][T18601] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1345.261570][T18601] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 1345.714509][T14354] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1345.882635][T18601] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1345.890720][   T29] audit: type=1326 audit(1727664848.687:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.5.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef2d97dff9 code=0x7ffc0000
[ 1345.931990][T18601] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1345.956673][   T29] audit: type=1326 audit(1727664848.727:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.5.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fef2d97dff9 code=0x7ffc0000
[ 1346.030584][   T29] audit: type=1326 audit(1727664848.727:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.5.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef2d97dff9 code=0x7ffc0000
[ 1346.075632][   T29] audit: type=1326 audit(1727664848.747:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.5.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fef2d97dff9 code=0x7ffc0000
[ 1346.101784][   T29] audit: type=1326 audit(1727664848.747:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.5.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef2d97dff9 code=0x7ffc0000
[ 1346.240477][   T29] audit: type=1326 audit(1727664848.747:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.5.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fef2d97ff17 code=0x7ffc0000
[ 1346.283758][T18625] syzkaller1: entered promiscuous mode
[ 1346.302281][T18625] syzkaller1: entered allmulticast mode
[ 1346.323408][   T29] audit: type=1326 audit(1727664848.747:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.5.2748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fef2d97fe8c code=0x7ffc0000
[ 1346.407602][T12149] ==================================================================
[ 1346.415716][T12149] BUG: KASAN: slab-use-after-free in __list_del_entry_valid_or_report+0x2f/0x140
[ 1346.424866][T12149] Read of size 8 at addr ffff888011e3ab88 by task kworker/1:4/12149
[ 1346.432859][T12149] 
[ 1346.435192][T12149] CPU: 1 UID: 0 PID: 12149 Comm: kworker/1:4 Not tainted 6.11.0-syzkaller-12113-ge7ed34365879 #0
[ 1346.445705][T12149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1346.455776][T12149] Workqueue: events binder_deferred_func
[ 1346.461443][T12149] Call Trace:
[ 1346.464732][T12149]  <TASK>
[ 1346.467672][T12149]  dump_stack_lvl+0x241/0x360
[ 1346.472375][T12149]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1346.477590][T12149]  ? __pfx__printk+0x10/0x10
[ 1346.482203][T12149]  ? _printk+0xd5/0x120
[ 1346.486463][T12149]  ? __virt_addr_valid+0x183/0x530
[ 1346.491586][T12149]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1346.497269][T12149]  print_report+0x169/0x550
[ 1346.501790][T12149]  ? __virt_addr_valid+0x183/0x530
[ 1346.506929][T12149]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1346.512573][T12149]  ? __virt_addr_valid+0x45f/0x530
[ 1346.517689][T12149]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1346.523329][T12149]  ? __phys_addr+0xba/0x170
[ 1346.527837][T12149]  ? __list_del_entry_valid_or_report+0x2f/0x140
[ 1346.534184][T12149]  kasan_report+0x143/0x180
[ 1346.538726][T12149]  ? __list_del_entry_valid_or_report+0x2f/0x140
[ 1346.545094][T12149]  __list_del_entry_valid_or_report+0x2f/0x140
[ 1346.551270][T12149]  binder_release_work+0xc7/0x480
[ 1346.556320][T12149]  binder_deferred_func+0x1275/0x1460
[ 1346.561715][T12149]  ? process_scheduled_works+0x976/0x1850
[ 1346.567458][T12149]  process_scheduled_works+0xa65/0x1850
[ 1346.573043][T12149]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1346.579052][T12149]  ? assign_work+0x364/0x3d0
[ 1346.583663][T12149]  worker_thread+0x870/0xd30
[ 1346.588274][T12149]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1346.593921][T12149]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1346.599568][T12149]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1346.605490][T12149]  ? __kthread_parkme+0x169/0x1d0
[ 1346.610537][T12149]  ? __pfx_worker_thread+0x10/0x10
[ 1346.615669][T12149]  kthread+0x2f2/0x390
[ 1346.619747][T12149]  ? __pfx_worker_thread+0x10/0x10
[ 1346.624880][T12149]  ? __pfx_kthread+0x10/0x10
[ 1346.629738][T12149]  ret_from_fork+0x4d/0x80
[ 1346.634178][T12149]  ? __pfx_kthread+0x10/0x10
[ 1346.638861][T12149]  ret_from_fork_asm+0x1a/0x30
[ 1346.643647][T12149]  </TASK>
[ 1346.646749][T12149] 
[ 1346.649069][T12149] Allocated by task 18630:
[ 1346.653482][T12149]  kasan_save_track+0x3f/0x80
[ 1346.658425][T12149]  __kasan_kmalloc+0x98/0xb0
[ 1346.663374][T12149]  __kmalloc_cache_noprof+0x19c/0x2c0
[ 1346.668759][T12149]  binder_ioctl_write_read+0xe7f/0xb560
[ 1346.674322][T12149]  binder_ioctl+0x436/0x1cc0
[ 1346.679096][T12149]  __se_sys_ioctl+0xfb/0x170
[ 1346.683706][T12149]  do_syscall_64+0xf3/0x230
[ 1346.688391][T12149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1346.694305][T12149] 
[ 1346.696631][T12149] Freed by task 12149:
[ 1346.700694][T12149]  kasan_save_track+0x3f/0x80
[ 1346.705392][T12149]  kasan_save_free_info+0x40/0x50
[ 1346.710438][T12149]  __kasan_slab_free+0x59/0x70
[ 1346.715385][T12149]  kfree+0x1a0/0x440
[ 1346.719555][T12149]  binder_deferred_func+0x11df/0x1460
[ 1346.724940][T12149]  process_scheduled_works+0xa65/0x1850
[ 1346.730500][T12149]  worker_thread+0x870/0xd30
[ 1346.735105][T12149]  kthread+0x2f2/0x390
[ 1346.739273][T12149]  ret_from_fork+0x4d/0x80
[ 1346.743707][T12149]  ret_from_fork_asm+0x1a/0x30
[ 1346.748487][T12149] 
[ 1346.750808][T12149] The buggy address belongs to the object at ffff888011e3ab80
[ 1346.750808][T12149]  which belongs to the cache kmalloc-64 of size 64
[ 1346.764700][T12149] The buggy address is located 8 bytes inside of
[ 1346.764700][T12149]  freed 64-byte region [ffff888011e3ab80, ffff888011e3abc0)
[ 1346.778251][T12149] 
[ 1346.780578][T12149] The buggy address belongs to the physical page:
[ 1346.786989][T12149] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11e3a
[ 1346.795756][T12149] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1346.803334][T12149] page_type: f5(slab)
[ 1346.807318][T12149] raw: 00fff00000000000 ffff88801ac418c0 0000000000000000 dead000000000001
[ 1346.815903][T12149] raw: 0000000000000000 0000000000200020 00000001f5000000 0000000000000000
[ 1346.824488][T12149] page dumped because: kasan: bad access detected
[ 1346.830987][T12149] page_owner tracks the page as allocated
[ 1346.836701][T12149] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5592, tgid 5591 (syz.1.71), ts 102281948582, free_ts 98404252760
[ 1346.855735][T12149]  post_alloc_hook+0x1f3/0x230
[ 1346.860531][T12149]  get_page_from_freelist+0x3045/0x3190
[ 1346.866100][T12149]  __alloc_pages_noprof+0x256/0x6c0
[ 1346.871399][T12149]  alloc_pages_mpol_noprof+0x3e8/0x680
[ 1346.876878][T12149]  alloc_slab_page+0x6a/0x120
[ 1346.881570][T12149]  allocate_slab+0x5a/0x2f0
[ 1346.886081][T12149]  ___slab_alloc+0xcd1/0x14b0
[ 1346.891330][T12149]  __slab_alloc+0x58/0xa0
[ 1346.895678][T12149]  __kmalloc_cache_node_noprof+0x20c/0x300
[ 1346.901504][T12149]  __get_vm_area_node+0x113/0x270
[ 1346.906559][T12149]  __vmalloc_node_range_noprof+0x3a6/0x13f0
[ 1346.912464][T12149]  vmalloc_noprof+0x79/0x90
[ 1346.916975][T12149]  bpf_prog_calc_tag+0xcf/0x900
[ 1346.921841][T12149]  resolve_pseudo_ldimm64+0xe0/0x1240
[ 1346.927219][T12149]  bpf_check+0x6981/0x1e320
[ 1346.931728][T12149]  bpf_prog_load+0x1667/0x20f0
[ 1346.936506][T12149] page last free pid 65 tgid 65 stack trace:
[ 1346.942481][T12149]  free_unref_page+0xcfb/0xf20
[ 1346.947250][T12149]  vfree+0x186/0x2e0
[ 1346.951158][T12149]  htab_map_free+0x828/0xa70
[ 1346.955771][T12149]  bpf_map_free_deferred+0xe6/0x100
[ 1346.960981][T12149]  process_scheduled_works+0xa65/0x1850
[ 1346.966554][T12149]  worker_thread+0x870/0xd30
[ 1346.971171][T12149]  kthread+0x2f2/0x390
[ 1346.975251][T12149]  ret_from_fork+0x4d/0x80
[ 1346.979722][T12149]  ret_from_fork_asm+0x1a/0x30
[ 1346.984598][T12149] 
[ 1346.986946][T12149] Memory state around the buggy address:
[ 1346.992574][T12149]  ffff888011e3aa80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 1347.000641][T12149]  ffff888011e3ab00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1347.008713][T12149] >ffff888011e3ab80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1347.016783][T12149]                       ^
[ 1347.021113][T12149]  ffff888011e3ac00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1347.029356][T12149]  ffff888011e3ac80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1347.037418][T12149] ==================================================================
[ 1347.046571][T12149] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1347.053794][T12149] CPU: 1 UID: 0 PID: 12149 Comm: kworker/1:4 Not tainted 6.11.0-syzkaller-12113-ge7ed34365879 #0
[ 1347.064449][T12149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1347.074784][T12149] Workqueue: events binder_deferred_func
[ 1347.080440][T12149] Call Trace:
[ 1347.083725][T12149]  <TASK>
[ 1347.086660][T12149]  dump_stack_lvl+0x241/0x360
[ 1347.091350][T12149]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1347.096562][T12149]  ? __pfx__printk+0x10/0x10
[ 1347.101183][T12149]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1347.106834][T12149]  ? vscnprintf+0x5d/0x90
[ 1347.111195][T12149]  panic+0x349/0x880
[ 1347.115116][T12149]  ? check_panic_on_warn+0x21/0xb0
[ 1347.120283][T12149]  ? __pfx_panic+0x10/0x10
[ 1347.124719][T12149]  ? mark_lock+0x9a/0x360
[ 1347.129061][T12149]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[ 1347.134998][T12149]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1347.140638][T12149]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1347.146549][T12149]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1347.152901][T12149]  ? print_report+0x502/0x550
[ 1347.157595][T12149]  check_panic_on_warn+0x86/0xb0
[ 1347.162540][T12149]  ? __list_del_entry_valid_or_report+0x2f/0x140
[ 1347.169238][T12149]  end_report+0x77/0x160
[ 1347.173501][T12149]  kasan_report+0x154/0x180
[ 1347.178026][T12149]  ? __list_del_entry_valid_or_report+0x2f/0x140
[ 1347.184381][T12149]  __list_del_entry_valid_or_report+0x2f/0x140
[ 1347.190594][T12149]  binder_release_work+0xc7/0x480
[ 1347.195635][T12149]  binder_deferred_func+0x1275/0x1460
[ 1347.201137][T12149]  ? process_scheduled_works+0x976/0x1850
[ 1347.206884][T12149]  process_scheduled_works+0xa65/0x1850
[ 1347.212474][T12149]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1347.218505][T12149]  ? assign_work+0x364/0x3d0
[ 1347.223161][T12149]  worker_thread+0x870/0xd30
[ 1347.227774][T12149]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1347.233680][T12149]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1347.239320][T12149]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1347.245232][T12149]  ? __kthread_parkme+0x169/0x1d0
[ 1347.250538][T12149]  ? __pfx_worker_thread+0x10/0x10
[ 1347.255667][T12149]  kthread+0x2f2/0x390
[ 1347.259743][T12149]  ? __pfx_worker_thread+0x10/0x10
[ 1347.264868][T12149]  ? __pfx_kthread+0x10/0x10
[ 1347.269465][T12149]  ret_from_fork+0x4d/0x80
[ 1347.274054][T12149]  ? __pfx_kthread+0x10/0x10
[ 1347.278824][T12149]  ret_from_fork_asm+0x1a/0x30
[ 1347.283653][T12149]  </TASK>
[ 1347.286893][T12149] Kernel Offset: disabled
[ 1347.291217][T12149] Rebooting in 86400 seconds..