last executing test programs:

42.252332796s ago: executing program 4:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00'}, 0x10)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x8080)
readv(r2, &(0x7f0000000300)=[{&(0x7f0000000000)=""/154, 0x9a}], 0x7)

41.240005193s ago: executing program 2:
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x3000cd0, &(0x7f0000000440)=ANY=[], 0x1, 0x1509, &(0x7f0000002d40)="$eJzs3Am4TmX3MPC17vveHDI8Sea97rV5kuEmSUJJMiRJEpI5IUmSJEkcMiUhCRlPkjlkTicd8zxkTjp5JUkSkinc33VUn7f3fft6p//n/b9n/a5rX+deZ++1nrXPup7z7L2v65xvuwyt1rB65XrMDP8M/esCf/6SCAAJADAAALIDQAAAZXKUyZG2P5PGxH/qRcT/kPrTr3YH4mqS+advMv/0Teafvsn80zeZf/om80/fZP7pm8xfiHRtZt5rZUu/mzz//19O/SvJ8vmfLuDv7ZD5/7fR/9DRMv/0Teafvsn80zeZf/pz5RYsuKp9iKtP3v/pm8xfiHTt3/5Mef3Zq/1MW7Z/YBNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIf4/OOuvMADw6/pq9yWEEEIIIYQQQoh/H//+1e5ACCGEEEIIIYQQ//MQFGgwEEAGyAgJkAkywzWQBbJCNsgOMbgWcsB1kBOuh1yQG/JAXsgH+aEAhEBggSGCglAI4nADFIYboQgUhWJQHByUgJJwE5SCm6E03AJl4FYoC7dBOSh/+TXT3AmV4C6oDHdDFagK1aA63AM14F6oCfdBLbgfasMDUAcehLrwENSD+tAAHoaG8Ag0gsbQBJpCM2gOLf4gPyn738p/EbrDS9ADekIi9ILe8DL0gb7QD/rDAHgFBsKrMAheg8EwBIbC6zAM3oDh8CaMgJEwCt6C0TAGxsI4GA8TIAnehonwDkyCdx/JClNgKkyD6TADZsJ7MAtmwxx4H+bCPJgPSZkWwiJYDB/AEvgQkuEjWAofQwosg+WwAlbCKlgNa2AtrIP1sAE2wibYDFtgK3wC22A77ICdsAt2wx74FPbCZ7APPodU/OIfzD/z23zoioCAChUaNJgBM2ACJmBmzIxZMAtmw2wYwxjmwByYE3NiLsyFeTAPJmI+LIAFkJCQkbEgFsQ4xrEwFsYiWASLYTF06LAklsRSeNF7XxrLYBksi2WxHJbH8ng73o4VsSJWwkpYGStjFayC1bAa3oP34L1YE2tiLayFtbE21sE6WBfrYj2shw2wATbEhtgIG2ETbILNsBm2wBbYEltiK2yFbbANtsW22A7bYXtsjx2wA3bEjtgJO2Fn7IxdsAt2xRfwBXwRX8SX8CXsiVVUL+yNvbEP9sF+2B/74ys4EF/FV/E1HIxDcCi+jq/jGzgcT+MIHImjcBRWVGNwLI5DVhMwCZMwI0zESTgJJ+MUnILTcDrOwJk4E2fhbJyN7+NcnIfzcAEuwEW4GBfjEvwQkzEZl+IZTMFluBxX4EpchStxDa7FNbgeN+B63ISbcAtuwU/wE9yO23En7sTduBs/xU/xM/wMB2MqpuJ+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8gSfxBJ7CU3gaz+BZADiP5/ECXsBLeCntza/SGGVUBpVBJagElVllVllUFpVNZVMxFVM5VA6VU+VUuVQulUflUflUPlVAFVCkSLGKVEFVUMVVXBVWhVURVUQVU8WUU06VVCVVKVVKlValVRl1qyqrblPlVHnV2t2ublcVVRtXSd2lKqvKqoqqqqqp6qq6qqFqqJqqpqqlaqnaqraqox5UdVUv7If1VdpkGqoh2EgNxSaqqWqmmqs38FHVUg3HVqq1aqMeVyNxBLZTLV179ZTqoMZiR/WMGofPqs5qAnZRz6uu6gXVTb2ouqtWrofqqSZjL9VbTcM+qq/qp/qrWVhVpU2smnpNvZhxiBqqXleL8A01XL2pRqiRapR6S41WY9RYNU6NVxNUknpbTVTvqEnqXTVZTVFT1TQ1Xc1QM9V7apaareao99VcNU+DWqAWqkVqsfpALVEfqmT1kVqqPlYpaplarlaolWqVWq3WqLVqnVqvNqiNapParLaoreoTtU1tVzvUTrVL7VZ71Kdqr/pM7VOfq1T1hdqv/qQOqC/VQfWVOqS+VofVN+qI+lYdVd+pY+p7dVydUCfVD+qU+lGdVmfUWXVOnVc/qQvqorqkvAKNWmmtjQ50Bp1RJ+hMOrO+RmfRWXU2nV3H9LU6h75O59TX61w6t85j8up8Or8uoENN2mrWkS6oC+m4vkEX1jfqIrqoLqaLa6dL6JL6Jl1K36xL61t0GX2rLqtv0+V0eV3Bg75DV9R36kr6Ll1Z362r6Kq6mq6u79E19L26pr5P19L369r6AV1HP6jr6od0PV1fN9AP64b6Ed1IN9ZNdFPdTDfXLfSjuqV+TLfSrXUb/bhuq5/Q7fSTur1+SnfQT+uO+hndST+rO+vndBf9vO6qX9Dd9EV9SXvdQ/fUibqX7q1f1n10X91P99cD9Ct6oH5VD9Kv6cF6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6tx+ixepweryfoJP22nqjf0ZP0u3qynqKn6ml6up6h+/1Sac7fkf/O38gfdPnVt+it+hO9TW/XO/ROvUvv1nv0Hr1X79X79D6dqlP1fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qp/TP+hT+kd9Wp/RZ/Q5fV6f1xd++RmAQaOMNsYEJoPJaBJMJpPZXGOymKwmm8luYuZak8NcZ3Ka600uk9vkMXlNPpPfFDChIWMNm8gUNIVM3NxgCpsbTRFT1BQzxY0zJUxJc9O/nP9H/bUwLUxL09K0Mq1MG9PGtDVtTTvTzrQ37U0H08F0NB1NJ9PJdDadTRfTxXQ1XU030810N91ND9PDJJpE09u8bPqYvqaf6W8GmFfMQDPQDDKDzGAz2Aw1Q80wM8wMN8PNCDPCjDKjzGgz2ow1Y814M94k+exmoploJplJZrKZbKYOyG6mm+lmpplpZplZZo6ZY+aauWa+mW8WmoVmsVlslpglJtkkm6VmqUkxy8wys8KsMKvMKrPGrDHrzDqzwWwwm8wmk2K2mq1mm9lmdpgdZpfZZfaYPWav2Wv2mX0m1aSa/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlpTppT5pQ5bU6bs+asOW/OmwvmgrlkLqVd9gUqUIEJTJAhyBAkBAlB5iBzkCXIEmQLsgWxIBbkCHIEOYPrg1xB7iBPkDfIF+QPCgRhQIENOIiCgkGhIB7cEBQObgyKBEWDYkHxwAUlgpLBTUGp4OagdHBLUCa4NSgb3BaUC8oHFYLbgzuCisGdQaXgrqBycHdQJagaVAuqB/cENYJ7g5rBfUGt4P6gdvBAUCd4MKgbPBTUC+oHDYKHg4bBI0GjoHHQJGgaNAuaBy3+rfW9P537Mdcj7Bkmhr3C3uHLYZ+wb9gv7B8OCF8JB4avhoPC18LB4ZBwaPh6OCx8IxwevhmOCEeGo8K3wtHhmHBsOC4cH04Ik8K3w4nhO+Gk8N1wcjglnBpMC6eHM8KZ4XvhrHB2OCd8P5wbzgvnhwvCheGiEH++JIbk8KNwafhxmBIuC5eHK8KV4apwdbgmXBuuC9eHG8KN4aYyA38+NNwWbg93hDvDXeHucE/4abg3/CzcF34epoZfhPvDP4UHwi/Dg+FX4aHw6/Bw+E14JPw2PBp+Fx4Lvw+PhyfCk+EP4anwx/B0eCY8G54Lz4c/hRfCi+Gl0Kdd3Kd9vJMhQxkoAyVQAmWmzJSFslA2ykYxilEOykE5KSflolyUh/JQPspHBagApWFiKkgFKU5xKkyFqQgVoWJUjBw5KkklqRSVotJUmspQGSpLZakclaMKVIHuoDvoTrqT7qK76G66m6pSVapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqCE1pEbUiJpQE2pGzagFtaCW1JJaUStqQ22oLbWldtSO2lN76kAdqCN1pE7UiTpTZ+pCXagrdaVu1I26U3fqQT0okRKpN/WmPtSH+lE/GkADaCANpEE0iAbTYBpKQ2kYDaPhNJxG0EgaRW/RaBpDY2kcjacJlERJNJEm0iSaRJNpMk2lqTSdptNMmkmzaBbNoTk0l+bSfJpPC2khLabFtISWUDIl01JaSimUQstpOa2klbSaVtNaWkvraT1tpI20mTbTVtpK22gb7aAdtIt20R7aQ3tpL+2jfZRKqbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO00k6SafoFJ2m03SWztJ5+oku0EW6RJ4SbCab2V5js9isNpvNbv8yzmPz2nw2vy1gQ5vL5v5NTNbaIraoLWaLW2dL2JL2pr+Ky9nytoK93d5hK9o7bSVbzmaCP49r2HttTXufrWXvt9XtPb+Ja9sHbB37iK1rG9t6tqltYJvbhvYR28g2tk1sU9vMNrdt7RO2nX3StrdPJXSwT/95bNPiJfZDu9aus+vtBrvXfmbP2nP2iP3Wnrc/2R62px1gX7ED7at2kH3NDrZDfhsD2FH2LTvajrFj7Tg73k74q3iqnWan2xl2pn3PzrKz/ypebD+wc22ynW8X2IV20eU4radk+5Fdaj+2KXaZXW5X2JV2lV1t1/zfXlfYTXaz3WL32E/tNrvd7rA77S67+3Kcdh777Oc21X5hD9tv7AH7pT1oj9pD9uvLcdr5HbXf2WP2e3vcnrAn7Q/2lP3RnrZnLp9/2rn/YC/aS9ZbYGTFmg0HnIEzcgJn4sx8DWfhrJyNs3OMr+UcfB3n5Os5F+fmPJyX83F+LsAhE1tmjrggF+I438CF+UYuwkW5GBdnxyW4JN/EpfhmLs23cBm+lcvybVyOy3MFvp3v4Ip8J1fiu7gy381VuCpX4+p8D9fge7km38e1+H6uzQ9wHX6Q6/JDXI/rcwN+mBvyI9yIG3MTbsrNuDm34Ee5JT/Grbg1t+HHuS0/we34SW7PT3EHfpo78jPciZ/lzvwcd+HnuSu/wN34Re7OL3EP7smJ3It788vch/tyP+7PA/gVHsiv8iB+jQfzEB7Kr/MwfoOH85s8gkfyKH6LR/MYHsvjeDxP4CR+myfyOzyJ3+XJPIWn8jSezjN4Jr/Hs3g2z+H3eS7P4/m8gBfyIl7MH/AS/pCT+SNeyh9zCi/j5byCV/IqXs1reC2v4/W8gTfyJt7MW3grf8LbeDvv4J28i3fzHv6U9/JnvI8/51T+gvfzn/gAf8kH+Ss+xF/zYf6Gj/C3fJS/42P8PR/nE3ySf+BT/COf5jN8ls/xef6JL/BFvsSeIcJIRToyURBliDJGCVGmKHN0TZQlyhpli7JHsejaKEd0XZQzuj7KFeWO8kR5o3xR/qhAFEYU2YijKCoYFYri0Q1R4ejGqEhUNCoWFY9cVCIqGd0UlYpujkpHt0RlolujstFtUbmofFQhuj26I6oY3RlViu6KKkd3R1WiqlG1qHp0T1QjujeqGd0X1Yruj0pHD0R1ogejutFDUb2oftQgejhqGD0SNYoaR02iplGzqHnUIno0ahk9FrWKWkdtosejttETUbvoyah99FTUIXr6yv6iwc+fpn+xPzHqFelfnpDdpxfGF8UXxz+IL4l/GE+OfxRfGv84nhJfFl8eXxFfGV8VXx1fE18bXxdfH98Q3xjfFN8c3xL3vnpGcJh2IwzGBS6Dy+gSXCaX2V3jsrisLpvL7mLuWpfDXedyuutdLpfb5XF5XT6X3xVwoSNnHbvIFXSFXNzd4Aq7G10RV9QVc8WdcyVcSdfctXAtXEv3mGvlWrs27nH3uHvCPeGeTPilcdfRPeM6uWddZ/ece84977q6F1w396Lr7l5yPVxPl+gSXW/X2/VxfVw/188NcAPcQDfQDXKD3GA32A11Q90wN8wNd8PdCDfCjXKj3Gg32o11Y914N94luSQ30U10k9wkN9lNdlPdVDfdTXcz3Uw3y81yc9wcN9fNdfPdfLfQLXSL3WK3xC1xyS7ZLXVLXYpLccvdcrfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Da3w+1wu9wut8ftcXvdXrfP7XOpLtXtd/vdAXfAHXRfuUPua3fYfeOOuG/dUfedO+a+d8fdCXfSeX3K/ehOuzPurDvnzruf3AV30V1y3iXF3o5NjL0TmxR7NzY5NiU2NTYtNj02IzYz9l5sVmx2bE7s/djc2LzY/NiC2MLYotji2AexJbEPY8mxj2JLYx/HUmLLYstjK2IrY6ti3uffFvmCvpCP+xt8YX+jL+KL+mK+uHe+hC/pb/Kl/M2+tL/Fl/G3+rL+Nl/Ol/cVfGPfxDf1zXxz38I/6lv6x3wr39q38Y/7tv4J384/6dv7p3wH/7Tv6J/xnfyzvrN/znfxz8/7Zcq+u3/J9/A9faLv5Xv7l30f39f38/39AP+KH+hf9YP8a36wH+KH+tf9MP+GH+7f9CP8SD/Kv+VH+zF+rB/nx/sJPsm/7Sf6d/wk/66f7Kf4qX6an+5n+Jn+PT/Lz/Zz/Pt+rp/n5/sFfqFf5Bf7D/wS/6FP9h/5pf5jn+KX+eV+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qP/Hb/Ha/w+/0u/xuv8d/6vf6z/w+/7lP9V/4/f5P/oD/0h/0X/lD/mt/2H/jj/hv/VH/nT/mv/fH/Ql/0v/gT/kf/Wl/xp/15/x5/5O/4C/6S/I3a0IIIYQQfxf9B/t7/Y3vqV+2NL0BIOv2vIf+subGXD+v+6q9HWIA8FTPLvV/3erXT0xM/OXYFA1BoQUAELuSnwGuxMugDTwB7aE1lPqb/fVVFS5f9/2/6sdvBcgMkOnXnLTbo1/jK/Vv/p36jT/g362/7Of6CwCKFLqSk1b41/hK/dK/U39329+vf7n/TF8mAbT6s5wscCW+Ur8kPAZPQ/vfHCmEEEIIIYQQQvysrzrf9Q/uPy/fn+czv837Nf6j+/M/UOlf7V8IIYQQQgghhBB/7NkXuj35aPv2rTv9Ny8y/me08R+wQAD4D2hDFv/5i6v9m0kIIYQQQgjx73blov9qdyKEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQqRf//x/CFN/98FX+xyFEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIq+3/BAAA//+0FVXr")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f0000000080)='sysfs\x00', 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x810410, &(0x7f0000000680)=ANY=[@ANYRES32, @ANYBLOB="749235c63bc001e29d7d09ef375f63128afacfe8f0ceeecb4e94d802fcf7fb224c8e9d9df582f661c26d2970f7ab1e0f14f11584b083ba27367e9700cdb013122b6f248e89447aa3b0ffba27c76545e41126f8c5b59b3e9a839669f2a212105589ad1abd707ddc", @ANYRES32, @ANYRES16, @ANYRES32, @ANYRESOCT, @ANYRES64, @ANYRESOCT=r1], 0x2, 0x1ce, &(0x7f0000000300)="$eJzsmbuvEkEUxr+ZXZ4xJjYWNhZixCjL7qKGhgITexPw1UlkJegCBtYESCyIjY2lhYmt/4CFBZWFnZ2tFmpiYiGl9ZoZxt0Jr4C32eSeX3Jnv5k5e86ZyeUrAARBHFt+fP/z7eX1avMygBMoIKPWfxlxDNfiv75+eulV7cabd1/efuyffDZfzccAhOH+9XMAPtQNBJvLoaCeTfBI3wLHRaXvgOG80vfBcVtpDwz3lH6k6UFOCd+zHgz89sOu79licMTgiqGi1zcBLGYMbQBZebYwZNr+aDJ93PJ9b7gqUuG/Omtbh4pd9yf7q3PU1Fz0Jy7w7ovnMzG31Lqt3Z8DDkfpChgaSleRgWVZ8ZVo5z9jxvmNfc6fBHGqlIg2SCRLsNUV8YGOVk4v5p/W3/qZlOb/Q0jjArC29Tl/tMxpZQIbY2J/YiZwQfMnE2bkH+Wg96Q8mkxL3V6r43W8vutWrtlXbPuqW5ZGtBx3+F9W+lNey5/aEptmaYxbQTB0xkAwdKK5uxw1x228H/yW73DpfxzFc8sc4l9FHjuzuQZTf1w+hSoaW5snCIIgCIIgCIIgCIIgCII4iLNg8ltQ9UNVuAX3poz+GwAA//9lYmVU")
truncate(&(0x7f0000000000)='./file1\x00', 0xd7fe)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x203, 0x8401)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$USBDEVFS_REAPURB(r5, 0x4008550c, 0x0)

40.249591657s ago: executing program 1:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000000c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x5422)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000000c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2)
close_range(r0, 0xffffffffffffffff, 0x0)

39.212556178s ago: executing program 1:
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r0 = memfd_create(&(0x7f0000000280)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0x6)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xe, 0x12, r0, 0x0)
io_setup(0x0, &(0x7f0000000040))

39.00357267s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001400), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)={0x2c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0x89}]}]}]}, 0x2c}}, 0x0)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r2, 0x8, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10000000}, 0x4040180)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48)
r4 = epoll_create1(0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000001540)=""/155}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
r6 = eventfd2(0x0, 0x0)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='e'], 0x0, 0x0)
r7 = dup3(r6, r4, 0x0)
read$FUSE(r7, &(0x7f0000000600)={0x2020}, 0x2020)
write$FUSE_DIRENTPLUS(r7, &(0x7f00000004c0)=ANY=[], 0x10)

38.813871519s ago: executing program 1:
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8000003d)
fcntl$setsig(r1, 0xa, 0x21)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000040)='source', &(0x7f0000000080)='./bus\x00', r1)
mknodat$loop(r1, &(0x7f0000002600)='./bus\x00', 0x0, 0x0)

38.81055686s ago: executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000000)={0x14, 0x2e, 0x1, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)

38.677556091s ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000500)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000000c0)={0x44, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x24, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x1c, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '.^\x00'}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x44}}, 0x0)

38.471034382s ago: executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000001c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c8, 0x2e0, 0x9403, 0x0, 0x6602, 0x2c0, 0x3f8, 0x3d8, 0x3d8, 0x3f8, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x2, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x528)

37.475479337s ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}}, 0x0)

37.39158763s ago: executing program 3:
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x4008400, &(0x7f0000000240)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c726f6469722c696f636861727365743d63703835322c696f636861727365743d63703933362c7574663800802c757466383d312c726f6469722c757466383d302c00d2e64efdd10fc8f36f5b257d3517dbfb8ab21cf4af6e13642ed29ab2ecfa863e64102b13bcb5270b7e59d4f90d2914a77afa04722563f95ccb2f95a159903d417690895d6023ecea43b3315dd785d52353acc6867c82e4bb9a46e5e98fdde90c9a9e008916401e2983c80f328edfe867357b0d12cf6908ce4fa2f2567a34df7e97d2c0f8f1003042207c1ca7b4f3fa861b0e5c8dc7f4ac335be9a2b474e32f569c73f5d0"], 0x5, 0x279, &(0x7f0000000580)="$eJzs3TFrG2cYB/BHlmrJhiINBdNSqEqXTsZ26S5TXCgVtLRoaKeaWqbFcg02GOrB9ubkOyRfIdmSNZDBZM0XCIHgBLLYmTwEFJSTLMlRZJRYuZD8fosf3nv+fl+djzs83Ku/vlxfW9nYWj05OYpCIRO5SlTiNBOlmIhsJPYDAPiQnDabcdxMpL0WAODd8PwHgI/PgOf/ROdYZv9s7Nd0VgcAjMNb/f8/MZYlAQBj9vsff/68WK0u/VYuFyLWD7Zr27XkZ3J8cTX+jUbUYy6K8TyieSapf/ypujRXbnlcisL6Xju/t13L9ufnoxilwfn5ciJqvflPYrqdfzAd9Vg4zMRng/MLA/OT8e03PfPPRjHu/x0b0YiVaGWTfD4idufL5R9+qZ7L51/2AQAAAAAAAAAAAAAAAAAAAADAOMyWOwrtkf79e2a7DaX+/XGS7u7+QPni1ND9gc7vz5OLL3LpfW4AAAAAAAAAAAAAAAAAAAB4n2z9v7O23GjUN4cV/927cfconwSWG5239i9KDSwy7fBoqYM3mmt48enXj66dP5SLnbX86Ofncos7X6UwaX0zcqOkDo/++fy7rZnvX9cTud6Rq63Lpa+ndSEN+M25cZ3wp8WIMZ26m52i8uyVns7FVN+cSuNv2lvMXK8s3959+KQ9ko0LUkNuGs3s5d+IAAAAAAAAAAAAAAAAAACAntet014JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKSn+/3/oxb5aNy60h0p9PVMnk1w3Ez18wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMuLAAAA//8WwZEk")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[@ANYBLOB='+rdma +'], 0x15)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

37.367705524s ago: executing program 4:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000b80)='./file0/../file0\x00', &(0x7f0000002100), 0x2000081, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
open(&(0x7f0000000340)='./file0/../file0\x00', 0x412b83, 0x0)

37.210837548s ago: executing program 1:
r0 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x4, &(0x7f0000000380), 0x4)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x300000f, 0x12, r0, 0x56a48000)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="021800001c000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000aa00000000000000000800120000000000000000000000000006000000000000000000000000000000e0000002000000000000000000000000fc01000000000000000000000000000005000600000000000a00000000000007000000000000000000000000000000000000000000000000080019"], 0xe0}}, 0x0)
r2 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000300)={@empty, @remote, @rand_addr=' \x01\x00', 0x0, 0x401, 0x8000})

37.177857133s ago: executing program 4:
r0 = io_uring_setup(0x1f93, &(0x7f0000000000)={0x0, 0x0, 0x40})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000140)=[@ioring_restriction_sqe_flags_allowed], 0x1)

37.156247086s ago: executing program 3:
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
move_pages(0x0, 0x20000000000001ab, &(0x7f0000000000), 0x0, &(0x7f0000000000)=[0x0], 0x0)

36.984788903s ago: executing program 4:
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'wg2\x00'})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b03feffe2ff020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)

36.751975019s ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x108}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x0, 0x0, 0x0)
getpeername$unix(r2, &(0x7f00000000c0), &(0x7f0000000040)=0x6e)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x3000)
r4 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pim6reg0\x00'})
ioctl$UI_DEV_DESTROY(r3, 0x5502)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newnexthop={0x2c, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_GROUP={0xc, 0x2, [{0x0, 0x0, 0x0, 0x2}]}, @NHA_GROUP_TYPE={0x6}]}, 0x2c}}, 0x0)
bind$inet(r3, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x4)

30.280825923s ago: executing program 3:
r0 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000000)={0x2, @pix={0x0, 0x0, 0x34324142}})

30.227417121s ago: executing program 3:
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./bus\x00', 0x1200840, &(0x7f0000000880)=ANY=[@ANYBLOB="757466383d312c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c696f636861727365743d73703836322c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c756e695f786c6174653d302c003c24d06816418f4be78ed4fbfe47efc82f966a602a8db43ad053c978bbd3501706515140ef63c2a58653ced497550b22917b09702604bc162c57e05beec5bb0c11fc2f9238b25e4527e24bab534e9ba458d92a597c3fee89f57053a4a1535771c9877b3ab101fb26937779cff75a95a296fafddf11280fafeb9bd5f2da4a88b43f3e4d5b1a9aed1f659d88f914548fba990603b0d4f14adda86d459c62701d3d6f007c7e50da9608a03eff58"], 0x3, 0x377, &(0x7f00000002c0)="$eJzs3UFom+UbAPAn/dKm/bP924MgCsKnN0HLNgXRix2jg2EuU8LUgxjcptLUwYrB7tCsXsSj4FFP3jzowcNuXgRFdvPg1QkyFQ+628CxT77kS/KlSWqZdLP4+x3Cs/d9nvd9v+Rl+ZqSt6+uxNrZ2Th/48b1mJ+vRHXlxErcrMRSJNF3OcbNTWgDAA6Gm1kWf2Q9EV/upaSy/6sCAPZT9/3/9cOllne/3i0/8+4PAAde8fP/Qrkt2ZEzP634wr4tCwDYR6Of/0fEI2MppV/1V8fuDQCAg+eFl15+7ng94vk0nY9Yf6/daDfimWH/8fPxZrTiXByJxbgV0btRyB8q3ceTp+qrR9I07cTPS9HIK9qNiPVOu9G7UziedOtrcTQWY6moL+42sixLTn5RXz2adkXE5U53/livtBuzsVDM/8P/4lwcizTuG6uPOFVfPZYWAzTW+/WzEdvDzy3y9S/HYnz3WlyIVpyNvLZ/W1Nf3Tqapiey+qHKsL7TbtS6eT1TPwEBAAAAAAAAAAAAAAAAAAAAAIA7spwOLA3Oz8mG5/csL0/o756P06svzgfa7p0PlNWyyLLf33m88X4SI+cD7Tifp9NuVGPm3l46AAAAAAAAAAAAAAAAAAAA/GtsbM5Fs9U6d3Fj89JaOehc3NiciYi85a1vP/tqIUZzFooBRqtGgmqRUupKh1VZ0k/OkpGcIkjyySvVXsunVwYrLufUBlcxcRm16V2t1uGHf/po2PJQ0h/59jAniYnXdSnZsYxysP7/3pKmPy27BMf+JudalmXTyrdeGa+KSkR16lLvMMjy4JvrbzzwxEZ/E2Q9jz62eObah5/8utZs5TPnWq25ixu3srVm8e/Jm216kJT2T6XYbJXyTqg2n7x9+tCUkbdHW5rJ97+9+OAHV4uWmd1fpuzM1WHL2xNykt6kn+/smusF+TIHXc/mQf4cjY8zO2HzTwqein/0wt3/8UrzytaPv+y1qvSfhIM6AAAAAAAAAAAAAAAAAADgrih9V7xQfNl3dreqp0/v/8oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4O4Z/v3/QRAz2zta9hb82Yl+y5nod9XyAWOuNOPSPbxaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+q/4KAAD//1UBZGs=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r0, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r0, 0x0)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r1, 0x10d, 0xad, 0x0, &(0x7f00000000c0))

30.023390683s ago: executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
faccessat(0xffffffffffffffff, 0x0, 0x5)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r0)

26.766096138s ago: executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000000c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x5422)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000000c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2)
close_range(r0, 0xffffffffffffffff, 0x0)

25.888182814s ago: executing program 0:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2c}, 0x84, 0x451, &(0x7f0000000480)="$eJzs20tvG1UUAOAz46bvklDKow/AUBARj6RJC3TBBgRSN0hIsCjLkKZVqdugJki0qmhAqCxRfwGwROIXsIINAlYgtrBHSBXqhsICDRp7nBrHDnbs1Gn9fdIk986Mfc/xzLXvzLUDGFrl/E8SsTMifomI0YgoNe9Qrv27cf3S7F/XL80mkWWv/5HkD4s/r1+are+aFP93FJXxNCL9KIn9LdpduHDxzEylMne+qE8unn1ncuHCxWdOn505NXdq7tz00aNHDk89/9z0s33Jc1ce67735w/sPfbm1Vdnj1996/sv83h3Ftsb86gZ67nNcpSXX5Nmj/f87BvLroZysmmAgdCVvK/nh2uk2v9HoxQ3D95ovPLhQIMD1lWWZdmWFWuXRwBLGXAHS2LQEQCDUf+gz69/68stHH4M3LUXaxdAed43iqW2ZVOkxT4jTde3/VSOiONLf3+aL9HyPgQAQH99nY9/nm41/kvjvob97irmhsYi4u6I2B0R90TEnoi4N6K67/0R8UCX7Zeb6ivHPz9tW1NiHcrHfy8Uc1v/Hf/VR38xVipqu6r5jyQnT1fmDhWvyXiMbMnrU6u08c3LP3/Sblvj+C9f8vbrY8Eijt83Nd2gOzGzONNLzo2ufVC9B3h5Zf7J8kxAEhF7I2LfGp5/a0ScfvKLA+22/3/+q+jDPFP2ecQTteO/FE351yWrz09Obo3K3KHJ+lmx0g8/XnmtXfs95d8H+fHf3vL8X85/LGmcr13ovo0rv37c9ppmref/5uSNanlzse69mcXF81MRm5Olleunbz62Xq/vn+c/frB1/98d8c9nxeP2R0R+Ej8YEQ9FxMNF7I9ExKMRcXCV/L976bG3157/+srzP9HV8e++UDrz7Vft2u/s+B+plsaLNZ28/3UaYC+vHQAAANwu0up34JN0YrmcphMTte/w74ntaWV+YfGpk/PvnjtR+678WIyk9Ttdow33Q6eKe8P1+nRT/XD1vnGWZdm2an1idr6yXnPqQGd2tOn/ud9Kg44OWHddzaO1+0UbcFvye00YXvo/DC/9H4aX/g/Dq1X/vxxxYwChALeYz38YXvo/DC/9H4aX/g9DqZff9a9W2H1svZ75TiuUNkYYXRci3RBhrK2QbowwaoUtEdHpzpfjVgU26HcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg3AAD//zLQ7Dk=")
chdir(&(0x7f0000000540)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ftruncate(r1, 0x2000009)
write$binfmt_script(r0, &(0x7f00000002c0)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0'}, 0x108)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x0, 0x100000001})

25.78524606s ago: executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00'}, 0x10)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x8080)
readv(r2, &(0x7f0000000300)=[{&(0x7f0000000000)=""/154, 0x9a}], 0x7)

23.317124423s ago: executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8}]}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}}, 0x0)

23.255015423s ago: executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x3}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x60}}, 0x0)

23.222890558s ago: executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x8, 0x1, 0x2a}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

7.449738885s ago: executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
write$nci(0xffffffffffffffff, &(0x7f0000000200)=@NCI_OP_CORE_INIT_RSP_V2={0x0, 0x0, 0x2, 0x1, 0x0, {0x0, 0x0, 0x1, 0x2}}, 0x11)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
getsockname$packet(r3, 0x0, &(0x7f0000000200))
ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000200))

7.177767347s ago: executing program 1:
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083860090890e0878f0f1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31310d3b5d0936cd3b780709aa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5003a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd7072f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d27df2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2c1cde360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/67, 0x43}], 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)

6.726851377s ago: executing program 4:
syz_mount_image$exfat(&(0x7f0000000380), &(0x7f0000000080)='./file0\x00', 0x2000802, &(0x7f0000000180)=ANY=[@ANYBLOB="696f636861727365743d63703733372c696f636861727365743d63703836342c696f636861727365743d757466382c616c6c6f775f7574696d653d30303030303030303030303032303030303030303030312c646973636172642c696f636861727365743d6d6163677265656b2c646d61736b3d30303030303030303030303030303030001000003031312c7569643d581296a185eaf9e848c15289b8b2e4ab34549d28552ff605c9b4183d6006a4e5292bcdf52c0091835e519afad2988b4a142a574721e1a6857f3fe44613b68b9c946e37e0a0de64703d91a759eef39675ba88c2df4e3b255a28416bd240a3f746d720756efe8edace4516ac4123228a509706d864df76e63fc8088b08b3e5b4848495cfca8a11dea50dcdf2f771af641673f5273f0177912e809f69527e31a496fe5858667852c3e2ee", @ANYRESHEX=0xee01, @ANYRES8, @ANYRES64, @ANYBLOB="2c6f4e5d1c"], 0x5, 0x151f, &(0x7f00000042c0)="$eJzs3AuYjVX7MPD7Xms9Y0jaTXIY1lr3w04OyyRJDklySJIkSXJKSJrklYTEkFPSkITkMCSHISSHiUnjfD4fkyRpkiQkp2R91xSft7f6+r//t3+u7z/377qeaz/3Xs+9nrX2ve29nsfMfNNlaM3Gtao1JCL4j+AvD0kAEAsAAwHgGgAIAKBcXLm4rPacEpP+s5Owv9ZDqVd6BOxK4vpnb1z/7I3rn71x/bM3rn/2xvXP3rj+2RvXn7HsbPP0gtfyln03vv+fnfH3//8imaXHfrG29PVd/40Urn/2xvX/Xyv4rxzE9c/euP7ZG9c/e+P6Zwc5/rCF65+9cf0Zy86u9P3nX285/pJ+YuFKz+P/n+1Kv/8YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGUPZ/xlCgAu7V/pcTHGGGOMMcYYY+yv43Nc6REwxhhjjDHGGGPsfx6CAAkKAoiBHBALOSEXCAC4GvLANRCBayEOroO8cD3kg/xQAApCPBSCwqDBgAWCEIpAUYjCDVAMboTiUAJKQilwUBoS4CYoAzdDWbgFysGtUB5ugwpQESpBZbgdqsAdUBXuhGpwF1SHGlATasHdUBvugTpwL9SF+6Ae3A/14QFoAA9CQ3gIGsHD0BgegSbwKDSFZtAcWkDL/1b+C9ADXoSe0AuSoDf0gZegL/SD/jAABsLLMAhegcHwKiTDEBgKr8EweB2GwxswAkbCKHgTRsNbMAbGwjgYDykwASbC2zAJ3oHJMAWmwjRIhekwA96FmTALZsN7MAfeh7kwD+bDAkiDD2AhLIJ0+BAWw0eQAUtgKSyD5bACVsIqWA1rYC2sg/WwATbCJtgMW2ArbIPtsAN2wi7YDR/DHvgE9sKnsA8++zfzT/9LflcEBBQoUKHCGIzBWIzFXJgLc2NuzIN5MIIRjMM4zIt5MR/mwwJYAOMxHgtjYTRokJCwCBbBKEaxGBbD4lgcS2JJdOgwAROwDN6MZbEslsNyWB7LYwWsiBWxMlbGKlgFq2JVrIbVsDpWx5pYE+/Gu7E31sE6WBfrYj2sd+n2FDbEhtgIG2FjbIxNsAk2xabYHJtjS2yJrbAVtsbW2BbbYjtsh+2xPSZiInbADtgRO2In7ISdsTN2wS7YFbthN3whB+CL+CL2wuqiN/bBPtgXk3P0xwE4AF/GQfgKvoKvYjIOwaH4Gr6Gr+NwPIUjcCSOwlFYRbyFY3AskhiPKZiCE3EiTsJJOBmn4BSchqk4HWfgDJyJs3AWvodz8H18H+fhPFyAaZiGC3ERpmM6LsbTmIFLcCkuw+W4ApfjKlyNq3AtrsO1uAE34CbchFtwC27DbbgDd+AuVAD4MX6Cn2Ay7sN9uB/34wE8gAfxIGZiJh7CQ3gYD+MRPIJH8Sgew+N4Ao/jSTyJp/A0nsEzeA7P4Xl8Lv6rRrtKrEkGkUUJJWJEjIgVsSKXyCVyi9wij8gjIiIi4kScyCvyinwinyggCoh4ES8Ki8LCCCNIhDEAIKIiKoqJYqK4KC5KipLCCScSRIIoI8qIsqKsKCduFeXFbaKCqCjauMqisqgi2rqq4k5RTVQT1UUNUVPUErVEbVFb1BF1RF1RV9QT9UR98YBoIHpjf3xIZFWmsRiCTcRQbCqaCXnxE6yVGI6tRRvRVjwhRuIIbC9auUTxtOggxmBH8Q8xFp8VncV47CKeF11FN9FdvCB6iNaup+glJmNv0UdMw76in+gvBoiZWEO8h3Ny1hSvimQxRAwVr4kF+LoYLt4QI8RIMUq8KUaLt8QYMVaME+NFipggJoq3xSTxjpgspoipYppIFdPFDPGumClmidniPTFHvC/minlivlgg0sQHYqFYJNLFh2Kx+EhkiCViqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLHWKn2CV2i4/FHvGJ2Cs+FfvEZ2K/+FwcEF+Ig+JLkSm+EofE1+Kw+EYcEd+Ko+I7cUwcFyfE9+Kk+EGcEqfFGXFWnBM/ivPiJ3FBeAESpZBSKhnIGJlDxsqcMpe8SuaWwcVX91oZJ6+TeeX1Mp/MLwvIgjJeFpKFpZZGWkkylEVkURmVN8hi8kZZXJaQJWUp6WRpmSBvkmXkzbKsvEWWk7fK8vI2WUFWlJVkZXm7rCLvkBD55RzVZQ1ZU9aSd8va8h5ZR94r68r7ZD15v6wvH5AN5IOyoXxINpIPy8byEdlEPiqbymayuWwhW8rHZCv5uGwt28i28gnZTj4p28unZKJ8WnaQ/uJb5FnZWT4nu8jnZVfZTXaXP8kL0suespcE6C37yJdkX9lP9pcD5ED5shwkX5GD5asyWQ6RQ+Vrcph8XQ6Xb8gRcqQcJd+Uo+VbcowcK8fJ8TJFTpAT5dtyknxHTpZT5FQ5TabK6bL/xZ5mS/mn+W//Tv7gn8++SW6WW+RWuU1ulzvkTrlL7pa75R65R+6Ve+U+uU/ul/vlAXlAHpQHZabMlIfkIXlYHpZH5BF5VB6Vx+RxeVZ+L0/KH+QpeVqelmflOXlOnr/4GoBCJZRUSgUqRuVQsSqnyqWuUrnV1SqPukZF1LUqTl2n8qrrVT6VXxVQBVW8KqQKK62MsopUqIqooiqqbsCLbxhVUpVSTpVWCeqmfydfFVM3quKqxK/yL40v6Q/G11K1VK1UK9VatVZtVVvVTrVT7VV7lagSVQfVQXVUHVUn1Ul1Vp1VF9VFdVVdVXfVXfVQPVRP1VMlqSTVR72k+qp+qr8aoAaql9UgNUgNVoNVskpWQ9VQNUwNU8PVcDVCjVCj1Cg1Wo1WY9QYNU6NUykqRU1UE9UkNUlNVpPVVDVVpapUNUPNUDPVTDVbzVZz1Bw1V81V89V8labS1EK1UKWrdLVYLVYZaolaopapZWqFWqFWqVVqjVqj1ql1aoPaoDLUZrVZbVVb1Xa1Xe1UO9VutVvtUXvUXrVX7VP71H61Xx1QB9RBdVBlqkx1SB1Sh9VhdUQdUUfVUXVMHVMn1Al1Up1Up9QpdUadUefUOXVenVcX1IWsZV8gAhGoQAUxQUwQG8QGuYJcQe4gd5AnyBNEgkgQF8QFeYPrg3xB/qBAUDCIDwoFhQMdmMAG4mLRo8ENQbHgxqB4UCIoGZQKXFA6SAhuCsoENwdlg1uCcsGtQfngtqBCUDGoFFQObg+qBHcEVYM7g2rBXUH1oEZQM6gV3B3UDu4J6gT3BnWD+4J6wf1B/eCBoEHwYNAweChoFDwcNA4eCZoEjwZNg2ZB86BF0PIv7d/7U/kfdz11L52ke+s++iXdV/fT/fUAPVC/rAfpV/Rg/apO1kP0UP2aHqZf18P1G3qEHqlH6Tf1aP2WHqPH6nF6vE7RE/RE/baepN/Rk/UUPVVP06l6up6h39Uz9Sw9W7+n5+j39Vw9T8/XC3Sa/kAv1It0uv5QL9Yf6Qy9RC/Vy/RyvUKv1Kv0ar1Gr9Xr9Hq9QW/Um/RmvUVv1dv0dr1D79S79G79sd6jP9F79ad6n/5M79ef6wP6C31Qf6kz9Vf6kP5aH9bf6CP6W31Uf6eP6eP6hP5en9Q/6FP6tD6jz+pz+kd9Xv+kL2iftbjP+no3yigTY2JMrIk1uUwuk9vkNnlMHhMxERNn4kxek9fkM/lMAVPAxJt4U9gUNlnIkCliipioiZpippgpboqbkqakccaZBJNgypgypqwpa8qZcqa8KW8qmAqmkqlkbje3mzvMHeZOc6e5y9xlapgappapZWqb2qaOqWPqmrqmnqln6pv6poFpYBqahqaRaWQam8amiWlimpqmprlpblqalqaVaWVam9amrWlr2pl2pr1pbxJNoulgOpiOpqPpZDqZzqaz6WK6mK6mq+luupsepofpaXqaJJNk+pg+pq/pa/qb/magGWgGmUFmsBlskk2yGWqGmmFmmBluhpsRZqQZlbVQNW+ZMWasGWfGmxSTYiaaiWaSmWQmm8lmqplqUk2qmWFmmJlmppltZps5Zo6Za+aa+Wa+STNpZqFZaNJNullsFpsMk2GWmqVmuVluVpqVZrVZbdaatWY9rDcbzUaz2Ww2W81Ws91sNzvNTrPb7DZ7zB6z1+w1+8w+s9/sNwfMAXPQHDSZJtMcMofMYXPYHDFHzFFz1Bwzx8wJc8KcNCfNKXPKnDFnzDmT/+L3pTexNqfNZa+yue3VNo+9xv5rXMAWtPG2kC1stc1n8/8qNtba4raELWlLWWdL2wR702/iCrairWQr29ttFXuHrfqbuLa9x9ax99q69j5by979q7ievd/Wt4/YBogAtpltZFvYxvYR28Q+apvaZra5bWHb2Sdte/uUTbRP2w72md/EC+0iu9qusWvtOrvHfmLP2LP2sP3GnrM/2p62lx1oX7aD7Ct2sH3VJtshv4lH2TftaPuWHWPH2nF2/G/iqXaaTbXT7Qz7rp1pZ/0mTrMf2Dk23c618+x8u+DnOGtM6fZDu9h+ZDPsErvULrPL7Qq70q76v2NdZjfYjXaT3W0/tlvtNrvd7rA77a6f46x57LWf2n32M3vIfm0P2C/sQXvEZtqvfo6z5nfEfmuP2u/sMXvcnrDf25P2B3vKnv55/llz/97+ZC9Yb4GQgCQpCiiGclAs5aRcdBXlpqspD11DEbqW4ug6ykvXUz7KTwWoIMVTISpMmgxZIgqpCBWlKN1Al9bpJakUOSpNCXQTlaGbqSzdQuXoVipPt1EFqkiVqDLdTlXoDqpKd1I1uouqUw2qSbXobqpN91Adupfq0n1Uj+6n+vQANaAHqSE9RI3oYWpMj1ATepSaUjNqTi2oJT1Grehxak1tqC09Qe3oSWpPT1EiPU0d6BnqSP+gTvQsdabnqAs9T12pG3WnF6gHvUg9qRclUW/qQy9RX+pH/WkADaSXaRC9QoPpVUqmITSUXqNh9DoNpzdoBI2kUfQmjaa3aAyNpXE0nlJoAk2kt2kSvUOTaQpNpWmUStNpBr1LM2kWzab3aA69T3NpHs2nBZRGH9BCWkTp9CEtpo8og5bQUlpGy2kFraRVtJrW0FpaR+tpA22kTbSZttBW2kbbaQftpF20mz6mPfQJ7aVPaR99RvvpczpAX9BB+pIy6Ss6RF/TYfqGjtC3vhd9R8foOJ2g7+kk/UCn6DSdobN0jn6k8/QTXSBPEGIoQhmqMAhjwhxhbJgzzBVeFeYOrw7zhNeEkfDaMC68LswbXh/mC/OHBcKCYXxYKCwc6tCENqQwDIuERcNoeENYLLwxLB6WCEuGpUIXlg4TwpvCMuHNYdnwlrBceGtYPrwtrBBWDB+5r3J4e1glvCOsGt4ZVgvvCquHNcKaYa3w7rB2eE9YJ7w3rBveF5YN7w/rhw+EDcIHw4bhQ2Gj8OGwcfhI2CR8NGwaNgubhy3CluFjYavw8bB12CZsGz4RtgufDNuHT4WJ4dNhh/CZn9vvX/TH7Ulh77BP+FL4Uuj9vXJ+dEE0LfpBdGF0UTQ9+mF0cfSjaEZ0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3RjdFPU+1o5wKETTjrlAhfjcrhYl9Plcle53O5ql8dd4yLuWhfnrnN53fUun8vvCriCLt4VcoWddsZZRy50RVxRF3U3uGLuRlfclXAlXSnnXGmX4Fq4lq6la+Ued61dG9fWPeGecE+6J91T7in3tOvgnnEd3T9cJ/es6+yec8+5511X1811dy+4Hm5Cnl/+TSa5Pq6P6+v6uv6uvxvoBrpBbpAb7Aa7ZJfshrqhbpgb5oa74W6EG+FGuVFutBvtxrgxbpwb51JcipvoJrpJbpKb7Ca7qW6qS3Wpboab4Wa6ma7KrF/OMtfNdfPdfJfm0txCl7VmTHeL3WKX4TLcUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13291Ot9PtdrvdHn/NL526fW6/2+8OuAPuoPvSZbqv3CH3tTvsvnFH3LfuqPvOHXPH3Qn3vTvpfnCn3Gl3xp1159yP7rz7yV1w3qVEJkQmRt6OTIq8E5kcmRKZGpkWSY1Mj8yIvBuZGZkVmR15LzIn8n5kbmReZH5kQSQt8kFkYWRRJD3yYWRx5KNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf4Mv5m/0xX0JX9KX8s6X9gn+Jl/G3+zL+lt8OX+rL+9v8xV8RV/JP+qb+ma+uW/hW/rHfCv/uG/t2/i2/gnfzj/p2/unfKJ/2nfwz/iO/h++k3/Wd/bP+S7+ed/Vd/Pd/Qu+h3/R9/S9fJLv7fv4l3xf38/39wP8QP+yH+Rf8YP9qz7ZD/FD/Wt+mH/dD/dv+BF+pB8V86YffekSGcb7FD/BT/Rv+0n+HT/ZT/FT/TSf6qf7Gf5dP9PP8rP9e36Of9/P9fP8fL/Ap/kP/EK/yKf7D/1i/5HP8Esu3VT2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9Lr/bf+z3+E/8Xv+p3+c/8/v95/6A/8If9F/6TP+VP+S/9of9N/6I/9Yf9d/5Y/64P+G/9yf9D/6UP+3P+LP+nP/Rn/c/+Qv8O2uMMcYYY/8lEy7vit9r7/07z4l/OrgPAFy9rWDmP7dnrSjX5/tlv5+IbxcBgKd7dXno0la9elJS0sVjMyQERecBXPqfoCwxcDleAm3hSUiENlDmd8ffT3Q7R3/Sf/RWgFz/lBMLl+PL/X/+B/0/9sSoheXDM3H/j/7nARQvejknJ1yOl0BblfXYBsr+Qf/5W/3J+HN+kQLQ+p9ycsPl+PL4E+BxeAYSf3UkY4wxxhhjjDH2i36iUqdL15+XfuLz967P49XlnBxwOf6z63PGGGOMMcYYY4xdec926/7UY4mJbTr9+ztV/1tZvPN37+S8WOo/O9j7y8coAPgPzw7wt890y99yruSLr+e/Ni0/6wO48uX+q3au4IcSY4wxxhhj7H/E5UX/r59XV2pAjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZYNvR3/DmxKz1HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Er7PwEAAP//XX4JQA==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

0s ago: executing program 3:
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = creat(0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x0, 0x6}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
creat(&(0x7f0000000d00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x19, &(0x7f0000000880), 0x4)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
open(&(0x7f0000000080)='./bus\x00', 0xa942, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x8000)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000100)={0x0, 0x18, 0x0, 0x5, "f73584c6070d869cbedf75deaa980f609a81174e711236c371d6ad38a37356e4"})

kernel console output (not intermixed with test programs):

o access beyond end of device
[  301.134153][ T6704] loop3: rw=1, sector=1224, nr_sectors = 4 limit=256
[  301.138557][ T4014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  301.204263][ T8899] device veth0_vlan entered promiscuous mode
[  301.220697][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  301.241418][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  301.259967][ T8899] device veth1_vlan entered promiscuous mode
[  301.387752][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  301.397673][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  301.427617][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  301.448034][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  301.469371][ T8899] device veth0_macvtap entered promiscuous mode
[  301.517895][ T8899] device veth1_macvtap entered promiscuous mode
[  301.593417][ T8899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.626004][ T8899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.656408][ T8899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.698479][ T8899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.740836][ T8899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.767625][ T8899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.790601][ T8899] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.822151][ T4014] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  301.833661][ T4014] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  301.850541][ T4014] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  301.870762][ T8899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.901612][ T8899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.916097][ T8899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.945541][ T8899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.965193][ T8899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.981933][ T8899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.997210][ T8899] batman_adv: batadv0: Interface activated: batadv_slave_1
[  302.022512][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  302.051553][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  302.066359][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  302.080586][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  302.095750][ T9128] loop3: detected capacity change from 0 to 64
[  302.100948][ T8899] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  302.116073][ T8899] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  302.133895][ T8899] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  302.149620][ T8899] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  302.170306][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  302.201750][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  302.226781][ T8873] device veth0_vlan entered promiscuous mode
[  302.283923][ T4139] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  302.302214][ T4139] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  302.379245][ T8873] device veth1_vlan entered promiscuous mode
[  302.406908][ T4142] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  302.489588][ T4372] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.511655][ T4372] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.559126][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  302.579497][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  302.606297][ T8873] device veth0_macvtap entered promiscuous mode
[  302.636559][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  302.644555][ T4372] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.667478][ T4372] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.667707][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  302.695117][ T8873] device veth1_macvtap entered promiscuous mode
[  302.720996][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  302.747122][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  302.856199][ T8873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.891556][ T8873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.925979][ T8873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.960334][ T8873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.991973][ T8873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.028534][ T8873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.068138][ T8873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.117707][ T8873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.183701][ T8873] batman_adv: batadv0: Interface activated: batadv_slave_0
[  303.217428][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  303.263563][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  304.037256][ T8873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.102631][ T8873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.175299][ T8873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.222139][ T8873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.222260][ T8873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.222310][ T8873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.224423][ T8873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.224474][ T8873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.241303][ T8873] batman_adv: batadv0: Interface activated: batadv_slave_1
[  304.242183][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  304.242889][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  304.278738][ T8873] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.278775][ T8873] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.278802][ T8873] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.278832][ T8873] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.439596][ T9155] loop1: detected capacity change from 0 to 256
[  304.493408][   T26] audit: type=1800 audit(1718037341.127:1562): pid=9155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="loop1" ino=1048762 res=0 errno=0
[  304.540700][ T4374] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.612039][ T9155] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  304.657127][    C0] vkms_vblank_simulate: vblank timer overrun
[  304.764600][ T6704] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.789153][ T6704] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.883842][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  305.007616][ T4374] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.071889][ T4142] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  305.194900][ T9166] loop1: detected capacity change from 0 to 512
[  305.230433][ T9166] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  305.354653][ T9166] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[  305.391834][ T9166] System zones: 0-2, 18-18, 34-34
[  305.452099][ T9166] EXT4-fs (loop1): 1 orphan inode deleted
[  305.492110][ T9174] loop4: detected capacity change from 0 to 2048
[  305.502810][ T9166] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  305.520319][ T9166] ext4 filesystem being mounted at /root/syzkaller-testdir773541509/syzkaller.NhqwU1/23/file1 supports timestamps until 2038 (0x7fffffff)
[  305.607001][ T9166] EXT4-fs (loop1): unmounting filesystem.
[  306.308722][ T9190] xt_CT: You must specify a L4 protocol and not use inversions on it
[  306.783839][ T9197] loop1: detected capacity change from 0 to 256
[  306.841009][   T26] audit: type=1800 audit(1718037343.467:1563): pid=9197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="loop1" ino=1048768 res=0 errno=0
[  307.056214][ T9197] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  307.307914][ T9210] loop2: detected capacity change from 0 to 512
[  307.547784][ T9210] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  307.994095][ T9210] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[  308.022590][ T9210] System zones: 0-2, 18-18, 34-34
[  308.031318][ T9219] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  308.094873][ T9210] EXT4-fs (loop2): 1 orphan inode deleted
[  308.100650][ T9210] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  308.185991][ T9210] ext4 filesystem being mounted at /root/syzkaller-testdir576456503/syzkaller.95QL2u/8/file1 supports timestamps until 2038 (0x7fffffff)
[  308.201483][   T26] audit: type=1326 audit(1718037344.837:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9224 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3631c7cf69 code=0x0
[  308.271598][ T9210] EXT4-fs (loop2): unmounting filesystem.
[  308.424656][ T9230] xt_CT: You must specify a L4 protocol and not use inversions on it
[  309.432084][ T9248] loop3: detected capacity change from 0 to 128
[  310.407320][ T9248] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  310.437272][ T9248] ext4 filesystem being mounted at /root/syzkaller-testdir2383659654/syzkaller.s2p1g3/123/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  310.484726][ T9265] binder: 9264:9265 ioctl c018620c 200001c0 returned -22
[  310.526986][ T9266] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  310.642649][ T4014] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  310.697005][ T9268] loop2: detected capacity change from 0 to 512
[  310.736548][ T9268] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  310.811777][ T9268] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[  310.822369][ T9268] System zones: 0-2, 18-18, 34-34
[  310.907099][ T9268] EXT4-fs (loop2): 1 orphan inode deleted
[  310.913090][ T9268] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  310.931012][   T26] audit: type=1326 audit(1718037347.557:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9273 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3e9887cf69 code=0x0
[  310.987309][ T9268] ext4 filesystem being mounted at /root/syzkaller-testdir576456503/syzkaller.95QL2u/12/file1 supports timestamps until 2038 (0x7fffffff)
[  311.053523][ T4014] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  311.073218][ T4014] usb 2-1: New USB device found, idVendor=046d, idProduct=1017, bcdDevice= 0.00
[  311.094438][ T4014] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.111504][ T9268] EXT4-fs (loop2): unmounting filesystem.
[  311.114006][ T4014] usb 2-1: config 0 descriptor??
[  311.194598][ T4014] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  312.482681][ T9297] loop4: detected capacity change from 0 to 64
[  312.517807][ T9297] hfs: invalid catalog max_key_len 7
[  312.525348][ T9297] hfs: unable to open catalog tree
[  313.225676][ T5218] usb 2-1: USB disconnect, device number 11
[  313.297361][ T9302] loop4: detected capacity change from 0 to 512
[  313.337930][ T9302] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz-executor.4: casefold flag without casefold feature
[  313.384259][ T9310] binder: 9308:9310 ioctl c018620c 200001c0 returned -22
[  313.414391][ T9302] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.4: missing EA_INODE flag
[  313.448690][ T9302] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 2 err=-117
[  313.527081][ T9302] EXT4-fs (loop4): 1 orphan inode deleted
[  313.557018][ T9302] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  313.706089][ T8138] EXT4-fs (loop3): unmounting filesystem.
[  313.771425][ T8873] EXT4-fs (loop4): unmounting filesystem.
[  313.775244][ T9319] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  314.086064][ T9331] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  314.248070][ T9336] loop4: detected capacity change from 0 to 64
[  314.371210][ T9336] hfs: invalid catalog max_key_len 7
[  314.377957][ T9336] hfs: unable to open catalog tree
[  314.936332][ T9309] loop1: detected capacity change from 0 to 32768
[  314.970127][ T9309] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  314.979044][ T9309] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  314.996912][ T9344] binder: 9343:9344 ioctl c018620c 200001c0 returned -22
[  315.120036][ T9309] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  315.182531][ T4142] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  315.226940][ T5216] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  315.239912][ T5216] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  315.320900][ T9350] loop4: detected capacity change from 0 to 128
[  315.354014][ T5216] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 114ms
[  315.381470][ T5216] gfs2: fsid=syz:syz.0: jid=0: Done
[  315.393780][ T9309] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  315.438827][ T9350] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  315.455571][ T9350] ext4 filesystem being mounted at /root/syzkaller-testdir1212414185/syzkaller.DIgiON/13/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  315.622861][ T4142] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  315.659096][ T9359] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  315.669041][ T4142] usb 1-1: New USB device found, idVendor=046d, idProduct=1017, bcdDevice= 0.00
[  315.700967][ T4142] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.711658][ T9359] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  315.733214][ T9359] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  315.772725][ T4142] usb 1-1: config 0 descriptor??
[  315.787848][ T9309] syz-executor.1 (9309): drop_caches: 2
[  315.834546][ T4142] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  316.556368][   T26] audit: type=1326 audit(1718037353.177:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9364 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3631c7cf69 code=0x0
[  316.832811][ T5216] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  316.833747][ T8873] EXT4-fs (loop4): unmounting filesystem.
[  316.882695][ T9371] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  316.931669][ T9373] loop4: detected capacity change from 0 to 256
[  316.958956][ T9373] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  317.000232][ T9373] Process accounting resumed
[  317.035016][   T26] audit: type=1326 audit(1718037353.667:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9374 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f27cf69 code=0x7ffc0000
[  317.063090][   T26] audit: type=1326 audit(1718037353.667:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9374 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f27cf69 code=0x7ffc0000
[  317.086710][ T5216] usb 4-1: Using ep0 maxpacket: 8
[  317.093718][   T26] audit: type=1326 audit(1718037353.697:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9374 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff92f27cf69 code=0x7ffc0000
[  317.119618][   T26] audit: type=1326 audit(1718037353.697:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9374 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f27cf69 code=0x7ffc0000
[  317.144092][   T26] audit: type=1326 audit(1718037353.697:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9374 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f27cf69 code=0x7ffc0000
[  317.163799][  T155] usb 1-1: USB disconnect, device number 10
[  317.176404][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  317.182773][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  317.209588][ T5216] usb 4-1: device descriptor read/all, error -71
[  317.258250][   T26] audit: type=1326 audit(1718037353.697:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9374 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff92f27cf69 code=0x7ffc0000
[  317.319833][   T26] audit: type=1326 audit(1718037353.747:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9374 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f27cf69 code=0x7ffc0000
[  317.431765][   T26] audit: type=1326 audit(1718037353.747:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9374 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff92f27a6e7 code=0x7ffc0000
[  317.510506][   T26] audit: type=1326 audit(1718037353.747:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9374 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff92f2403d9 code=0x7ffc0000
[  319.122250][ T9386] sctp: [Deprecated]: syz-executor.4 (pid 9386) Use of struct sctp_assoc_value in delayed_ack socket option.
[  319.122250][ T9386] Use struct sctp_sack_info instead
[  320.373549][ T9407] sctp: [Deprecated]: syz-executor.3 (pid 9407) Use of int in max_burst socket option.
[  320.373549][ T9407] Use struct sctp_assoc_value instead
[  321.520302][ T9416] loop4: detected capacity change from 0 to 256
[  321.894287][   T26] kauditd_printk_skb: 65 callbacks suppressed
[  321.894303][   T26] audit: type=1326 audit(1718037358.527:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21ac87cf69 code=0x7ffc0000
[  322.051678][ T9416] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  322.190404][   T26] audit: type=1326 audit(1718037358.577:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21ac87cf69 code=0x7ffc0000
[  322.214793][ T9416] Process accounting resumed
[  322.237229][ T9492] loop3: detected capacity change from 0 to 256
[  322.267242][   T26] audit: type=1326 audit(1718037358.577:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21ac87cf69 code=0x7ffc0000
[  322.316402][ T9496] loop1: detected capacity change from 0 to 164
[  322.330363][   T26] audit: type=1326 audit(1718037358.577:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21ac87cf69 code=0x7ffc0000
[  322.354562][   T26] audit: type=1326 audit(1718037358.657:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21ac87cf69 code=0x7ffc0000
[  322.380377][   T26] audit: type=1326 audit(1718037358.667:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21ac87cf69 code=0x7ffc0000
[  322.433084][   T26] audit: type=1326 audit(1718037358.667:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f21ac87a6e7 code=0x7ffc0000
[  322.457767][   T26] audit: type=1326 audit(1718037358.667:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f21ac8403d9 code=0x7ffc0000
[  322.481722][   T26] audit: type=1326 audit(1718037358.667:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f21ac87a6e7 code=0x7ffc0000
[  322.532811][ T9500] sctp: [Deprecated]: syz-executor.3 (pid 9500) Use of struct sctp_assoc_value in delayed_ack socket option.
[  322.532811][ T9500] Use struct sctp_sack_info instead
[  322.552857][   T26] audit: type=1326 audit(1718037358.667:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f21ac8403d9 code=0x7ffc0000
[  322.560382][ T9502] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  323.301911][ T9522] loop1: detected capacity change from 0 to 512
[  323.405051][ T9528] sctp: [Deprecated]: syz-executor.2 (pid 9528) Use of int in max_burst socket option.
[  323.405051][ T9528] Use struct sctp_assoc_value instead
[  323.688916][ T9582] loop4: detected capacity change from 0 to 256
[  323.706264][ T9583] loop3: detected capacity change from 0 to 164
[  323.844524][ T9522] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  323.887705][ T9522] ext4 filesystem being mounted at /root/syzkaller-testdir773541509/syzkaller.NhqwU1/43/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038 (0x7fffffff)
[  324.076278][ T9587] loop2: detected capacity change from 0 to 256
[  324.256973][ T9587] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  324.393818][ T9587] Process accounting resumed
[  324.417997][ T9522] EXT4-fs error (device loop1): ext4_do_update_inode:5210: inode #2: comm syz-executor.1: corrupted inode contents
[  324.465734][ T9522] EXT4-fs error (device loop1): ext4_dirty_inode:6072: inode #2: comm syz-executor.1: mark_inode_dirty error
[  324.496715][ T9522] EXT4-fs error (device loop1): ext4_do_update_inode:5210: inode #2: comm syz-executor.1: corrupted inode contents
[  324.531035][ T9522] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz-executor.1: mark_inode_dirty error
[  324.646719][ T9602] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  324.659650][ T9522] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  324.725634][ T8779] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz-executor.1: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  324.778289][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  325.062711][ T8779] EXT4-fs error (device loop1): ext4_readdir:220: inode #2: comm syz-executor.1: path (unknown): directory fails checksum at offset 18432
[  326.262538][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  326.368069][ T8779] EXT4-fs error (device loop1): ext4_readdir:220: inode #2: comm syz-executor.1: path (unknown): directory fails checksum at offset 20480
[  326.392709][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  326.532563][ T8779] EXT4-fs error (device loop1): ext4_readdir:220: inode #2: comm syz-executor.1: path (unknown): directory fails checksum at offset 22528
[  326.766470][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  326.932649][ T8779] EXT4-fs error (device loop1): ext4_readdir:220: inode #2: comm syz-executor.1: path (unknown): directory fails checksum at offset 24576
[  327.011107][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  327.052607][ T8779] EXT4-fs error (device loop1): ext4_readdir:220: inode #2: comm syz-executor.1: path (unknown): directory fails checksum at offset 26624
[  327.067145][   T26] kauditd_printk_skb: 188 callbacks suppressed
[  327.067158][   T26] audit: type=1326 audit(1718037363.687:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff29507cf69 code=0x7ffc0000
[  327.120633][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  327.158279][   T26] audit: type=1326 audit(1718037363.687:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff29507cf69 code=0x7ffc0000
[  327.190278][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  327.215440][ T9684] loop4: detected capacity change from 0 to 256
[  327.229366][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  327.250493][   T26] audit: type=1326 audit(1718037363.687:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff29507cf69 code=0x7ffc0000
[  327.281685][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  327.294255][ T9684] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  327.302634][   T26] audit: type=1326 audit(1718037363.687:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff29507cf69 code=0x7ffc0000
[  327.378561][ T9684] Process accounting resumed
[  327.379689][   T26] audit: type=1326 audit(1718037363.687:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff29507cf69 code=0x7ffc0000
[  327.450925][   T26] audit: type=1326 audit(1718037363.687:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff29507cf69 code=0x7ffc0000
[  327.515063][   T26] audit: type=1326 audit(1718037363.707:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff29507cf69 code=0x7ffc0000
[  327.586421][   T26] audit: type=1326 audit(1718037363.737:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff29507a6e7 code=0x7ffc0000
[  327.640174][   T26] audit: type=1326 audit(1718037363.737:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff2950403d9 code=0x7ffc0000
[  327.695026][   T26] audit: type=1326 audit(1718037363.737:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9681 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff29507a6e7 code=0x7ffc0000
[  327.969225][ T9672] loop2: detected capacity change from 0 to 32768
[  328.031758][ T9672] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  328.232639][ T9672] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  328.479938][ T9672] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 13ms
[  328.804265][ T5216] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  328.812571][ T5216] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  329.046659][ T5216] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 234ms
[  329.073142][ T5216] gfs2: fsid=syz:syz.0: jid=0: Done
[  329.088144][ T9672] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  329.260300][ T9720] loop3: detected capacity change from 0 to 256
[  329.332062][ T9720] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  329.393198][ T9720] Process accounting resumed
[  329.681657][ T9732] loop4: detected capacity change from 0 to 164
[  329.822521][   T41] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  329.851288][ T9672] syz-executor.2 (9672): drop_caches: 2
[  330.232687][   T41] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  330.254766][   T41] usb 1-1: New USB device found, idVendor=046d, idProduct=1017, bcdDevice= 0.00
[  330.275777][   T41] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.301737][   T41] usb 1-1: config 0 descriptor??
[  330.354469][   T41] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  330.362759][ T3645] usb 5-1: new low-speed USB device number 15 using dummy_hcd
[  330.737902][ T3645] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice=1e.8d
[  330.759729][ T3645] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.781035][ T3645] usb 5-1: config 0 descriptor??
[  330.823391][ T3645] lan78xx 5-1:0.0 (unnamed net_device) (uninitialized): USB bus speed not supported
[  330.858119][ T3645] lan78xx: probe of 5-1:0.0 failed with error -5
[  331.030827][   T41] usb 5-1: USB disconnect, device number 15
[  331.248505][ T9754] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  331.427440][ T9755] loop3: detected capacity change from 0 to 512
[  331.776609][ T9755] EXT4-fs (loop3): Test dummy encryption mode enabled
[  331.901601][ T9755] EXT4-fs error (device loop3): __ext4_iget:5044: inode #11: block 1: comm syz-executor.3: invalid block
[  331.918243][ T9755] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 11 (err -117)
[  331.933947][ T9755] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  332.288909][ T9754] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  332.491844][ T3645] usb 1-1: USB disconnect, device number 11
[  332.709895][ T8138] EXT4-fs (loop3): unmounting filesystem.
[  333.764971][ T9792] loop2: detected capacity change from 0 to 32768
[  333.801521][ T9792] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (9792)
[  333.841432][ T9792] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  333.864663][ T9792] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  333.878525][ T9792] BTRFS info (device loop2): use no compression
[  333.917380][ T9792] BTRFS info (device loop2): force zlib compression, level 3
[  333.932547][ T9792] BTRFS info (device loop2): use no compression
[  333.939598][ T9792] BTRFS info (device loop2): turning on flush-on-commit
[  333.962836][ T9792] BTRFS info (device loop2): enabling auto defrag
[  333.969573][ T9792] BTRFS info (device loop2): using free space tree
[  334.121367][ T9810] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  334.236322][ T9818] loop4: detected capacity change from 0 to 512
[  334.294280][ T9792] BTRFS info (device loop2): enabling ssd optimizations
[  334.305667][ T9818] EXT4-fs (loop4): Test dummy encryption mode enabled
[  334.404271][ T8899] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  334.447475][ T9818] EXT4-fs error (device loop4): __ext4_iget:5044: inode #11: block 1: comm syz-executor.4: invalid block
[  334.460627][ T9818] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 11 (err -117)
[  334.487921][ T9818] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  334.644556][ T9802] loop3: detected capacity change from 0 to 32768
[  334.733019][ T9802] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (9802)
[  334.871851][ T9802] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  334.923562][ T9802] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  334.975172][ T9802] BTRFS info (device loop3): enabling auto defrag
[  334.995291][ T9802] BTRFS info (device loop3): doing ref verification
[  335.014796][ T9802] BTRFS info (device loop3): max_inline at 0
[  335.041223][ T9802] BTRFS info (device loop3): force clearing of disk cache
[  335.055550][ T9802] BTRFS info (device loop3): turning on sync discard
[  335.081705][ T9802] BTRFS info (device loop3): disabling free space tree
[  335.234421][ T9802] BTRFS info (device loop3): enabling ssd optimizations
[  335.253518][ T9802] BTRFS info (device loop3): rebuilding free space tree
[  335.310906][ T9802] BTRFS info (device loop3): disabling free space tree
[  335.329456][ T9802] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  335.340338][ T9802] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  335.690050][ T8138] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  335.702277][ T8779] EXT4-fs warning: 14 callbacks suppressed
[  335.702293][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  335.740134][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  335.808662][ T8779] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[  336.122316][ T8873] EXT4-fs (loop4): unmounting filesystem.
[  336.406828][ T9865] loop4: detected capacity change from 0 to 512
[  336.429499][ T8779] EXT4-fs (loop1): unmounting filesystem.
[  336.525838][ T9487] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.550347][ T9865] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  336.608129][ T9865] ext4 filesystem being mounted at /root/syzkaller-testdir1212414185/syzkaller.DIgiON/41/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038 (0x7fffffff)
[  336.750447][ T9865] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #2: comm syz-executor.4: corrupted inode contents
[  336.808625][ T9487] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.831883][ T9865] EXT4-fs error (device loop4): ext4_dirty_inode:6072: inode #2: comm syz-executor.4: mark_inode_dirty error
[  336.864845][ T9865] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #2: comm syz-executor.4: corrupted inode contents
[  336.903508][ T9865] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz-executor.4: mark_inode_dirty error
[  336.957294][ T9487] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.015736][   T26] kauditd_printk_skb: 120 callbacks suppressed
[  337.015751][   T26] audit: type=1800 audit(1718037373.647:1969): pid=9865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=19 res=0 errno=0
[  337.094916][ T9865] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  337.096439][ T9487] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.181339][ T8873] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor.4: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  337.231322][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  337.253771][ T8873] EXT4-fs error (device loop4): ext4_readdir:220: inode #2: comm syz-executor.4: path (unknown): directory fails checksum at offset 18432
[  337.269161][ T3580] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  337.289702][ T3580] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  337.299465][ T3580] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  337.309504][ T3580] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  337.318793][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  337.336644][ T3580] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  337.343929][ T8873] EXT4-fs error (device loop4): ext4_readdir:220: inode #2: comm syz-executor.4: path (unknown): directory fails checksum at offset 20480
[  337.358184][ T3580] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  337.371575][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  337.397644][ T8873] EXT4-fs error (device loop4): ext4_readdir:220: inode #2: comm syz-executor.4: path (unknown): directory fails checksum at offset 22528
[  337.413525][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  337.502769][ T8873] EXT4-fs error (device loop4): ext4_readdir:220: inode #2: comm syz-executor.4: path (unknown): directory fails checksum at offset 24576
[  337.558840][ T9871] loop2: detected capacity change from 0 to 32768
[  337.565832][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  337.603773][ T9871] resize option for remount only
[  337.631401][ T8873] EXT4-fs error (device loop4): ext4_readdir:220: inode #2: comm syz-executor.4: path (unknown): directory fails checksum at offset 26624
[  337.690748][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  337.723183][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  337.812987][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  337.892976][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  338.019758][ T9873] chnl_net:caif_netlink_parms(): no params data found
[  338.329116][ T9873] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.627672][ T9873] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.802272][ T9873] device bridge_slave_0 entered promiscuous mode
[  339.097006][ T9873] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.124818][ T9873] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.146071][ T9873] device bridge_slave_1 entered promiscuous mode
[  339.304944][ T9873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.326261][ T9873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  339.402889][ T3580] Bluetooth: hci4: command tx timeout
[  339.460879][ T9873] team0: Port device team_slave_0 added
[  339.537576][ T9873] team0: Port device team_slave_1 added
[  339.611160][ T9873] batman_adv: batadv0: Adding interface: batadv_slave_0
[  339.631264][ T9873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  339.689292][ T9873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  339.763039][ T9873] batman_adv: batadv0: Adding interface: batadv_slave_1
[  339.770624][ T9873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  339.832599][ T9873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  339.920676][ T9487] device hsr_slave_0 left promiscuous mode
[  339.933329][ T9487] device hsr_slave_1 left promiscuous mode
[  339.943309][ T9487] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  339.972705][ T9487] batman_adv: batadv0: Removing interface: batadv_slave_0
[  339.999239][ T9487] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  340.022647][ T9487] batman_adv: batadv0: Removing interface: batadv_slave_1
[  340.042019][ T9487] device bridge_slave_1 left promiscuous mode
[  340.070543][ T9487] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.089434][ T9487] device bridge_slave_0 left promiscuous mode
[  340.106424][ T9487] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.148558][ T9487] device veth1_macvtap left promiscuous mode
[  340.161577][ T9487] device veth0_macvtap left promiscuous mode
[  340.175731][ T9487] device veth1_vlan left promiscuous mode
[  340.188638][ T9487] device veth0_vlan left promiscuous mode
[  340.824742][ T9915] loop2: detected capacity change from 0 to 32768
[  340.835384][ T9487] team0 (unregistering): Port device team_slave_1 removed
[  340.874864][ T9915] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (9915)
[  340.881418][ T9487] team0 (unregistering): Port device team_slave_0 removed
[  340.926115][ T9915] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  340.936887][ T9487] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  340.959219][ T9915] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  340.983079][ T9915] BTRFS info (device loop2): use no compression
[  340.990034][ T9915] BTRFS info (device loop2): force zlib compression, level 3
[  340.998870][ T9487] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.026040][ T9915] BTRFS info (device loop2): use no compression
[  341.032341][ T9915] BTRFS info (device loop2): turning on flush-on-commit
[  341.054337][ T9915] BTRFS info (device loop2): enabling auto defrag
[  341.060915][ T9915] BTRFS info (device loop2): using free space tree
[  341.286726][ T9487] bond0 (unregistering): Released all slaves
[  341.295165][ T9917] loop3: detected capacity change from 0 to 32768
[  341.307493][ T9917] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (9917)
[  341.340256][ T9915] BTRFS info (device loop2): enabling ssd optimizations
[  341.347629][ T9917] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  341.358072][ T9917] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  341.387954][ T9917] BTRFS info (device loop3): enabling auto defrag
[  341.398118][ T9917] BTRFS info (device loop3): doing ref verification
[  341.405663][ T9917] BTRFS info (device loop3): max_inline at 0
[  341.412387][ T9917] BTRFS info (device loop3): force clearing of disk cache
[  341.419849][ T9917] BTRFS info (device loop3): turning on sync discard
[  341.427250][ T9917] BTRFS info (device loop3): disabling free space tree
[  341.427360][ T8899] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  341.485750][ T3580] Bluetooth: hci4: command tx timeout
[  341.501929][ T9873] device hsr_slave_0 entered promiscuous mode
[  341.516634][ T9873] device hsr_slave_1 entered promiscuous mode
[  341.643579][ T9917] BTRFS info (device loop3): enabling ssd optimizations
[  341.662999][ T9917] BTRFS info (device loop3): rebuilding free space tree
[  341.724918][ T9917] BTRFS info (device loop3): disabling free space tree
[  341.751739][ T9917] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  341.801739][ T9917] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  342.066724][ T8138] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  342.671280][ T9971] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  342.714641][ T9971] device bond1 entered promiscuous mode
[  342.720629][ T9971] 8021q: adding VLAN 0 to HW filter on device bond1
[  342.803949][ T9973] 8021q: adding VLAN 0 to HW filter on device bond1
[  342.811031][ T9973] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  342.909216][ T9973] bond1: (slave ip6gre1): Error -95 calling set_mac_address
[  343.059305][ T9986] loop2: detected capacity change from 0 to 512
[  343.165454][ T9986] EXT4-fs error (device loop2): __ext4_fill_super:5399: inode #2: comm syz-executor.2: iget: special inode unallocated
[  343.242699][ T9986] EXT4-fs (loop2): get root inode failed
[  343.282769][ T9986] EXT4-fs (loop2): mount failed
[  343.344455][ T9993] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  343.562840][ T3580] Bluetooth: hci4: command tx timeout
[  344.244186][ T9997] loop3: detected capacity change from 0 to 512
[  344.305379][ T9997] EXT4-fs (loop3): Test dummy encryption mode enabled
[  344.390976][ T9873] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  344.433417][ T9873] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  344.513781][ T9873] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  344.563261][ T9873] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  344.730036][ T9997] EXT4-fs error (device loop3): __ext4_iget:5044: inode #11: block 1: comm syz-executor.3: invalid block
[  344.802579][ T9997] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 11 (err -117)
[  344.932391][ T9873] 8021q: adding VLAN 0 to HW filter on device bond0
[  344.941125][ T9997] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  344.981844][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  345.001210][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  345.034663][ T9873] 8021q: adding VLAN 0 to HW filter on device team0
[  345.058315][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  345.078042][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  345.158562][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[  345.165958][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[  345.252187][ T6036] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  345.262030][ T6036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  345.288540][ T6036] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  345.307995][ T6036] bridge0: port 2(bridge_slave_1) entered blocking state
[  345.315417][ T6036] bridge0: port 2(bridge_slave_1) entered forwarding state
[  345.339803][ T6036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  345.411463][ T3675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  345.430446][ T3675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  345.468066][ T3675] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  345.476223][T10005] loop2: detected capacity change from 0 to 32768
[  345.492323][T10005] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10005)
[  345.531731][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  345.545816][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  345.561789][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  345.575267][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  345.590382][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  345.600577][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  345.617806][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  345.632713][ T9873] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  345.642684][ T3580] Bluetooth: hci4: command tx timeout
[  345.654886][T10005] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  345.718399][T10005] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  345.817312][T10005] BTRFS info (device loop2): enabling auto defrag
[  345.832953][T10005] BTRFS info (device loop2): doing ref verification
[  345.840928][T10005] BTRFS info (device loop2): max_inline at 0
[  345.848852][T10005] BTRFS info (device loop2): force clearing of disk cache
[  345.904708][T10005] BTRFS info (device loop2): turning on sync discard
[  345.911716][T10005] BTRFS info (device loop2): disabling free space tree
[  346.103135][T10005] BTRFS info (device loop2): enabling ssd optimizations
[  346.124739][T10005] BTRFS info (device loop2): rebuilding free space tree
[  346.165176][T10005] BTRFS info (device loop2): disabling free space tree
[  346.172125][T10005] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  346.213771][T10005] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  346.275696][ T8138] EXT4-fs (loop3): unmounting filesystem.
[  346.462350][ T9873] 8021q: adding VLAN 0 to HW filter on device batadv0
[  346.495318][ T8899] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  346.519311][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  346.528051][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  346.601331][T10052] loop3: detected capacity change from 0 to 512
[  346.655151][ T9873] device veth0_vlan entered promiscuous mode
[  346.682822][ T9873] device veth1_vlan entered promiscuous mode
[  346.699246][T10052] EXT4-fs error (device loop3): __ext4_fill_super:5399: inode #2: comm syz-executor.3: iget: special inode unallocated
[  346.768963][T10052] EXT4-fs (loop3): get root inode failed
[  346.793889][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  346.793889][T10052] EXT4-fs (loop3): mount failed
[  346.809495][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  346.818428][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  346.827593][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  346.836869][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  346.845520][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  346.868765][ T9873] device veth0_macvtap entered promiscuous mode
[  346.986292][ T9873] device veth1_macvtap entered promiscuous mode
[  347.005332][ T9873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  347.032818][ T9873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  347.089964][ T9873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  347.127737][ T9873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  347.334941][ T9873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  347.671162][ T9873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  347.712699][ T9873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  347.763518][ T9873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  347.812779][ T9873] batman_adv: batadv0: Interface activated: batadv_slave_0
[  347.842829][T10058] netlink: 204152 bytes leftover after parsing attributes in process `syz-executor.0'.
[  347.862804][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  347.881091][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  347.901238][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  347.921571][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  347.941798][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  347.951628][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  347.960541][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  347.972062][ T9873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  347.987298][ T9873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  347.999328][ T9873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  348.010060][ T9873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.020033][ T9873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  348.058594][ T9873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.082492][ T9873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  348.095771][ T9873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.126503][ T9873] batman_adv: batadv0: Interface activated: batadv_slave_1
[  348.134223][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  348.167782][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  348.188161][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  348.226585][ T9873] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  348.263546][ T9873] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  348.288461][ T9873] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  348.311758][ T9873] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  348.573328][ T9480] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.594159][ T9480] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.648336][ T5222] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  348.689842][ T3611] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.736042][ T3611] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.782298][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  349.511876][T10088] loop3: detected capacity change from 0 to 8192
[  349.812260][T10078] loop2: detected capacity change from 0 to 32768
[  349.855126][T10078] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10078)
[  349.923829][T10078] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  349.950613][ T8873] EXT4-fs warning: 14 callbacks suppressed
[  349.950630][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  349.973049][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  349.988951][T10078] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  349.999472][ T8873] EXT4-fs warning (device loop4): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.4: No space for directory leaf checksum. Please run e2fsck -D.
[  350.017663][T10078] BTRFS info (device loop2): use no compression
[  350.028284][T10078] BTRFS info (device loop2): force zlib compression, level 3
[  350.036179][T10078] BTRFS info (device loop2): use no compression
[  350.050328][T10078] BTRFS info (device loop2): turning on flush-on-commit
[  350.092331][T10078] BTRFS info (device loop2): enabling auto defrag
[  350.114729][T10078] BTRFS info (device loop2): using free space tree
[  350.282918][T10078] BTRFS info (device loop2): enabling ssd optimizations
[  350.339382][ T8873] EXT4-fs (loop4): unmounting filesystem.
[  350.478005][T10093] loop3: detected capacity change from 0 to 32768
[  350.479391][ T8899] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  350.536690][T10093] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (10093)
[  350.850843][T10093] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  350.871948][T10093] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  350.874327][ T3611] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  350.921961][T10093] BTRFS info (device loop3): enabling auto defrag
[  350.954308][T10093] BTRFS info (device loop3): doing ref verification
[  350.977679][T10093] BTRFS info (device loop3): max_inline at 0
[  351.006972][T10093] BTRFS info (device loop3): force clearing of disk cache
[  351.037338][T10093] BTRFS info (device loop3): turning on sync discard
[  351.057630][T10093] BTRFS info (device loop3): disabling free space tree
[  351.128170][ T3611] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.322207][   T47] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  351.387194][ T3611] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.398077][   T47] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  351.849686][T10145] loop2: detected capacity change from 0 to 8192
[  352.133442][ T3583] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  352.144000][ T3583] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  352.153944][ T3583] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  352.161791][ T3583] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  352.320848][ T3611] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.327089][   T26] audit: type=1804 audit(1718037388.957:1970): pid=10153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3609242562/syzkaller.nyEe2a/7/bus" dev="sda1" ino=1952 res=1 errno=0
[  352.362037][   T26] audit: type=1804 audit(1718037388.987:1971): pid=10153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir3609242562/syzkaller.nyEe2a/7/bus" dev="sda1" ino=1952 res=1 errno=0
[  352.414697][   T26] audit: type=1804 audit(1718037388.987:1972): pid=10153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3609242562/syzkaller.nyEe2a/7/bus" dev="sda1" ino=1952 res=1 errno=0
[  352.441046][T10153] Invalid ELF header magic: != ELF
[  352.528660][T10093] BTRFS info (device loop3): enabling ssd optimizations
[  352.571837][T10093] BTRFS info (device loop3): rebuilding free space tree
[  352.713805][T10093] BTRFS info (device loop3): disabling free space tree
[  352.726770][T10093] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  352.744503][T10093] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  352.780119][T10139] chnl_net:caif_netlink_parms(): no params data found
[  352.917286][ T8138] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  353.005428][T10139] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.017895][T10139] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.026875][T10139] device bridge_slave_0 entered promiscuous mode
[  353.221741][T10139] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.232563][T10139] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.241133][T10139] device bridge_slave_1 entered promiscuous mode
[  353.390154][T10194] loop1: detected capacity change from 0 to 1024
[  353.437449][T10139] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  353.527181][T10139] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  354.004177][T10199] loop2: detected capacity change from 0 to 8192
[  354.292600][ T3583] Bluetooth: hci1: command tx timeout
[  354.443023][T10139] team0: Port device team_slave_0 added
[  354.453199][T10139] team0: Port device team_slave_1 added
[  354.517580][ T9480] hfsplus: b-tree write err: -5, ino 3
[  354.530417][T10139] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.541818][T10139] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.579132][T10139] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.627622][T10139] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.647397][T10139] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.717552][T10139] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.829309][T10139] device hsr_slave_0 entered promiscuous mode
[  354.845555][T10139] device hsr_slave_1 entered promiscuous mode
[  354.859132][T10139] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  354.869876][T10139] Cannot create hsr debugfs directory
[  354.941336][T10223] program syz-executor.1 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  355.042937][ T3613] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  355.189158][ T3611] device hsr_slave_0 left promiscuous mode
[  355.194483][T10208] loop3: detected capacity change from 0 to 32768
[  355.204898][ T3611] device hsr_slave_1 left promiscuous mode
[  355.212083][ T3611] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  355.229104][ T3611] batman_adv: batadv0: Removing interface: batadv_slave_0
[  355.243536][T10208] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  355.261977][ T3611] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  355.273004][T10208] XFS (loop3): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent.
[  355.282517][ T3611] batman_adv: batadv0: Removing interface: batadv_slave_1
[  355.298486][ T3611] device bridge_slave_1 left promiscuous mode
[  355.318893][ T3611] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.344859][ T3611] device bridge_slave_0 left promiscuous mode
[  355.353202][T10208] XFS (loop3): Quotacheck needed: Please wait.
[  355.358486][ T3611] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.377894][T10235] loop1: detected capacity change from 0 to 4096
[  355.378644][ T3611] device veth1_macvtap left promiscuous mode
[  355.413160][ T3613] usb 3-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  355.422253][ T3613] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.423623][T10235] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  355.434793][ T3611] device veth0_macvtap left promiscuous mode
[  355.487145][T10235] ntfs: volume version 3.1.
[  355.492045][ T3613] usb 3-1: config 0 descriptor??
[  355.498697][T10208] XFS (loop3): Quotacheck: Done.
[  355.502383][ T3611] device veth1_vlan left promiscuous mode
[  355.515196][ T3611] device veth0_vlan left promiscuous mode
[  355.535656][   T26] audit: type=1800 audit(1718037392.167:1973): pid=10241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1961 res=0 errno=0
[  355.537946][ T3613] gspca_main: sunplus-2.14.0 probing 055f:c420
[  355.577864][ T8138] XFS (loop3): Unmounting Filesystem
[  355.762860][ T3613] gspca_sunplus: reg_w_riv err -71
[  355.768577][ T3613] sunplus: probe of 3-1:0.0 failed with error -71
[  355.784019][ T3613] usb 3-1: USB disconnect, device number 7
[  355.901325][T10249] loop3: detected capacity change from 0 to 1024
[  355.964453][ T9476] hfsplus: b-tree write err: -5, ino 3
[  356.030530][ T3611] team0 (unregistering): Port device team_slave_1 removed
[  356.075510][ T3611] team0 (unregistering): Port device team_slave_0 removed
[  356.089159][ T3611] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  356.109981][ T3611] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  356.210902][ T3611] bond0 (unregistering): Released all slaves
[  356.276472][T10245] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  356.372910][ T3580] Bluetooth: hci1: command tx timeout
[  356.477381][T10263] loop1: detected capacity change from 0 to 1024
[  356.569962][   T26] audit: type=1800 audit(1718037393.197:1974): pid=10277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1962 res=0 errno=0
[  356.640753][ T4705] hfsplus: b-tree write err: -5, ino 4
[  356.712489][   T26] audit: type=1326 audit(1718037393.327:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10282 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff29507cf69 code=0x0
[  356.790770][T10285] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  356.799606][T10285] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  356.859309][T10281] loop2: detected capacity change from 0 to 4096
[  356.876302][T10281] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  356.935933][T10281] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  357.001247][T10293] tipc: Started in network mode
[  357.021088][T10293] tipc: Node identity fec0ffff00000000000000000000001, cluster identity 4711
[  357.062552][T10293] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  357.074155][ T9476] ntfs3: loop2: ntfs3_write_inode r=5 failed, -22.
[  357.090632][ T8899] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22.
[  357.112654][ T4138] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  357.153716][T10297] ubi0: attaching mtd0
[  357.158349][T10297] ubi0 error: ubi_attach_mtd_dev: bad VID header (8454144) or data offsets (8454208)
[  357.260756][T10139] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  357.290387][T10139] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  357.308301][T10139] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  357.328611][T10304] loop2: detected capacity change from 0 to 1024
[  357.345612][T10139] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  357.353858][   T26] audit: type=1800 audit(1718037393.987:1976): pid=10308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1956 res=0 errno=0
[  357.447015][ T4705] hfsplus: b-tree write err: -5, ino 4
[  357.477991][   T26] audit: type=1326 audit(1718037394.107:1977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10311 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f21ac87cf69 code=0x0
[  357.522730][ T4138] usb 4-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  357.545981][T10316] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  357.554288][T10316] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  357.562978][ T4138] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.578035][T10139] 8021q: adding VLAN 0 to HW filter on device bond0
[  357.588321][ T4138] usb 4-1: config 0 descriptor??
[  357.610380][ T5222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  357.625289][ T5222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  357.646758][T10139] 8021q: adding VLAN 0 to HW filter on device team0
[  357.650628][ T4138] gspca_main: sunplus-2.14.0 probing 055f:c420
[  357.768634][T10318] netlink: 55 bytes leftover after parsing attributes in process `syz-executor.2'.
[  357.799399][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  357.808566][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  357.833219][ T5221] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.840451][ T5221] bridge0: port 1(bridge_slave_0) entered forwarding state
[  357.862954][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  357.873622][ T4138] gspca_sunplus: reg_w_riv err -71
[  357.878916][ T4138] sunplus: probe of 4-1:0.0 failed with error -71
[  357.879893][T10322] loop2: detected capacity change from 0 to 128
[  357.893220][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  357.905677][ T5221] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.910721][ T4138] usb 4-1: USB disconnect, device number 12
[  357.912814][ T5221] bridge0: port 2(bridge_slave_1) entered forwarding state
[  357.932654][T10320] loop1: detected capacity change from 0 to 4096
[  357.969825][T10320] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  357.993694][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  358.017470][T10320] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  358.017550][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  358.072918][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  358.080983][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  358.116621][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  358.133276][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  358.158602][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  358.191898][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  358.209522][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  358.235805][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  358.253141][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  358.262330][T10139] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  358.377840][ T5222] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  358.410461][ T9487] ntfs3: loop1: ntfs3_write_inode r=5 failed, -22.
[  358.439014][ T9873] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  358.453016][ T3580] Bluetooth: hci1: command tx timeout
[  358.480587][T10328] tipc: Started in network mode
[  358.494763][T10328] tipc: Node identity fec0ffff00000000000000000000001, cluster identity 4711
[  358.545020][T10328] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  358.556120][T10331] ubi0: attaching mtd0
[  358.568540][T10331] ubi0 error: ubi_attach_mtd_dev: bad VID header (8454144) or data offsets (8454208)
[  358.751519][T10340] loop1: detected capacity change from 0 to 1024
[  358.772764][   T26] audit: type=1800 audit(1718037395.397:1978): pid=10342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1955 res=0 errno=0
[  358.800845][ T3583] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  358.809482][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  358.822743][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  358.828745][ T3583] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  358.840072][ T3583] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  358.845334][T10139] 8021q: adding VLAN 0 to HW filter on device batadv0
[  358.872033][   T47] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  358.880134][   T47] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  358.892654][   T47] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  358.991400][ T6704] hfsplus: b-tree write err: -5, ino 4
[  359.073301][   T26] audit: type=1326 audit(1718037395.707:1979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10349 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe2f927cf69 code=0x0
[  359.445691][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  359.470036][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  359.560849][T10341] chnl_net:caif_netlink_parms(): no params data found
[  359.567735][T10366] loop3: detected capacity change from 0 to 1024
[  359.589323][T10358] loop1: detected capacity change from 0 to 256
[  359.609543][ T5222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  359.631759][T10345] loop2: detected capacity change from 0 to 32768
[  359.633331][ T5222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  359.647905][T10345] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10345)
[  359.673036][ T4705] hfsplus: b-tree write err: -5, ino 4
[  359.712539][T10345] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  359.732766][ T5222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  359.742241][T10345] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  359.751330][ T5222] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  359.756195][T10345] BTRFS info (device loop2): using free space tree
[  359.788141][T10139] device veth0_vlan entered promiscuous mode
[  359.818962][T10345] BTRFS info (device loop2): enabling ssd optimizations
[  359.894053][T10139] device veth1_vlan entered promiscuous mode
[  359.901538][T10341] bridge0: port 1(bridge_slave_0) entered blocking state
[  359.919340][T10341] bridge0: port 1(bridge_slave_0) entered disabled state
[  359.927003][ T8899] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  359.954866][T10341] device bridge_slave_0 entered promiscuous mode
[  360.000269][T10341] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.017618][T10341] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.043159][T10341] device bridge_slave_1 entered promiscuous mode
[  360.178625][T10369] loop3: detected capacity change from 0 to 32768
[  360.253989][T10369] XFS (loop3): Mounting V5 Filesystem
[  360.264898][T10341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  360.297496][T10341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  360.374763][T10369] XFS (loop3): Ending clean mount
[  360.395066][ T3331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  360.405987][ T3331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  360.428106][T10341] team0: Port device team_slave_0 added
[  360.438722][T10139] device veth0_macvtap entered promiscuous mode
[  360.448668][T10402] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  360.486810][T10341] team0: Port device team_slave_1 added
[  360.496306][T10139] device veth1_macvtap entered promiscuous mode
[  360.524289][   T47] Bluetooth: hci1: command tx timeout
[  360.580955][T10341] batman_adv: batadv0: Adding interface: batadv_slave_0
[  360.588209][T10341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.615031][T10341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  360.628397][T10341] batman_adv: batadv0: Adding interface: batadv_slave_1
[  360.639669][T10341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.710533][T10341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  360.725661][T10409] loop1: detected capacity change from 0 to 4096
[  360.749378][ T5218] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  360.751248][T10409] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  360.785777][ T5218] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  360.799016][T10139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  360.819497][T10139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.830460][T10409] ntfs: volume version 3.1.
[  360.844904][T10139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  360.862447][T10139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.877558][T10139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  360.903341][T10139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.923811][T10139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  360.934567][   T47] Bluetooth: hci2: command tx timeout
[  360.943688][T10139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.955035][ T8138] XFS (loop3): Unmounting Filesystem
[  360.955108][T10139] batman_adv: batadv0: Interface activated: batadv_slave_0
[  360.979820][ T4138] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  360.989204][ T4138] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  361.035197][T10139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  361.052686][T10139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  361.079170][T10139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  361.102483][T10139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  361.116873][T10139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  361.127750][T10139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  361.137686][T10139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  361.151119][T10139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  361.173150][T10139] batman_adv: batadv0: Interface activated: batadv_slave_1
[  361.192127][T10341] device hsr_slave_0 entered promiscuous mode
[  361.220831][T10341] device hsr_slave_1 entered promiscuous mode
[  361.229791][T10341] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  361.244129][T10341] Cannot create hsr debugfs directory
[  361.249780][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  361.263395][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  361.276313][T10139] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.289924][T10139] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.301412][T10139] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.314479][T10139] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.522626][T10413] loop2: detected capacity change from 0 to 40427
[  361.540661][T10413] F2FS-fs (loop2): Invalid log sectorsize (2)
[  361.559924][ T9476] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.570792][T10413] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  361.591817][ T9476] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  361.620245][ T5218] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  361.699884][T10413] F2FS-fs (loop2): Found nat_bits in checkpoint
[  361.776549][T10432] xt_CT: You must specify a L4 protocol and not use inversions on it
[  361.940040][T10341] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.006995][T10413] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  362.038957][T10413] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  362.146972][ T4372] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.214552][ T4372] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.395550][T10341] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.414315][T10413] syz-executor.2: attempt to access beyond end of device
[  362.414315][T10413] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  362.437959][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  362.448880][T10413] syz-executor.2: attempt to access beyond end of device
[  362.448880][T10413] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  362.546009][T10341] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.593345][ T8899] syz-executor.2: attempt to access beyond end of device
[  362.593345][ T8899] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  362.676015][T10341] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.882102][T10425] loop3: detected capacity change from 0 to 32768
[  363.005787][T10341] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  363.012627][   T47] Bluetooth: hci2: command tx timeout
[  363.041688][T10341] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  363.081112][T10341] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  363.103370][T10341] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  363.184850][T10445] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  363.276178][T10447] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  363.309400][T10341] 8021q: adding VLAN 0 to HW filter on device bond0
[  363.366389][T10341] 8021q: adding VLAN 0 to HW filter on device team0
[  363.384222][ T3701] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  363.393668][ T3701] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  363.486652][ T4705] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.511896][T10455] loop2: detected capacity change from 0 to 1024
[  363.587099][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  363.603341][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  363.621290][T10443] loop1: detected capacity change from 0 to 32768
[  363.631023][ T5221] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.638215][ T5221] bridge0: port 1(bridge_slave_0) entered forwarding state
[  363.646005][ T6704] hfsplus: b-tree write err: -5, ino 4
[  363.653858][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  363.663476][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  363.671973][ T5221] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.679121][ T5221] bridge0: port 2(bridge_slave_1) entered forwarding state
[  363.687902][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  363.697513][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  363.706603][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  363.715633][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  363.716785][T10443] XFS (loop1): Mounting V5 Filesystem
[  363.725041][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  363.738002][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  363.771372][T10341] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  363.796484][T10463] loop2: detected capacity change from 0 to 8
[  363.819805][T10463] squashfs: Unknown parameter '�F���$������d�-��;YD�<�3�X߮�N�q�4�S�ŕ�s۵Z�QP�u���2%l�W\Yf����:?�x�|:�B�����E�}Ce2��f�'
[  363.856221][T10341] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  363.881269][T10443] XFS (loop1): Ending clean mount
[  363.956267][ T4705] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.042005][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  364.064882][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  364.073822][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  364.073822][   T47] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  364.082269][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  364.096601][   T47] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  364.110049][   T47] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  364.136343][   T47] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  364.144622][   T47] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  364.147705][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  364.159727][ T3583] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  364.171841][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  364.194275][T10473] netlink: 55 bytes leftover after parsing attributes in process `syz-executor.3'.
[  364.256429][ T4705] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.299756][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  364.389706][ T4705] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.401438][ T9873] XFS (loop1): Unmounting Filesystem
[  364.769423][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  364.777920][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  364.788001][T10341] 8021q: adding VLAN 0 to HW filter on device batadv0
[  364.919060][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  364.938514][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  364.975326][T10497] loop2: detected capacity change from 0 to 1024
[  364.985651][T10474] chnl_net:caif_netlink_parms(): no params data found
[  365.017660][T10497] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  365.030726][T10497] EXT4-fs (loop2): orphan cleanup on readonly fs
[  365.061177][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  365.070359][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  365.082851][ T3580] Bluetooth: hci2: command tx timeout
[  365.108875][T10497] EXT4-fs error (device loop2): __ext4_get_inode_loc:4495: comm syz-executor.2: Invalid inode table block 0 in block_group 0
[  365.136348][T10341] device veth0_vlan entered promiscuous mode
[  365.151514][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  365.159334][T10497] EXT4-fs (loop2): Remounting filesystem read-only
[  365.159822][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  365.192318][T10497] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  365.242090][T10497] EXT4-fs error (device loop2): ext4_quota_write:7172: inode #3: comm syz-executor.2: mark_inode_dirty error
[  365.261330][T10341] device veth1_vlan entered promiscuous mode
[  365.292943][T10497] Quota error (device loop2): write_blk: dquota write failed
[  365.303800][T10474] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.311153][T10474] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.327565][T10474] device bridge_slave_0 entered promiscuous mode
[  365.332607][T10497] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  365.360597][T10474] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.368145][T10474] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.378378][T10474] device bridge_slave_1 entered promiscuous mode
[  365.385084][T10497] EXT4-fs error (device loop2): ext4_acquire_dquot:6777: comm syz-executor.2: Failed to acquire dquot type 0
[  365.393886][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  365.407218][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  365.421570][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  365.437746][T10060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  365.448285][T10497] EXT4-fs (loop2): 1 truncate cleaned up
[  365.482968][T10497] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  365.520262][T10341] device veth0_macvtap entered promiscuous mode
[  365.540070][T10474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  365.585956][T10341] device veth1_macvtap entered promiscuous mode
[  365.606975][T10474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  365.664371][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  365.677180][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.688037][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  365.698798][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.715999][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  365.730077][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.744280][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  365.760231][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.772538][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  365.785887][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.797575][T10341] batman_adv: batadv0: Interface activated: batadv_slave_0
[  365.829163][T10474] team0: Port device team_slave_0 added
[  365.843260][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  365.862822][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  365.885703][ T8899] EXT4-fs (loop2): unmounting filesystem.
[  365.902940][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  365.917295][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  365.944334][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  365.972485][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.990260][T10518] loop3: detected capacity change from 0 to 32768
[  365.994929][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  366.007398][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.011122][T10518] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (10518)
[  366.018165][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  366.044294][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.055561][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  366.066353][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.067889][T10518] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  366.076200][T10341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  366.076218][T10341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.077784][T10341] batman_adv: batadv0: Interface activated: batadv_slave_1
[  366.120175][T10474] team0: Port device team_slave_1 added
[  366.137459][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  366.156608][ T4144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  366.166938][T10518] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  366.185355][T10341] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  366.186614][T10518] BTRFS info (device loop3): setting nodatacow, compression disabled
[  366.201891][T10341] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  366.206987][ T3580] Bluetooth: hci1: command tx timeout
[  366.212181][T10341] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  366.242819][T10518] BTRFS info (device loop3): turning on flush-on-commit
[  366.249916][T10518] BTRFS info (device loop3): enabling auto defrag
[  366.257654][T10341] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  366.278109][T10518] BTRFS info (device loop3): max_inline at 0
[  366.284658][T10518] BTRFS info (device loop3): using free space tree
[  366.357686][T10474] batman_adv: batadv0: Adding interface: batadv_slave_0
[  366.376338][T10474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  366.422534][T10474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  366.458305][T10474] batman_adv: batadv0: Adding interface: batadv_slave_1
[  366.466028][T10474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  366.494838][T10474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  366.574558][T10518] BTRFS info (device loop3): enabling ssd optimizations
[  366.667783][T10474] device hsr_slave_0 entered promiscuous mode
[  366.680695][T10474] device hsr_slave_1 entered promiscuous mode
[  366.689690][T10474] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  366.697561][T10474] Cannot create hsr debugfs directory
[  366.791157][ T8138] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  366.805676][ T4705] device hsr_slave_0 left promiscuous mode
[  366.834843][ T4705] device hsr_slave_1 left promiscuous mode
[  366.847544][ T4705] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  366.875018][ T4705] batman_adv: batadv0: Removing interface: batadv_slave_0
[  366.939679][ T4705] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  366.951977][ T4705] batman_adv: batadv0: Removing interface: batadv_slave_1
[  366.977980][T10569] syz-executor.2[10569] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  366.978124][T10569] syz-executor.2[10569] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  367.153981][ T4705] device bridge_slave_1 left promiscuous mode
[  367.166082][ T3583] Bluetooth: hci2: command tx timeout
[  367.210211][ T4705] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.220040][ T4705] device bridge_slave_0 left promiscuous mode
[  367.227989][ T4705] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.258101][ T4705] device veth1_macvtap left promiscuous mode
[  367.268158][ T4705] device veth0_macvtap left promiscuous mode
[  367.275323][ T4705] device veth1_vlan left promiscuous mode
[  367.281274][ T4705] device veth0_vlan left promiscuous mode
[  367.498638][T10576] kAFS: Can only specify source 'none' with -o dyn
[  367.658454][ T4705] team0 (unregistering): Port device team_slave_1 removed
[  367.686333][ T4705] team0 (unregistering): Port device team_slave_0 removed
[  367.709185][ T4705] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  367.757079][ T4705] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  367.793722][T10573] loop3: detected capacity change from 0 to 32768
[  367.900347][ T4705] bond0 (unregistering): Released all slaves
[  368.104122][ T9487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  368.124474][ T9487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  368.181004][ T3331] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  368.191861][T10578] loop1: detected capacity change from 0 to 32768
[  368.261588][T10578] XFS (loop1): Mounting V5 Filesystem
[  368.282601][ T3580] Bluetooth: hci1: command tx timeout
[  368.307717][ T6704] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  368.331743][ T6704] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  368.395428][T10578] XFS (loop1): Ending clean mount
[  368.422105][ T4133] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  368.508910][T10578] XFS (loop1): Quotacheck needed: Please wait.
[  368.578603][T10578] XFS (loop1): Quotacheck: Done.
[  368.603290][   T52] block nbd0: Attempted send on invalid socket
[  368.610101][   T52] I/O error, dev nbd0, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  368.642651][T10599] qnx6: unable to read the first superblock
[  368.673002][  T120] block nbd0: Attempted send on invalid socket
[  368.679323][  T120] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  368.691772][T10599] qnx6: unable to read the first superblock
[  368.732518][T10599] qnx6: unable to read the first superblock
[  368.830238][ T9873] XFS (loop1): Unmounting Filesystem
[  369.165988][T10596] loop2: detected capacity change from 0 to 32768
[  369.211411][T10596] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10596)
[  369.292721][T10596] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  369.342874][T10596] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  369.351638][T10596] BTRFS info (device loop2): setting nodatacow, compression disabled
[  369.399501][T10596] BTRFS info (device loop2): turning on flush-on-commit
[  369.410032][T10474] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  369.432774][T10596] BTRFS info (device loop2): enabling auto defrag
[  369.439278][T10596] BTRFS info (device loop2): max_inline at 0
[  369.455281][T10474] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  369.479220][T10596] BTRFS info (device loop2): using free space tree
[  369.487236][T10474] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  369.531327][T10474] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  369.626941][T10600] loop3: detected capacity change from 0 to 32768
[  369.700909][T10596] BTRFS info (device loop2): enabling ssd optimizations
[  369.708097][T10474] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.715626][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  369.734776][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  369.756753][T10474] 8021q: adding VLAN 0 to HW filter on device team0
[  369.782377][ T3331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  369.813226][ T3331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  369.821928][ T3331] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.830220][ T3331] bridge0: port 1(bridge_slave_0) entered forwarding state
[  369.915272][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  369.930027][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  369.940694][ T8899] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  369.959702][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  369.983002][ T5221] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.990125][ T5221] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.030495][ T5221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  370.100852][T10474] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  370.164585][T10474] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  370.362921][ T3580] Bluetooth: hci1: command tx timeout
[  370.392255][T10645] loop1: detected capacity change from 0 to 1024
[  370.448189][T10645] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  370.458638][T10645] EXT4-fs (loop1): orphan cleanup on readonly fs
[  370.473248][T10645] EXT4-fs error (device loop1): __ext4_get_inode_loc:4495: comm syz-executor.1: Invalid inode table block 0 in block_group 0
[  370.503418][T10645] EXT4-fs (loop1): Remounting filesystem read-only
[  370.521219][T10645] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  370.550276][ T5213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  370.558442][T10645] EXT4-fs error (device loop1): ext4_quota_write:7172: inode #3: comm syz-executor.1: mark_inode_dirty error
[  370.590917][T10645] Quota error (device loop1): write_blk: dquota write failed
[  370.616338][ T5213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  370.633733][T10645] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  370.658025][T10645] EXT4-fs error (device loop1): ext4_acquire_dquot:6777: comm syz-executor.1: Failed to acquire dquot type 0
[  370.669832][ T5213] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  370.690623][T10645] EXT4-fs (loop1): 1 truncate cleaned up
[  370.696426][ T5213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  370.699526][ T5213] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  370.726372][   T26] audit: type=1800 audit(1718037407.357:1980): pid=10619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1957 res=0 errno=0
[  370.760667][ T5213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  370.780838][ T5213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  370.808912][ T5213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  370.827959][ T5213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  370.858652][T10645] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  370.860996][T10474] 8021q: adding VLAN 0 to HW filter on device batadv0
[  370.903531][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  370.912317][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  370.930651][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  370.948657][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  371.205095][   T26] audit: type=1804 audit(1718037407.837:1981): pid=10663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2591060657/syzkaller.bWpNxS/9/file0" dev="sda1" ino=1953 res=1 errno=0
[  371.263112][ T9873] EXT4-fs (loop1): unmounting filesystem.
[  371.561902][T10655] loop2: detected capacity change from 0 to 32768
[  371.612642][T10655] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10655)
[  371.662592][T10655] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  371.693019][T10655] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  371.707372][T10683] loop3: detected capacity change from 0 to 512
[  371.724642][T10655] BTRFS info (device loop2): using free space tree
[  371.744703][T10683] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  371.801013][T10683] EXT4-fs (loop3): 1 truncate cleaned up
[  371.807006][T10683] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  371.906129][T10683] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.3: corrupted in-inode xattr
[  371.923526][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  371.936931][T10683] EXT4-fs warning (device loop3): ext4_xattr_set_entry:1745: inode #15: comm syz-executor.3: unable to update i_inline_off
[  371.937419][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  371.974074][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  371.983691][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  371.993958][T10474] device veth0_vlan entered promiscuous mode
[  372.006142][T10474] device veth1_vlan entered promiscuous mode
[  372.015108][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  372.023198][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  372.032236][ T3612] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  372.048539][T10683] EXT4-fs error (device loop3): ext4_xattr_ibody_get:603: inode #15: comm syz-executor.3: corrupted in-inode xattr
[  372.088014][T10655] BTRFS info (device loop2): enabling ssd optimizations
[  372.154609][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  372.173649][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  372.189410][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  372.218705][T10474] device veth0_macvtap entered promiscuous mode
[  372.232232][ T8899] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  372.238377][T10474] device veth1_macvtap entered promiscuous mode
[  372.250860][ T8138] EXT4-fs (loop3): unmounting filesystem.
[  372.265108][T10681] loop1: detected capacity change from 0 to 32768
[  372.307520][T10474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.357993][T10474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.375455][T10474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.390968][T10474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.405276][T10474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.430449][T10474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.451048][ T3580] Bluetooth: hci1: command tx timeout
[  372.451074][T10474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.479853][T10474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.519510][T10474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.544332][T10474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.556567][T10474] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.566327][T10654] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  372.575553][T10654] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  372.585666][T10654] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  372.594622][T10654] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  372.605573][T10474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.642851][T10474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.662555][T10474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.682599][T10474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.712540][T10474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.732509][T10474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.745699][T10474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.756322][T10474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.767242][T10474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.778037][T10474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.789172][T10474] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.799828][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  372.808641][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  372.819140][T10474] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.828864][T10474] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.838883][T10474] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.850100][T10474] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.916682][ T9476] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  372.928424][ T9476] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.948738][ T4705] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  372.958483][ T4143] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  372.965920][ T4705] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.981868][T10654] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  373.678984][   T26] audit: type=1804 audit(1718037410.307:1982): pid=10714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3609242562/syzkaller.nyEe2a/60/file0" dev="sda1" ino=1952 res=1 errno=0
[  373.730838][T10718] loop3: detected capacity change from 0 to 256
[  373.772138][T10718] exfat: Deprecated parameter 'namecase'
[  373.843400][T10718] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[  374.058476][T10731] netlink: 'syz-executor.1': attribute type 30 has an invalid length.
[  374.163298][   T52] block nbd3: Attempted send on invalid socket
[  374.169536][   T52] I/O error, dev nbd3, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  374.180085][T10735] qnx6: unable to read the first superblock
[  374.230871][  T120] block nbd3: Attempted send on invalid socket
[  374.237202][  T120] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  374.246405][T10735] qnx6: unable to read the first superblock
[  374.254045][T10735] qnx6: unable to read the first superblock
[  374.503197][T10741] loop3: detected capacity change from 0 to 4096
[  374.528570][T10741] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  374.567426][T10741] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  374.673581][   T11] ntfs3: loop3: ntfs3_write_inode r=5 failed, -22.
[  374.773700][T10744] loop2: detected capacity change from 0 to 256
[  374.837457][ T4705] ntfs3: loop3: ntfs3_write_inode r=5 failed, -22.
[  374.856028][T10744] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  374.869048][ T8138] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[  375.562722][ T3580] Bluetooth: hci3: command 0x0406 tx timeout
[  375.669349][T10765] syz-executor.2: attempt to access beyond end of device
[  375.669349][T10765] loop2: rw=0, sector=291, nr_sectors = 1 limit=256
[  375.837111][   T26] audit: type=1326 audit(1718037412.467:1983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10772 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe2f927cf69 code=0x0
[  375.859836][    C0] vkms_vblank_simulate: vblank timer overrun
[  376.813186][T10796] loop3: detected capacity change from 0 to 256
[  377.073742][T10805] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  377.205747][ T4133] libceph: connect (1)[c::]:6789 error -101
[  377.221942][ T4133] libceph: mon0 (1)[c::]:6789 connect error
[  377.506641][ T4133] libceph: connect (1)[c::]:6789 error -101
[  377.507135][   T26] audit: type=1800 audit(1718037414.137:1984): pid=10824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1954 res=0 errno=0
[  377.513316][ T4133] libceph: mon0 (1)[c::]:6789 connect error
[  377.665935][T10828] xt_CT: You must specify a L4 protocol and not use inversions on it
[  378.380087][ T4133] libceph: connect (1)[c::]:6789 error -101
[  378.446065][T10812] ceph: No mds server is up or the cluster is laggy
[  378.446600][ T4133] libceph: mon0 (1)[c::]:6789 connect error
[  378.611016][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  378.617663][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  378.632516][T10836] loop3: detected capacity change from 0 to 256
[  379.024148][ T4133] IPv4: Oversized IP packet from 127.0.0.1
[  379.033990][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  379.041685][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  379.181762][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  385.179170][   T22] libceph: connect (1)[c::]:6789 error -101
[  385.185469][   T22] libceph: mon0 (1)[c::]:6789 connect error
[  385.446612][ T4133] libceph: connect (1)[c::]:6789 error -101
[  385.460299][ T4133] libceph: mon0 (1)[c::]:6789 connect error
[  385.708447][T10882] loop3: detected capacity change from 0 to 256
[  385.734207][T10882] FAT-fs (loop3): Directory bread(block 64) failed
[  385.740860][T10882] FAT-fs (loop3): Directory bread(block 65) failed
[  385.755300][T10882] FAT-fs (loop3): Directory bread(block 66) failed
[  385.761971][T10882] FAT-fs (loop3): Directory bread(block 67) failed
[  385.771965][T10882] FAT-fs (loop3): Directory bread(block 68) failed
[  385.782587][T10882] FAT-fs (loop3): Directory bread(block 69) failed
[  385.789601][T10882] FAT-fs (loop3): Directory bread(block 70) failed
[  385.804021][T10882] FAT-fs (loop3): Directory bread(block 71) failed
[  385.811268][T10882] FAT-fs (loop3): Directory bread(block 72) failed
[  385.823941][T10882] FAT-fs (loop3): Directory bread(block 73) failed
[  385.890056][ T4705] kworker/u4:12: attempt to access beyond end of device
[  385.890056][ T4705] loop3: rw=1, sector=1224, nr_sectors = 4 limit=256
[  386.032697][T10874] ceph: No mds server is up or the cluster is laggy
[  386.124328][ T4133] libceph: connect (1)[c::]:6789 error -101
[  386.130954][ T4133] libceph: mon0 (1)[c::]:6789 connect error
[  389.171390][   T26] audit: type=1326 audit(1718037425.797:1985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10900 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fccfb67cf69 code=0x0
[  393.097305][ T3580] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  393.114065][ T3580] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  393.124967][ T3580] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  393.142941][ T3580] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  393.153579][ T3580] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  393.160946][ T3580] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  395.243693][ T3580] Bluetooth: hci2: command tx timeout
[  397.322701][ T3580] Bluetooth: hci2: command tx timeout
[  399.402572][ T3580] Bluetooth: hci2: command tx timeout
[  401.482696][ T3580] Bluetooth: hci2: command tx timeout
[  408.963751][   T47] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  408.975628][   T47] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  408.984746][   T47] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  408.993243][   T47] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  409.000897][   T47] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  409.010291][   T47] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  409.112638][   T47] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  409.123977][   T47] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  409.132884][   T47] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  409.140675][   T47] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  409.150501][   T47] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  409.160151][   T47] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  409.486445][ T3583] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  409.502637][ T3583] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  409.512351][ T3583] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  409.520333][ T3583] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  409.529782][ T3583] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  409.537097][ T3583] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  411.082644][ T3583] Bluetooth: hci5: command tx timeout
[  411.250726][ T3583] Bluetooth: hci6: command tx timeout
[  411.402583][ T3583] Bluetooth: hci0: command 0x0406 tx timeout
[  411.562553][   T47] Bluetooth: hci7: command tx timeout
[  413.163997][   T47] Bluetooth: hci5: command tx timeout
[  413.322502][   T47] Bluetooth: hci6: command tx timeout
[  413.642489][   T47] Bluetooth: hci7: command tx timeout
[  415.242557][   T47] Bluetooth: hci5: command tx timeout
[  415.402545][   T47] Bluetooth: hci6: command tx timeout
[  415.723250][   T47] Bluetooth: hci7: command tx timeout
[  416.179921][ T3580] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  416.198543][ T3580] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  416.207985][ T3580] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  416.216030][ T3580] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  416.231403][ T3580] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  416.238787][ T3580] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  417.322549][   T47] Bluetooth: hci5: command tx timeout
[  417.482568][   T47] Bluetooth: hci6: command tx timeout
[  417.802575][   T47] Bluetooth: hci7: command tx timeout
[  418.282794][   T47] Bluetooth: hci8: command tx timeout
[  420.364510][   T47] Bluetooth: hci8: command tx timeout
[  422.442482][   T47] Bluetooth: hci8: command tx timeout
[  424.532527][   T47] Bluetooth: hci8: command tx timeout
[  440.046236][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  440.053497][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  458.391322][ T3583] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  458.404958][ T3583] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  458.418573][ T3583] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  458.426603][ T3583] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  458.439119][ T3583] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  458.447816][ T3583] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  460.522914][ T3583] Bluetooth: hci9: command tx timeout
[  462.602714][ T3583] Bluetooth: hci4: command 0x0406 tx timeout
[  462.608845][ T3583] Bluetooth: hci9: command tx timeout
[  464.682756][ T3583] Bluetooth: hci9: command tx timeout
[  466.762730][ T3583] Bluetooth: hci9: command tx timeout
[  474.112010][ T3580] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  474.125872][ T3580] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  474.136382][ T3580] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  474.148299][ T3580] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  474.155955][ T3580] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  474.165330][ T3580] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  474.260023][ T3580] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  474.273625][ T3580] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  474.282981][ T3580] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  474.291050][ T3580] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  474.300965][ T3580] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  474.308387][ T3580] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  474.453307][ T3583] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  474.466733][ T3583] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  474.476924][ T3583] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  474.484892][ T3583] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  474.493792][ T3583] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  474.501235][ T3583] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  476.202539][   T47] Bluetooth: hci10: command tx timeout
[  476.362738][   T47] Bluetooth: hci11: command tx timeout
[  476.522625][   T47] Bluetooth: hci12: command tx timeout
[  478.292538][   T47] Bluetooth: hci10: command tx timeout
[  478.442646][   T47] Bluetooth: hci11: command tx timeout
[  478.602491][   T47] Bluetooth: hci12: command tx timeout
[  480.362442][   T47] Bluetooth: hci10: command tx timeout
[  480.522736][   T47] Bluetooth: hci11: command tx timeout
[  480.682525][   T47] Bluetooth: hci12: command tx timeout
[  481.221638][ T3580] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  481.237552][ T3580] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  481.249373][ T3580] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  481.257408][ T3580] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  481.267153][ T3580] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  481.276823][ T3580] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  482.442568][ T3580] Bluetooth: hci10: command tx timeout
[  482.602653][   T47] Bluetooth: hci11: command tx timeout
[  482.762518][   T47] Bluetooth: hci12: command tx timeout
[  483.322568][   T47] Bluetooth: hci13: command tx timeout
[  485.402540][   T47] Bluetooth: hci13: command tx timeout
[  487.482595][   T47] Bluetooth: hci13: command tx timeout
[  488.202486][   T47] Bluetooth: hci1: command 0x0406 tx timeout
[  489.562657][   T47] Bluetooth: hci13: command tx timeout
[  501.484132][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  501.490484][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  518.930833][   T47] Bluetooth: hci2: command 0x0406 tx timeout
[  523.596522][ T3580] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  523.612643][ T3580] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  523.621998][ T3580] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  523.630071][ T3580] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  523.637860][ T3580] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  523.645925][ T3580] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  523.882730][   T27] INFO: task kworker/0:17:5224 blocked for more than 143 seconds.
[  523.891070][   T27]       Not tainted 6.1.92-syzkaller #0
[  523.896909][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  523.905622][   T27] task:kworker/0:17    state:D stack:24600 pid:5224  ppid:2      flags:0x00004000
[  523.914997][   T27] Workqueue: ipv6_addrconf addrconf_dad_work
[  523.921013][   T27] Call Trace:
[  523.924338][   T27]  <TASK>
[  523.927273][   T27]  __schedule+0x142d/0x4550
2024/06/10 16:39:20 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  523.931821][   T27]  ? __sched_text_start+0x8/0x8
[  523.961555][   T27]  ? print_irqtrace_events+0x210/0x210
[  523.967603][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  523.983169][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  523.989058][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  524.012511][   T27]  schedule+0xbf/0x180
[  524.016642][   T27]  schedule_preempt_disabled+0xf/0x20
[  524.022117][   T27]  __mutex_lock+0x6b9/0xd80
[  524.032497][   T27]  ? __mutex_lock+0x53c/0xd80
[  524.037229][   T27]  ? addrconf_dad_work+0xcc/0x16b0
[  524.052513][   T27]  ? mutex_lock_nested+0x10/0x10
[  524.057520][   T27]  addrconf_dad_work+0xcc/0x16b0
[  524.062544][   T27]  ? read_lock_is_recursive+0x10/0x10
[  524.067960][   T27]  ? ipv6_get_saddr_eval+0xe90/0xe90
[  524.073513][   T27]  ? print_irqtrace_events+0x210/0x210
[  524.079004][   T27]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  524.085831][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  524.091875][   T27]  ? process_one_work+0x7a9/0x11d0
[  524.097814][   T27]  process_one_work+0x8a9/0x11d0
[  524.102915][   T27]  ? worker_detach_from_pool+0x260/0x260
[  524.108568][   T27]  ? _raw_spin_lock_irqsave+0x120/0x120
[  524.114261][   T27]  ? kthread_data+0x4e/0xc0
[  524.118783][   T27]  ? wq_worker_running+0x97/0x190
[  524.142397][   T27]  worker_thread+0xa47/0x1200
[  524.147135][   T27]  ? __sched_text_start+0x8/0x8
[  524.152024][   T27]  kthread+0x28d/0x320
[  524.162107][   T27]  ? worker_clr_flags+0x190/0x190
[  524.167252][   T27]  ? kthread_blkcg+0xd0/0xd0
[  524.171859][   T27]  ret_from_fork+0x1f/0x30
[  524.182757][   T27]  </TASK>
[  524.185847][   T27] INFO: task syz-executor.1:10842 blocked for more than 143 seconds.
[  524.211291][   T27]       Not tainted 6.1.92-syzkaller #0
[  524.222196][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  524.237479][   T27] task:syz-executor.1  state:D stack:24712 pid:10842 ppid:9873   flags:0x00004006
[  524.247951][   T27] Call Trace:
[  524.251238][   T27]  <TASK>
[  524.259357][   T27]  __schedule+0x142d/0x4550
[  524.265104][   T27]  ? __mutex_lock+0x6b4/0xd80
[  524.269794][   T27]  ? __sched_text_start+0x8/0x8
[  524.279836][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  524.286531][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  524.291745][   T27]  schedule+0xbf/0x180
[  524.309213][   T27]  schedule_preempt_disabled+0xf/0x20
[  524.315339][   T27]  __mutex_lock+0x6b9/0xd80
[  524.319860][   T27]  ? __mutex_lock+0x53c/0xd80
[  524.330969][   T27]  ? ipv6_route_ioctl+0x4c1/0x7b0
[  524.336082][   T27]  ? mutex_lock_nested+0x10/0x10
[  524.341032][   T27]  ? bpf_lsm_capable+0x5/0x10
[  524.352274][   T27]  ? security_capable+0x86/0xb0
[  524.357358][   T27]  ? ipv6_route_ioctl+0x243/0x7b0
[  524.368680][   T27]  ipv6_route_ioctl+0x4c1/0x7b0
[  524.373845][   T27]  ? rt6_purge_dflt_routers+0xc00/0xc00
[  524.379427][   T27]  ? __might_fault+0xbd/0x110
[  524.390437][   T27]  inet6_ioctl+0x1e1/0x240
[  524.394978][   T27]  ? inet6_getname+0x6a0/0x6a0
[  524.401002][   T27]  ? tomoyo_path_number_perm+0x1f2/0x7f0
[  524.414311][   T27]  sock_do_ioctl+0x152/0x450
[