last executing test programs:

5.995203089s ago: executing program 2 (id=1404):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0xca)
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000340)=""/132, 0x84}], 0x1, 0x4, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r1, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000001c00), 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000500), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
connect$l2tp6(r1, &(0x7f0000000140)={0xa, 0x0, 0x516, @dev={0xfe, 0x80, '\x00', 0x28}, 0xff}, 0x20)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_TDLS_OPER(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x30, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}]}, 0x30}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r7=>0x0})
r8 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r8, &(0x7f00000001c0)={0x1d, r7, 0x3, {0x2, 0xff, 0x1}}, 0x18)
close(r3)
ioctl$SNDCTL_DSP_GETCAPS(r2, 0xc0045009, &(0x7f0000000040))

4.500105461s ago: executing program 2 (id=1407):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x65, 0x81, 0xe6, 0x20, 0x856, 0xbc01, 0xe5a5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa9, 0x1a, 0xb4}}]}}]}}, 0x0)

3.392206532s ago: executing program 3 (id=1416):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, &(0x7f0000001e40), 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x90020, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@fscache}], [{@obj_type={'obj_type', 0x3d, '/dev/full\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x6}}, {@audit}, {@permit_directio}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@measure}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@obj_role={'obj_role', 0x3d, '-'}}, {@dont_hash}]}})
syz_usb_connect(0x0, 0x24, &(0x7f0000000840)={{0x12, 0x1, 0x0, 0xbf, 0xf8, 0x57, 0x20, 0x5ac, 0x254, 0xca76, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x80, 0x2}}]}}]}}, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
fdatasync(r2)
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100020000001032151d0140000102030109020109600709930a17ac1e88f9d20921"], 0x0)

3.302703579s ago: executing program 1 (id=1417):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x204410, &(0x7f0000000740), 0xfe, 0x4a1, &(0x7f00000001c0)="$eJzs3M1vVFUbAPDn3mnLN+3Li6h8SBWNjR8tLags3Gh0p4mJLnBjUttCKgM1tCRCiFZjcGlI3BvdGKJ/gSvdGHVl4lb3hoQoMQFdmDF35t4yU2ZKW6YdcH6/5JZz5p7pOc+ce+499x6mAXStwexHErE1In6JiP5atrHAYO2f61fPT/x19fxEEpXKq78n1XLXrp6fKIoW79uSZ4bSiPTDJK+k0ezZcyfGy+Wp03l+ZO7k2yOzZ889OX1y/PjU8alTY0eOHD40+szTY0+1Jc4srmu7353Zm/S8fvHliaMX3/zhqzQidu2r7a+P47akWxaSg1ngf1SqFhd7pC2V3Tm21aWTng42hBUpRUTWXb3V8d8fpbjRef3x4gcdbRywprJr04bWu+crwH9YEp1uAdAZxYU+u/8ttnWaetwRrjxXuwHK4r6eb7U9PZHmZXrXsP77IuLo/N+fZlvk/fDP1jWsEADoet9k858nms3/0thVV257voYyEBH/i4gdEfH/iNgZEfdEVMvem89nVqK2NFRayN88/0wvrzq4Zcjmf8/ma1uN879i9hcDpTy3rRp/b3Jsujx1MP9MhqJ3Q5YfXaKOb1/4+eNW+wbr5n/ZltVfzAXzdlzuWfSAbnJ8brxdk9Ir70fs7mkWf7KwEpBExP0RsXtlv3p7kZh+7NLeVoVuHf8S2rDOVPks4tFa/8/HovgLydLrkyMbozx1cKQ4Km72408XXmle+8bbi78Nsv7f3Hj8LyrR/2dSv147u/I6Lvz6Uct7ytUe/33Ja9Ux2Ze/9s743Nzp0Yi+5KVqvuH1sRvvLfJF+Sz+oQPNx/+O/D1Z/HsiIjuI90XEAxGxP2/7gxHxUEQcWCL+759/+K0VxT+9vv0/2fT8t3D8DzT2/8oTpRPffd2q/jz+4mTbov8PV1ND+SvV898ttG5OlKciKpVVH80AAABw98luvLdGkg4vpNN0eLj2f/h3xua0PDM79/ixmTOnJmvfERiI3rR40tWfPw/N7rZHk/n8N9aej47lz4qL56WH8ufGn5Q2VfPDEzPlyQ7HDt1uS4vxn/mt1OnWAWvO97Wgey0e/2mH2gGsP9d/6F7GP3Qv4x+6V934//LMhT3VxHvVn/sXdjRdC1jiL4cAd4dF1/9Ln3eqIcC6M/+H7mX8Q/cy/qEr3c73+juT2JS3/FaF+zrf1NUlvuidLWXx1e1KeiI637DGRKRLlXkjmu8ajIg1aljcER9LuxPJMg715SaOHc+HznIKd/KsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0D7/BgAA//9ajd4t")
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open$dir(&(0x7f0000000240)='.\x00', 0x0, 0x0)
renameat(r0, &(0x7f0000000400)='./file0\x00', r0, &(0x7f0000000440)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
open(0x0, 0x0, 0x0)
unlink(&(0x7f0000000140)='./file1\x00')
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000)

2.732092516s ago: executing program 1 (id=1422):
memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002300)=ANY=[@ANYBLOB="b702000000001700bfa300000000000007030000f0ffffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee2922bd165a5a68488e010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7f22b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d74bf0a305790c9d644735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f535447cc0facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf00000048d2570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f09f4db033e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e7f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754d98b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8cf632c2604eab3a62a28611da1cae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412e1bdebae06edb51a134301b4627d4927287daf9dcae6720334862f3a18094f1edd9e3503379815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2f09e99f4ab5546ba1e5ad6a329f24e73a9c38eec34bd4dcc1609f6150e2de72f6599a2310c3841f4bb7f39cabc82c9fdfff5587ed4fa84090635fa3445c4cc54478b2f98320944ac7cb1c4e414556f7b0b763a00a84327cec7e11b3470f0384b27bbfdd8b2472497e7fe8c5df7e0a00641872472efa21c9ad3979e642dcc85c17ca8e084aa9689b83426e2fdaa01f500000000000000000000f9fd84fa991466ff749afe900d02281b2bb60d458340c4f68ec34835760ceca945bf181a000000c000000000b4a76515564ae189de7c1765f0ff68a0388ca8dd2aa831d0e01f0d7ce74401a58cef60e63e97a50c18de54121ce66380224ab7b9c0d4710f2347bad2c9b3e41cc738c1092728687f33e5cdb077223dc82c2137b4e3ba6791a2cd764e654f904c9505b7c5e3b2897072e747534952dcda50cde3e4deb6ebf85a04c3e415112b01eed6515c845a8a20519cd21787d560e9d8283fa8ff0c17b63ba06577c26678ff45420a1f85df47dbfc44e534f71aae5693fb5df61c5096219091ce0cd8e1e2e79bf9d37779e52007c66a00e6ded1499ed3892ed1544d1577906b52e16c734d4aec07dd15faa768c97298be87dd34ce704ffe3da8b46708cf972de4f31c0705ac933db80bdcfcb35c0d4620d4ec270ff7c9ce1b78994dd2b28b9d1c5c469d4c1a61781dce2f1b54d6138bd3f7df9e9ca613bec407c1b8d1bd0c7cb9d76eebf2f17c"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r0, 0xe9, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)

2.504821284s ago: executing program 2 (id=1426):
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @random="020200000100"})
socket(0x2, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'})

2.396657543s ago: executing program 2 (id=1428):
syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x92, @time={0x7665642f, 0xfdfdffff}})

2.358104876s ago: executing program 1 (id=1430):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ptrace$ARCH_GET_CPUID(0x1e, 0x0, 0x0, 0x1011)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@bloom_filter={0x1e, 0x8415, 0x4, 0x9, 0x1085, 0xffffffffffffffff, 0xae1b, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x40000005, 0x4, 0x8}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x40000, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffccb, 0x0, 0x0, 0xffffffffffffffa2, 0x0, 0x0, 0x0}, 0x90)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000008000002000040000000eccd"])
bind$pptp(r6, &(0x7f0000000180)={0x18, 0x2, {0x3, @broadcast}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
syz_emit_ethernet(0x3e, 0x0, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
socket$key(0xf, 0x3, 0x2)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@updsa={0x104, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in=@loopback}, {@in=@local, 0x0, 0x2b}, @in=@private, {}, {}, {}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x42}, [@coaddr={0x14, 0xe, @in6=@private0}]}, 0x104}}, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00060000000000120000f1850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x727}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x100)

1.293151164s ago: executing program 0 (id=1433):
mq_open(0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
add_key$user(0x0, 0x0, &(0x7f0000000000)='\x00', 0x1, 0xfffffffffffffffe)
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_G_STD(r0, 0x80085617, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000000000)=""/95, 0x5f}], 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_open_dev$sg(&(0x7f0000000140), 0x7, 0x1)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f000021b000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_MSRS(r4, 0x4048aecb, &(0x7f0000000040)=ANY=[])
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.197606062s ago: executing program 2 (id=1434):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000040)='source', &(0x7f0000000740)='//\xf2b\x06\b\xba\xdfXo\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b/Q9\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\\\x14///\xff\xea\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\xe5\xa8Q\xc9\xe75Q\xea\xd8\xa2=F\x9b\x8f\x8d\xfc\' {e\x949X\xda\xe8H\x1a\x85\xd7%\x93?w}\xfb\xd9t\xea\xbb\xbe\x9b\\\xd7\xd7\xd4\xe2\xd6c(`(r\xd2\xb1G\xe3\xda&\xca\xaa\xba\v\xc5\xa3H\xb1\x11G\xab\xa2\x1f\xa0\xc3\xd9\xcd\xfb\x1a,\x13S\xf1\xfe\xe5F\xf4\xfb\xc8|\x89\x0fNq\x97J\xb9J\x88S\xc5\xb8\x12\x93\xbe\xb9b\xc7\xbc\x03\x03.E\xab\x82\x1c\xbc1\x9d\x14\xfa\x1f\xdd\x1e*\x03`\x91\xe8x\x0f\x05\x1e\xf5\xbfNo\xd4\x0f]S\x85\x89@\xa9f\x05\xfe\x9fkM\xa5\xf6\xc2\x04\xbf\xc7', 0x0)

1.178191713s ago: executing program 1 (id=1435):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @local, 0x3}], 0x1c)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), 0x4)
recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)

1.014838907s ago: executing program 2 (id=1436):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x65, 0x81, 0xe6, 0x20, 0x856, 0xbc01, 0xe5a5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa9, 0x1a, 0xb4}}]}}]}}, 0x0)

984.211169ms ago: executing program 4 (id=1437):
socket$nl_crypto(0x10, 0x3, 0x15)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}}}, 0x24}}, 0x0)

825.288342ms ago: executing program 0 (id=1438):
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @random="020200000100"})
socket(0x2, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'})

824.863702ms ago: executing program 4 (id=1439):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4c}, [@ldst={0x6, 0x0, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)

751.180278ms ago: executing program 4 (id=1440):
memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002300)=ANY=[@ANYBLOB="b702000000001700bfa300000000000007030000f0ffffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee2922bd165a5a68488e010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7f22b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d74bf0a305790c9d644735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f535447cc0facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf00000048d2570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f09f4db033e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e7f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754d98b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8cf632c2604eab3a62a28611da1cae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412e1bdebae06edb51a134301b4627d4927287daf9dcae6720334862f3a18094f1edd9e3503379815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2f09e99f4ab5546ba1e5ad6a329f24e73a9c38eec34bd4dcc1609f6150e2de72f6599a2310c3841f4bb7f39cabc82c9fdfff5587ed4fa84090635fa3445c4cc54478b2f98320944ac7cb1c4e414556f7b0b763a00a84327cec7e11b3470f0384b27bbfdd8b2472497e7fe8c5df7e0a00641872472efa21c9ad3979e642dcc85c17ca8e084aa9689b83426e2fdaa01f500000000000000000000f9fd84fa991466ff749afe900d02281b2bb60d458340c4f68ec34835760ceca945bf181a000000c000000000b4a76515564ae189de7c1765f0ff68a0388ca8dd2aa831d0e01f0d7ce74401a58cef60e63e97a50c18de54121ce66380224ab7b9c0d4710f2347bad2c9b3e41cc738c1092728687f33e5cdb077223dc82c2137b4e3ba6791a2cd764e654f904c9505b7c5e3b2897072e747534952dcda50cde3e4deb6ebf85a04c3e415112b01eed6515c845a8a20519cd21787d560e9d8283fa8ff0c17b63ba06577c26678ff45420a1f85df47dbfc44e534f71aae5693fb5df61c5096219091ce0cd8e1e2e79bf9d37779e52007c66a00e6ded1499ed3892ed1544d1577906b52e16c734d4aec07dd15faa768c97298be87dd34ce704ffe3da8b46708cf972de4f31c0705ac933db80bdcfcb35c0d4620d4ec270ff7c9ce1b78994dd2b28b9d1c5c469d4c1a61781dce2f1b54d6138bd3f7df9e9ca613bec407c1b8d1bd0c7cb9d76eebf2f17c"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r0, 0xe9, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)

737.22177ms ago: executing program 0 (id=1441):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xb}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)

633.383778ms ago: executing program 0 (id=1442):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001cc0), 0x123000, 0x0)
fcntl$setstatus(r0, 0x4, 0x0)

626.578218ms ago: executing program 4 (id=1443):
io_setup(0x7, &(0x7f00000000c0)=<r0=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_timeval(r2, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
io_submit(r0, 0x2, &(0x7f0000000080)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r2, &(0x7f0000002940)="02", 0x1}, &(0x7f0000000140)={0x0, 0x0, 0x2, 0x0, 0x0, r1, 0x0, 0x0, 0x96d4}])
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)

602.503121ms ago: executing program 0 (id=1444):
syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x92, @time={0x7665642f, 0xfdfdffff}})

486.19846ms ago: executing program 3 (id=1445):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8}, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x3}, @func_proto={0x2, 0x0, 0x0, 0x8, 0x2}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x38}, 0x20)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)={0xa8, r2, 0x5, 0x4, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x6a, 0xe, {{{}, {}, @broadcast, @device_b}, 0x0, @random=0xfffe, 0x0, @void, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6, {0x0, 0x0, 0x12}}}}, @NL80211_ATTR_FTM_RESPONDER={0x10, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x5, 0x3, '\n'}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0xa8}}, 0x0)
socket(0x10, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = socket$netlink(0x10, 0x3, 0x9)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xe, &(0x7f0000001780)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1c, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000000)={0xfffffffc}, 0x8, 0x10, &(0x7f0000000880)={0x3, 0xc}, 0x10, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r5, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
setsockopt$netlink_NETLINK_RX_RING(r4, 0x10e, 0x6, &(0x7f0000000140)={0x7, 0x5, 0xffffff00, 0x1}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={{0x14, 0x3ec}, [@NFT_MSG_DELRULE={0x34, 0x8, 0xa, 0x101, 0x0, 0x0, {0xb, 0x0, 0x4}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x1}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x8834}]}, @NFT_MSG_DELOBJ={0x74, 0x14, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_OBJ_USERDATA={0x15, 0x8, "b4312e45d3c8ac35ad4c3add50e2e856b6"}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TYPE={0x8}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0xa}}, @NFT_MSG_NEWCHAIN={0x58, 0x3, 0xa, 0x0, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffd}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x2}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffe}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_ID={0x8}]}, @NFT_MSG_DELRULE={0xec, 0x8, 0xa, 0x0, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}, @NFTA_RULE_COMPAT={0x4c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x73}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x1d}, @NFTA_RULE_COMPAT_FLAGS={0x8}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x1a}, @NFTA_RULE_COMPAT_FLAGS={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x86dd}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x88f7}]}, @NFTA_RULE_EXPRESSIONS={0x78, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @reject={{0xb}, @void}}, {0x64, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0x17}, @NFTA_HASH_SEED={0x8, 0x5, 0x1, 0x0, 0x200}, @NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0x9}, @NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0xfff}, @NFTA_HASH_OFFSET={0x8}, @NFTA_HASH_TYPE={0x8}]}}}]}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x0, 0x0, 0x0, {0x3, 0x0, 0x2}, @NFT_OBJECT_SECMARK=@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}}], {0x14, 0x3f6}}, 0x248}}, 0x0)

389.639788ms ago: executing program 3 (id=1446):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_ADDR_MAX={0x8, 0x4, 0x1, 0x0, 0x10}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NAT_TYPE={0x8}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_NAT_FLAGS={0x8}, @NFTA_NAT_REG_PROTO_MIN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xe0}}, 0x0)

389.011418ms ago: executing program 4 (id=1447):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@enum={0x3}]}, {0x0, [0x0, 0x0, 0x61, 0x30, 0x61]}}, &(0x7f00000000c0)=""/195, 0x2b, 0xc3, 0x1}, 0x20)

304.119365ms ago: executing program 0 (id=1448):
mq_open(0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
add_key$user(0x0, 0x0, &(0x7f0000000000)='\x00', 0x1, 0xfffffffffffffffe)
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_G_STD(r0, 0x80085617, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000000000)=""/95, 0x5f}], 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_open_dev$sg(&(0x7f0000000140), 0x7, 0x1)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f000021b000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_MSRS(r4, 0x4048aecb, &(0x7f0000000040)=ANY=[])
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

291.702926ms ago: executing program 4 (id=1449):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e24, @empty}}, 0x0, 0x0, 0x3f8, 0x7, 0x32}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYRESHEX])
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000300)}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000b80)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f93076aea55ed9cf12512ce3ac3df331695024bd1e53369a87caf6894fce811a64dad315402678de76", 0x390}, {&(0x7f00000003c0)="439e9c06fc666cabc8569d63a866b31ff3ceda1e28f23f455e96a02001fc3fb089ed9e5234", 0x25}], 0x2}}], 0x2, 0x0)
syz_mount_image$bfs(&(0x7f0000000240), &(0x7f0000000100)='./bus\x00', 0x8008, &(0x7f0000000540)=ANY=[@ANYRES8, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRES16=0x0, @ANYBLOB="55c1de2549c3a4f6759cb31bb9d1bd4101a54bc793e5686cdf9754f5bccb2983952601786941b6e16e495c80a4da560db82c5709a199649ffc2da3776eafea87", @ANYRESDEC, @ANYRES64, @ANYRESDEC, @ANYRES16, @ANYRES16=0x0], 0x1, 0xab, &(0x7f0000000140)="$eJzszr9Kw1AYBfBj/JOsLiI4OGfxjRzEURdxUgTfQHyRvkofIXvHrF1uIU0g0LEQSvn9hss9934fnPV29fDfJuU3Ke39x6aUUp6vMvj6fnt5/xzOcJaqJHWSJsnj7T5PLsb/rv957frLw+WbvyWrAgAAR6ryNEvXScr4UM/H7qZLs1w1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJOwCwAA///9FBdp")
creat(0x0, 0x0)
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f0000000040)=[{}], 0x1})

282.279356ms ago: executing program 3 (id=1450):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4c}, [@ldst={0x6, 0x0, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)

255.516049ms ago: executing program 1 (id=1451):
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500))
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo\x00')
fchdir(r0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)

129.633579ms ago: executing program 1 (id=1452):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000001240)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@nolazytime}, {@noinit_itable}]}, 0x8, 0x60b, &(0x7f0000001b40)="$eJzs3c9vFGUfAPDvTH/Svu/bQt6oeJAmxkCitLSAIcZEejcEf/wDlRZCKJS0NbFIQkn0aLx4MPHkQfwvlMSb8eDVgxdPhoQYw0EMkTWznSnb7e7SX9sp3c8nWTrPzHaeZ5Z++33m6TMzAXSskeyfNOJwRFxPIoZqtnVHvnFk5X0P/rx5IXslUam890cSN28ly7X7SvKvg/k3/zMUyc9pxKGu9fUuLN24MjU7OzOfl8cWr14fW1i6cfzy1alLM5dmrk28PnHm9KnTZ8ZPbOv4ehqs++arR8n4t7+eS+JsPM7blh1X/fv6tlVz9pmNRGXFw9r12ed6Zpv73iv+Gip+Tp5I6lewZ13M4zaLk+djKLpq/jeH4tN3Sm0c0FaVJIocBXScpEn8/zjZ6jdDf9vaA+yWoh9QnNs3Og9eL21zrwTYDfcnVwakVmK/JyKK+O9eGRuM/urYwMCDZM04TxIR2xuZW5HV8dMP5z7JXtFkHA5oj+XbxSh3ff5PqrE5HP3V0sCDdG38L1cqad4TyNa/u8X6R+rK4h92z/LtiHghz/+9seH4T/PYLeL/gy3WL/4BAAAAAABg59ydjIjXGs3/S1fn//Q2mP8zGBFnd6D+p//9L72XLyQ7UB1Q4/5kxJsN5/+uzvEd7spL/63OB+hJLl6enTkREf+LiGPR05eVx+v2WztD+Phnh75sVn/t/L/sldVfzAXM93Svu+5C3OmpxantHjcQcf92xIvV+b9H8jVr5/9k+T9pkP+z+L6+wToOvXLnfLNtT49/oF0qX0ccbZj/n3S3k9b35xir9gfGil7Bei99/Pl3zeoX/1CeLP8PtI7/vqT2fj0Lm9t/b0ScXOquNNu+1f5/b/J+V7H/zEdTi4vz4xG9ydvr109srs2wXxXxUMRLFv/HXm49/rfa/6+JwwMRsbzBOp97PPhbs23yP5Qni//p1vl/eG3+3/zCxJ3h75vVf35D+f9UNacfy9cY/4Na6+/HsdEALaW5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCMSyPiP5Gko6vLaTo6GjEYEf+PgXR2bmHx1YtzH16bzrZVn/+fFk/6HVopJ8Xz/4dryhN15ZMRcTAivug6UC2PXpibnS774AEAAAAAAAAAAAAAAAAAAGCPGKxe81/pq7/+P/N7V9mtA9quO/8q3qHzdG/5Oyt9O9oQYNdtPf6BZ1h2zr+J+O9pZ1uAEjSP/4ePKlW72hxgF+n/Q+faYvz7cwHsA/I/dKoNjun1t7sdQBnkfwAAAAAA2FcOHrn7SxIRy28cqL4yvfk2k/1hf0vLbgBQGnN4oXN1z5XdAqAszvGBZHXp74YX+zef/Z+0p0EAAAAAAAAAAAAAwDpHD7v+HzpV6+v/ze2H/azF9f+Ngt/tAmAfaf7oD7kf9jvn+MDTsr3r/wEAAAAAAAAAAABgD+i/cWVqdnZmfmHp2Vt4a280Y3MLy1N7ohmbWKjcimj9nsftqb0nIvbKhzC/kLVmt+oqbsFR4iGX/HsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY9W8AAAD//yF2IgQ=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000002280)=""/4079, 0xfef)
getdents64(r0, 0x0, 0x0)

129.168799ms ago: executing program 3 (id=1453):
r0 = syz_open_dev$swradio(&(0x7f0000000440), 0x0, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000340)={0xb, @sdr})

0s ago: executing program 3 (id=1454):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001cc0), 0x123000, 0x0)
fcntl$setstatus(r0, 0x4, 0x0)

kernel console output (not intermixed with test programs):

xx-2.14.0 probing 046d:0870
[  250.246345][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  250.274525][ T7108] device veth1_vlan entered promiscuous mode
[  250.290247][ T7176] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  250.313935][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  250.340543][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  250.358796][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  250.383011][ T7176] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  250.419032][ T7176] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  250.449355][ T6054] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  250.466636][ T7108] device veth0_macvtap entered promiscuous mode
[  250.499274][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  250.512465][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  250.542761][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  250.583618][ T7108] device veth1_macvtap entered promiscuous mode
[  250.606738][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  250.626658][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  250.689469][ T6870] handle_bad_sector: 24198 callbacks suppressed
[  250.689491][ T6870] attempt to access beyond end of device
[  250.689491][ T6870] loop4: rw=0, want=57944, limit=40427
[  250.715310][ T7108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.738453][ T7108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.751896][ T6870] attempt to access beyond end of device
[  250.751896][ T6870] loop4: rw=0, want=57952, limit=40427
[  250.763346][ T6054] usb 5-1: Using ep0 maxpacket: 16
[  250.783601][ T7108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.789232][ T6870] attempt to access beyond end of device
[  250.789232][ T6870] loop4: rw=0, want=57960, limit=40427
[  250.804710][ T7108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.825310][ T7108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.826908][ T6870] attempt to access beyond end of device
[  250.826908][ T6870] loop4: rw=0, want=57968, limit=40427
[  250.856278][ T7108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.856747][ T6870] attempt to access beyond end of device
[  250.856747][ T6870] loop4: rw=0, want=57976, limit=40427
[  250.886904][ T6870] attempt to access beyond end of device
[  250.886904][ T6870] loop4: rw=0, want=57984, limit=40427
[  250.894885][ T7108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.909078][ T6870] attempt to access beyond end of device
[  250.909078][ T6870] loop4: rw=0, want=57992, limit=40427
[  250.920379][ T6054] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.946972][ T6054] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.967168][ T6870] attempt to access beyond end of device
[  250.967168][ T6870] loop4: rw=0, want=58000, limit=40427
[  250.969155][ T7108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.986346][ T6054] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  251.001902][ T6870] attempt to access beyond end of device
[  251.001902][ T6870] loop4: rw=0, want=58008, limit=40427
[  251.013446][ T6054] usb 5-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  251.033627][ T6054] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.034267][ T7108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.045182][ T6870] attempt to access beyond end of device
[  251.045182][ T6870] loop4: rw=0, want=58016, limit=40427
[  251.082905][ T6054] usb 5-1: config 0 descriptor??
[  251.108567][ T7108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.165061][ T7108] batman_adv: batadv0: Interface activated: batadv_slave_0
[  251.179713][ T3561] usb 3-1: USB disconnect, device number 8
[  251.222895][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  251.241271][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  251.269441][ T7108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.287772][ T7108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.308852][ T7108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.328120][ T7108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.349192][ T7108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.377389][ T7108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.397568][ T7108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.418577][ T7108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.441618][ T7108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.458603][ T7108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.578876][ T7108] batman_adv: batadv0: Interface activated: batadv_slave_1
[  251.604629][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  251.634051][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  252.115678][ T7108] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.291076][ T7108] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.490824][ T7108] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.510999][ T7108] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.739145][ T7176] 8021q: adding VLAN 0 to HW filter on device bond0
[  252.826191][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  252.841089][ T3885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  252.886505][ T7176] 8021q: adding VLAN 0 to HW filter on device team0
[  252.922563][ T1235] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.957410][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  252.969650][ T1235] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.974242][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  253.009699][ T4546] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.016958][ T4546] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.084136][ T6058] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  253.094522][ T6058] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  253.122888][ T6058] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  253.148409][ T6058] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  253.176724][ T6058] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.183913][ T6058] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.244664][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  253.262638][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  253.294230][ T4160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.306421][ T6057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  253.329878][ T4160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.339289][ T6057] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  253.364204][ T6057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  253.404456][ T6057] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  253.458751][ T6058] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  253.474823][ T6058] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  253.581136][ T6058] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  253.589946][ T6058] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  253.603917][ T7176] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  253.631027][ T7176] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  253.669131][ T6054] usbhid 5-1:0.0: can't add hid device: -71
[  253.675152][ T6054] usbhid: probe of 5-1:0.0 failed with error -71
[  253.707297][ T6056] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  253.726676][ T6056] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  253.737727][ T6054] usb 5-1: USB disconnect, device number 5
[  255.414511][ T7432] loop2: detected capacity change from 0 to 256
[  255.552030][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  255.558541][ T1376] ieee802154 phy1 wpan1: encryption failed: -22
[  255.650129][ T7432] exfat: Unknown parameter ''
[  255.720751][ T6870] handle_bad_sector: 6828 callbacks suppressed
[  255.720770][ T6870] attempt to access beyond end of device
[  255.720770][ T6870] loop4: rw=524288, want=57352, limit=40427
[  255.819625][ T7432] loop2: detected capacity change from 0 to 2048
[  255.835644][ T6870] attempt to access beyond end of device
[  255.835644][ T6870] loop4: rw=524288, want=57360, limit=40427
[  255.858564][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  255.866643][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  255.895313][ T7176] 8021q: adding VLAN 0 to HW filter on device batadv0
[  255.925367][ T6870] attempt to access beyond end of device
[  255.925367][ T6870] loop4: rw=524288, want=57368, limit=40427
[  255.961362][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  255.983753][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  256.002068][ T6870] attempt to access beyond end of device
[  256.002068][ T6870] loop4: rw=524288, want=57376, limit=40427
[  256.058189][ T7176] device veth0_vlan entered promiscuous mode
[  256.091357][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  256.102676][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  256.116156][ T6870] attempt to access beyond end of device
[  256.116156][ T6870] loop4: rw=524288, want=57384, limit=40427
[  256.131285][ T7176] device veth1_vlan entered promiscuous mode
[  256.148103][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  256.167539][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  256.184618][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  256.199113][ T6870] attempt to access beyond end of device
[  256.199113][ T6870] loop4: rw=524288, want=57392, limit=40427
[  256.320582][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  256.340573][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  256.349430][ T6870] attempt to access beyond end of device
[  256.349430][ T6870] loop4: rw=524288, want=57400, limit=40427
[  256.401334][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  256.482563][ T7176] device veth0_macvtap entered promiscuous mode
[  256.520189][ T6870] attempt to access beyond end of device
[  256.520189][ T6870] loop4: rw=524288, want=57408, limit=40427
[  256.620732][   T26] audit: type=1326 audit(1721659779.656:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5276dde99 code=0x7ffc0000
[  256.877812][ T7176] device veth1_macvtap entered promiscuous mode
[  256.942474][ T6870] attempt to access beyond end of device
[  256.942474][ T6870] loop4: rw=524288, want=57416, limit=40427
[  257.007365][   T26] audit: type=1326 audit(1721659779.656:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5276dde99 code=0x7ffc0000
[  257.186872][ T6870] attempt to access beyond end of device
[  257.186872][ T6870] loop4: rw=524288, want=57424, limit=40427
[  257.211204][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.294545][   T26] audit: type=1326 audit(1721659779.656:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fe5276dde99 code=0x7ffc0000
[  257.327312][   T26] audit: type=1326 audit(1721659779.656:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5276dde99 code=0x7ffc0000
[  257.354952][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.380970][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.417081][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.440357][   T26] audit: type=1326 audit(1721659779.656:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5276dde99 code=0x7ffc0000
[  257.509825][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.545243][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.558447][   T26] audit: type=1326 audit(1721659779.666:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe5276dde99 code=0x7ffc0000
[  257.594528][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.631508][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.651856][   T26] audit: type=1326 audit(1721659779.666:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5276dde99 code=0x7ffc0000
[  257.678986][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.718978][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.754722][   T26] audit: type=1326 audit(1721659779.666:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5276dde99 code=0x7ffc0000
[  257.787347][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.806439][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.826697][   T26] audit: type=1326 audit(1721659779.666:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fe5276dde99 code=0x7ffc0000
[  257.854908][ T7176] batman_adv: batadv0: Interface activated: batadv_slave_0
[  257.873955][ T6056] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  257.889455][ T6056] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  257.897796][ T6056] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  257.916384][   T26] audit: type=1326 audit(1721659779.666:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7450 comm="syz.0.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  257.956901][ T6056] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  258.013153][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.038804][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.068982][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.114442][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.176010][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.260535][ T7495] netlink: 40 bytes leftover after parsing attributes in process `syz.4.997'.
[  258.549964][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.822434][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  259.008402][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.018366][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  259.051409][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.081852][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  259.118972][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.168742][ T7176] batman_adv: batadv0: Interface activated: batadv_slave_1
[  259.304071][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  259.319851][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  259.348837][ T7176] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.377433][ T7176] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.416682][ T7176] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.441482][ T7176] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.711397][ T3585] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.744377][ T3585] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.786195][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  259.823447][ T7038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.842681][ T7038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.986732][ T7491] loop2: detected capacity change from 0 to 32768
[  260.140980][ T7491] XFS (loop2): Mounting V5 Filesystem
[  260.227486][ T7491] XFS (loop2): Ending clean mount
[  260.365896][ T6733] XFS (loop2): Unmounting Filesystem
[  260.467544][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  260.769106][ T6870] handle_bad_sector: 5738 callbacks suppressed
[  260.769125][ T6870] attempt to access beyond end of device
[  260.769125][ T6870] loop4: rw=524288, want=58280, limit=40427
[  260.987914][ T6870] attempt to access beyond end of device
[  260.987914][ T6870] loop4: rw=524288, want=58288, limit=40427
[  261.171997][ T6870] attempt to access beyond end of device
[  261.171997][ T6870] loop4: rw=524288, want=58296, limit=40427
[  261.809093][ T6870] attempt to access beyond end of device
[  261.809093][ T6870] loop4: rw=524288, want=58304, limit=40427
[  261.911334][ T6870] attempt to access beyond end of device
[  261.911334][ T6870] loop4: rw=524288, want=58312, limit=40427
[  261.924725][ T6870] attempt to access beyond end of device
[  261.924725][ T6870] loop4: rw=524288, want=58320, limit=40427
[  261.937394][ T6870] attempt to access beyond end of device
[  261.937394][ T6870] loop4: rw=524288, want=58328, limit=40427
[  261.951407][ T6870] attempt to access beyond end of device
[  261.951407][ T6870] loop4: rw=524288, want=58336, limit=40427
[  261.965305][ T6870] attempt to access beyond end of device
[  261.965305][ T6870] loop4: rw=524288, want=58344, limit=40427
[  261.976026][ T7511] loop1: detected capacity change from 0 to 32768
[  261.977446][ T6870] attempt to access beyond end of device
[  261.977446][ T6870] loop4: rw=524288, want=58352, limit=40427
[  262.229067][ T3891] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  262.629142][ T3891] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  262.643741][ T7511] XFS (loop1): Mounting V5 Filesystem
[  262.653963][ T3891] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.694589][ T3891] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.725002][ T3891] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  262.880751][ T3891] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  262.901288][ T3891] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  262.917129][ T3891] usb 5-1: Manufacturer: syz
[  262.928315][ T3891] usb 5-1: config 0 descriptor??
[  263.271063][ T7511] XFS (loop1): Ending clean mount
[  263.293223][ T7511] XFS (loop1): Quotacheck needed: Please wait.
[  263.482084][ T3891] appleir 0003:05AC:8243.0006: item fetching failed at offset 0/1
[  263.518616][ T3891] appleir 0003:05AC:8243.0006: parse failed
[  263.547618][ T3891] appleir: probe of 0003:05AC:8243.0006 failed with error -22
[  263.650306][ T7511] XFS (loop1): Quotacheck: Done.
[  263.716669][ T7108] XFS (loop1): Unmounting Filesystem
[  264.747207][ T7571] loop2: detected capacity change from 0 to 40427
[  265.243310][ T7571] F2FS-fs (loop2): Invalid log sectors per block(3) log sectorsize(10)
[  265.442892][ T7571] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  265.579156][ T7571] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-4)
[  265.648027][ T7653] loop1: detected capacity change from 0 to 128
[  265.890173][ T6870] handle_bad_sector: 1768 callbacks suppressed
[  265.890192][ T6870] attempt to access beyond end of device
[  265.890192][ T6870] loop4: rw=0, want=58168, limit=40427
[  265.948884][ T6870] attempt to access beyond end of device
[  265.948884][ T6870] loop4: rw=0, want=58176, limit=40427
[  265.977797][ T7653] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,nodelalloc,,errors=continue. Quota mode: none.
[  265.996437][ T7653] ext4 filesystem being mounted at /9/mnt supports timestamps until 2038 (0x7fffffff)
[  266.014650][ T6870] attempt to access beyond end of device
[  266.014650][ T6870] loop4: rw=0, want=58184, limit=40427
[  266.067773][ T6870] attempt to access beyond end of device
[  266.067773][ T6870] loop4: rw=0, want=58192, limit=40427
[  266.171278][ T6870] attempt to access beyond end of device
[  266.171278][ T6870] loop4: rw=0, want=58200, limit=40427
[  266.219486][ T6870] attempt to access beyond end of device
[  266.219486][ T6870] loop4: rw=0, want=58208, limit=40427
[  266.323091][ T6870] attempt to access beyond end of device
[  266.323091][ T6870] loop4: rw=0, want=58216, limit=40427
[  266.383735][ T6870] attempt to access beyond end of device
[  266.383735][ T6870] loop4: rw=0, want=58224, limit=40427
[  266.436170][ T6870] attempt to access beyond end of device
[  266.436170][ T6870] loop4: rw=0, want=58232, limit=40427
[  266.567498][ T6870] attempt to access beyond end of device
[  266.567498][ T6870] loop4: rw=0, want=58240, limit=40427
[  267.183083][ T7662] loop2: detected capacity change from 0 to 32768
[  267.513585][ T7662] XFS (loop2): Mounting V5 Filesystem
[  268.958446][ T7662] XFS (loop2): Ending clean mount
[  269.050524][ T7662] XFS (loop2): Quotacheck needed: Please wait.
[  269.436770][ T7709] loop1: detected capacity change from 0 to 4096
[  269.522251][ T7709] __ntfs_warning: 65 callbacks suppressed
[  269.522264][ T7709] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  269.649859][ T7662] XFS (loop2): Quotacheck: Done.
[  269.684154][ T7709] ntfs: volume version 3.1.
[  269.878241][ T6733] XFS (loop2): Unmounting Filesystem
[  270.902139][ T6870] handle_bad_sector: 5598 callbacks suppressed
[  270.903039][ T6870] attempt to access beyond end of device
[  270.903039][ T6870] loop4: rw=0, want=57976, limit=40427
[  270.986624][ T7718] loop1: detected capacity change from 0 to 32768
[  271.029772][ T7718] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1046 (7718)
[  271.124230][ T6870] attempt to access beyond end of device
[  271.124230][ T6870] loop4: rw=0, want=57984, limit=40427
[  271.124704][ T7718] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  271.188305][ T7727] loop2: detected capacity change from 0 to 512
[  271.248529][ T7718] BTRFS error (device loop1): support for check_integrity* not compiled in!
[  271.283914][ T7718] BTRFS error (device loop1): open_ctree failed
[  271.290746][ T6870] attempt to access beyond end of device
[  271.290746][ T6870] loop4: rw=0, want=57992, limit=40427
[  271.350618][ T6870] attempt to access beyond end of device
[  271.350618][ T6870] loop4: rw=0, want=58000, limit=40427
[  271.363485][ T6870] attempt to access beyond end of device
[  271.363485][ T6870] loop4: rw=0, want=58008, limit=40427
[  271.374962][ T6870] attempt to access beyond end of device
[  271.374962][ T6870] loop4: rw=0, want=58016, limit=40427
[  271.387271][ T6870] attempt to access beyond end of device
[  271.387271][ T6870] loop4: rw=0, want=58024, limit=40427
[  271.399197][ T7727] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  271.411426][ T6870] attempt to access beyond end of device
[  271.411426][ T6870] loop4: rw=0, want=58032, limit=40427
[  271.423109][ T7727] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038 (0x7fffffff)
[  271.443895][ T6870] attempt to access beyond end of device
[  271.443895][ T6870] loop4: rw=0, want=58040, limit=40427
[  271.597312][ T6870] attempt to access beyond end of device
[  271.597312][ T6870] loop4: rw=0, want=58048, limit=40427
[  271.733569][ T7744] syz.1.1046 sent an empty control message without MSG_MORE.
[  272.522882][ T7754] loop1: detected capacity change from 0 to 1024
[  272.678150][ T7754] EXT4-fs (loop1): test_dummy_encryption requires encrypt feature
[  273.156762][ T7740] chnl_net:caif_netlink_parms(): no params data found
[  273.264048][ T7756] loop3: detected capacity change from 0 to 32768
[  273.294712][ T7756] jfs_mount: Mount Failure: superblock is corrupt!
[  273.316621][ T7756] Mount JFS Failure: -22
[  273.329062][ T3885] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  273.529063][ T3561] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  273.579141][ T3885] usb 2-1: Using ep0 maxpacket: 8
[  273.600620][ T7740] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.652534][ T7740] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.688000][ T7740] device bridge_slave_0 entered promiscuous mode
[  273.709272][ T3885] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  273.736272][ T3885] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.741295][ T7740] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.771571][ T3885] usb 2-1: config 0 descriptor??
[  273.793026][ T7740] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.801922][ T3561] usb 1-1: Using ep0 maxpacket: 16
[  273.815787][ T7740] device bridge_slave_1 entered promiscuous mode
[  273.824017][ T3885] usb-storage 2-1:0.0: USB Mass Storage device detected
[  273.844974][ T3885] usb-storage 2-1:0.0: Quirks match for vid 04e6 pid 000b: 4
[  273.919249][ T3561] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  273.939133][ T3561] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  273.954113][ T3561] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.976860][ T3561] usb 1-1: config 0 descriptor??
[  274.031214][ T3303] Bluetooth: hci6: command 0x0409 tx timeout
[  274.047746][ T7740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  274.059627][ T3303] usb 2-1: USB disconnect, device number 5
[  274.118568][ T7740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  274.230826][ T7771] PKCS7: Unknown OID: [4] (bad)
[  274.253056][ T7771] PKCS7: Only support pkcs7_signedData type
[  274.275148][ T7740] team0: Port device team_slave_0 added
[  274.278336][ T3515] Bluetooth: Wrong link type (-71)
[  274.288319][ T3515] Bluetooth: hci2: link tx timeout
[  274.293811][ T3515] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  274.308615][ T7771] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1063'.
[  274.332377][ T7740] team0: Port device team_slave_1 added
[  274.406336][ T7740] batman_adv: batadv0: Adding interface: batadv_slave_0
[  274.439114][ T7740] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.513985][ T7740] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  274.536762][ T7740] batman_adv: batadv0: Adding interface: batadv_slave_1
[  274.550054][ T7740] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.552762][ T7771] udc-core: couldn't find an available UDC or it's busy
[  274.629260][ T7771] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  274.648258][ T7740] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  274.802177][ T7786] loop2: detected capacity change from 0 to 32768
[  274.828424][ T7788] loop3: detected capacity change from 0 to 40427
[  274.892058][ T7740] device hsr_slave_0 entered promiscuous mode
[  274.900457][ T7786] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1064 (7786)
[  274.922507][ T7788] F2FS-fs (loop3): Found nat_bits in checkpoint
[  274.991883][ T7786] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  275.022363][ T7786] BTRFS error (device loop2): support for check_integrity* not compiled in!
[  275.068063][ T7786] BTRFS error (device loop2): open_ctree failed
[  275.126355][ T7788] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[  275.175320][ T7740] device hsr_slave_1 entered promiscuous mode
[  275.195275][ T7740] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  275.213685][ T7740] Cannot create hsr debugfs directory
[  275.254254][ T7788] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  275.609523][ T3561] usbhid 1-1:0.0: can't add hid device: -71
[  275.617200][ T3561] usbhid: probe of 1-1:0.0 failed with error -71
[  275.969940][ T3561] usb 1-1: USB disconnect, device number 5
[  276.002687][ T6870] handle_bad_sector: 6312 callbacks suppressed
[  276.002708][ T6870] attempt to access beyond end of device
[  276.002708][ T6870] loop4: rw=524288, want=57352, limit=40427
[  276.109047][ T3898] Bluetooth: hci6: command 0x041b tx timeout
[  276.224696][ T6870] attempt to access beyond end of device
[  276.224696][ T6870] loop4: rw=524288, want=57360, limit=40427
[  276.237599][ T6870] attempt to access beyond end of device
[  276.237599][ T6870] loop4: rw=524288, want=57368, limit=40427
[  276.260517][ T6870] attempt to access beyond end of device
[  276.260517][ T6870] loop4: rw=524288, want=57376, limit=40427
[  276.278064][ T6870] attempt to access beyond end of device
[  276.278064][ T6870] loop4: rw=524288, want=57384, limit=40427
[  276.298557][ T6870] attempt to access beyond end of device
[  276.298557][ T6870] loop4: rw=524288, want=57392, limit=40427
[  276.312591][ T6870] attempt to access beyond end of device
[  276.312591][ T6870] loop4: rw=524288, want=57400, limit=40427
[  276.444576][ T3898] Bluetooth: hci2: command 0x0406 tx timeout
[  276.447577][ T7807] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1067'.
[  276.454112][ T6870] attempt to access beyond end of device
[  276.454112][ T6870] loop4: rw=524288, want=57408, limit=40427
[  276.480613][ T6870] attempt to access beyond end of device
[  276.480613][ T6870] loop4: rw=524288, want=57416, limit=40427
[  276.901761][ T6870] attempt to access beyond end of device
[  276.901761][ T6870] loop4: rw=524288, want=57424, limit=40427
[  277.451784][ T7740] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.709451][ T7740] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.813250][ T7819] loop1: detected capacity change from 0 to 8
[  277.903774][ T7819] SQUASHFS error: zlib decompression failed, data probably corrupt
[  277.927720][ T7819] SQUASHFS error: Failed to read block 0x9b: -5
[  277.948257][ T7819] SQUASHFS error: Unable to read metadata cache entry [99]
[  277.969206][ T7819] SQUASHFS error: Unable to read inode 0x127
[  278.185193][ T7740] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.195689][ T3898] Bluetooth: hci6: command 0x040f tx timeout
[  278.284076][ T7819] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  279.442946][ T7740] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.547173][ T7088] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.610878][ T6054] usb 5-1: USB disconnect, device number 6
[  279.659484][ T6055] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  279.694389][ T7088] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.776262][ T7839] loop1: detected capacity change from 0 to 2048
[  279.836892][ T7088] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.889950][ T7839] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  279.916704][ T6055] usb 3-1: Using ep0 maxpacket: 16
[  279.984139][ T7088] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.000918][ T7843] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  280.049545][ T6055] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  280.086112][ T6055] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  280.135519][ T6055] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.207078][ T6055] usb 3-1: config 0 descriptor??
[  280.232280][ T7847] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  280.269024][ T3561] Bluetooth: hci6: command 0x0419 tx timeout
[  280.280760][ T7847] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  280.354899][ T7838] chnl_net:caif_netlink_parms(): no params data found
[  280.480404][ T7826] PKCS7: Unknown OID: [4] (bad)
[  280.499032][ T7826] PKCS7: Only support pkcs7_signedData type
[  280.529879][ T3518] Bluetooth: Wrong link type (-71)
[  280.535832][ T3518] Bluetooth: hci0: link tx timeout
[  280.541999][ T3518] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  280.562537][ T7826] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1077'.
[  280.671330][ T7855] udc-core: couldn't find an available UDC or it's busy
[  280.686396][ T7855] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  281.227187][ T6870] handle_bad_sector: 11767 callbacks suppressed
[  281.227325][ T6870] attempt to access beyond end of device
[  281.227325][ T6870] loop4: rw=524288, want=57352, limit=40427
[  281.589178][ T6870] attempt to access beyond end of device
[  281.589178][ T6870] loop4: rw=524288, want=57360, limit=40427
[  281.649358][ T6870] attempt to access beyond end of device
[  281.649358][ T6870] loop4: rw=524288, want=57368, limit=40427
[  281.702252][ T6870] attempt to access beyond end of device
[  281.702252][ T6870] loop4: rw=524288, want=57376, limit=40427
[  281.716045][ T6870] attempt to access beyond end of device
[  281.716045][ T6870] loop4: rw=524288, want=57384, limit=40427
[  281.728291][ T6870] attempt to access beyond end of device
[  281.728291][ T6870] loop4: rw=524288, want=57392, limit=40427
[  281.741121][ T6870] attempt to access beyond end of device
[  281.741121][ T6870] loop4: rw=524288, want=57400, limit=40427
[  281.759136][ T6055] usbhid 3-1:0.0: can't add hid device: -71
[  281.766329][ T6055] usbhid: probe of 3-1:0.0 failed with error -71
[  281.784854][ T6870] attempt to access beyond end of device
[  281.784854][ T6870] loop4: rw=524288, want=57408, limit=40427
[  281.790104][ T3303] Bluetooth: hci1: command 0x0409 tx timeout
[  281.814165][ T6055] usb 3-1: USB disconnect, device number 9
[  281.821376][ T7838] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.839375][ T6870] attempt to access beyond end of device
[  281.839375][ T6870] loop4: rw=524288, want=57416, limit=40427
[  281.851773][ T7838] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.287611][ T6870] attempt to access beyond end of device
[  282.287611][ T6870] loop4: rw=524288, want=57424, limit=40427
[  282.512942][ T7838] device bridge_slave_0 entered promiscuous mode
[  282.730536][ T6055] Bluetooth: hci0: command 0x0406 tx timeout
[  282.791877][ T7740] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  282.850526][   T26] audit: type=1326 audit(1721659805.916:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7873 comm="syz.2.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf1dfb4e99 code=0x7ffc0000
[  282.873205][ T7838] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.887714][ T7877] loop1: detected capacity change from 0 to 1024
[  282.895940][ T7838] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.930527][   T26] audit: type=1326 audit(1721659805.956:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7873 comm="syz.2.1092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf1dfb4e99 code=0x7ffc0000
[  282.936115][ T7838] device bridge_slave_1 entered promiscuous mode
[  282.996404][ T7882] loop2: detected capacity change from 0 to 8
[  283.031732][ T7740] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  283.087620][ T7882] SQUASHFS error: zlib decompression failed, data probably corrupt
[  283.103707][ T7740] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  283.127394][ T7882] SQUASHFS error: Failed to read block 0x9b: -5
[  283.169054][ T7882] SQUASHFS error: Unable to read metadata cache entry [99]
[  283.176303][ T7882] SQUASHFS error: Unable to read inode 0x127
[  283.210359][ T7740] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  283.229284][ T6058] Bluetooth: hci2: command 0x0406 tx timeout
[  283.258043][ T7838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  283.288392][ T7877] hfsplus: xattr searching failed
[  283.289848][ T7882] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  283.321706][ T7838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  283.339578][   T26] audit: type=1800 audit(1721659806.406:192): pid=7877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1093" name="file0" dev="loop1" ino=4 res=0 errno=0
[  283.359377][ T7882] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  283.402839][ T7877] hfsplus: xattr search failed
[  283.506287][  T144] hfsplus: bad catalog file entry
[  283.563707][ T7838] team0: Port device team_slave_0 added
[  284.255698][ T4546] Bluetooth: hci1: command 0x041b tx timeout
[  285.661533][ T7838] team0: Port device team_slave_1 added
[  285.813051][ T7838] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.842776][ T7838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.898364][ T7918] SET target dimension over the limit!
[  285.941513][ T7838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.967503][ T7838] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.976149][ T4544] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  285.995924][ T7838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.032677][ T7838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  286.073279][ T7740] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.153168][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  286.171160][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  286.186091][ T7740] 8021q: adding VLAN 0 to HW filter on device team0
[  286.208245][ T7838] device hsr_slave_0 entered promiscuous mode
[  286.224455][ T7838] device hsr_slave_1 entered promiscuous mode
[  286.231820][ T6870] handle_bad_sector: 5562 callbacks suppressed
[  286.231841][ T6870] attempt to access beyond end of device
[  286.231841][ T6870] loop4: rw=0, want=58920, limit=40427
[  286.249510][ T4544] usb 2-1: Using ep0 maxpacket: 32
[  286.256534][ T7838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  286.264888][ T7838] Cannot create hsr debugfs directory
[  286.272938][ T6870] attempt to access beyond end of device
[  286.272938][ T6870] loop4: rw=0, want=58928, limit=40427
[  286.291003][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  286.301549][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  286.311429][ T6870] attempt to access beyond end of device
[  286.311429][ T6870] loop4: rw=0, want=58936, limit=40427
[  286.323940][ T6054] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.331067][ T6054] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.339370][ T6870] attempt to access beyond end of device
[  286.339370][ T6870] loop4: rw=0, want=58944, limit=40427
[  286.363475][ T6870] attempt to access beyond end of device
[  286.363475][ T6870] loop4: rw=0, want=58952, limit=40427
[  286.399397][ T4544] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  286.421375][ T6870] attempt to access beyond end of device
[  286.421375][ T6870] loop4: rw=0, want=58960, limit=40427
[  286.437085][ T6870] attempt to access beyond end of device
[  286.437085][ T6870] loop4: rw=0, want=58968, limit=40427
[  286.437611][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  286.458603][ T6870] attempt to access beyond end of device
[  286.458603][ T6870] loop4: rw=0, want=58976, limit=40427
[  286.470112][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  286.482355][ T6870] attempt to access beyond end of device
[  286.482355][ T6870] loop4: rw=0, want=58984, limit=40427
[  286.490024][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  286.511892][ T6870] attempt to access beyond end of device
[  286.511892][ T6870] loop4: rw=0, want=58992, limit=40427
[  286.515317][ T6055] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.530018][ T6055] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.622586][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  286.639260][ T4544] usb 2-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  286.663511][ T7939] loop2: detected capacity change from 0 to 8
[  286.670452][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  286.678855][ T4544] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  286.699466][ T4544] usb 2-1: Product: syz
[  286.703682][ T4544] usb 2-1: Manufacturer: syz
[  286.708283][ T4544] usb 2-1: SerialNumber: syz
[  286.738598][ T7939] SQUASHFS error: zlib decompression failed, data probably corrupt
[  286.765997][ T7939] SQUASHFS error: Failed to read block 0x9b: -5
[  286.781039][ T4544] appletouch 2-1:1.0: Could not find int-in endpoint
[  286.792019][ T7939] SQUASHFS error: Unable to read metadata cache entry [99]
[  286.793413][ T4544] appletouch: probe of 2-1:1.0 failed with error -5
[  286.807749][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  286.818445][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  286.824521][ T7939] SQUASHFS error: Unable to read inode 0x127
[  286.830679][ T4544] usbhid 2-1:1.0: couldn't find an input interrupt endpoint
[  286.841345][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  286.861781][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  286.893470][ T7740] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  286.905288][ T7740] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  286.922752][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  286.938197][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  286.953520][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  286.971310][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  286.992263][ T6055] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  287.029668][ T7939] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  287.055490][ T3561] usb 2-1: USB disconnect, device number 6
[  287.066152][ T7939] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  287.173219][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  287.273768][ T7088] device hsr_slave_0 left promiscuous mode
[  287.293854][ T7088] device hsr_slave_1 left promiscuous mode
[  287.322007][ T7088] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  287.350810][ T7088] batman_adv: batadv0: Removing interface: batadv_slave_0
[  287.372457][ T7088] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  287.384340][ T7088] batman_adv: batadv0: Removing interface: batadv_slave_1
[  287.410527][ T7088] device bridge_slave_1 left promiscuous mode
[  287.416805][ T7088] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.487475][ T7088] device bridge_slave_0 left promiscuous mode
[  287.499540][ T7088] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.512794][ T7952] mmap: syz.0.1110 (7952) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  287.528051][ T7088] device veth1_macvtap left promiscuous mode
[  287.534405][ T7088] device veth0_macvtap left promiscuous mode
[  287.541515][ T7088] device veth1_vlan left promiscuous mode
[  287.547365][ T7088] device veth0_vlan left promiscuous mode
[  287.636880][ T7954] netlink: 'syz.0.1111': attribute type 29 has an invalid length.
[  287.646390][ T6058] Bluetooth: hci1: command 0x040f tx timeout
[  288.035986][ T7088] team0 (unregistering): Port device team_slave_1 removed
[  288.080007][ T7088] team0 (unregistering): Port device team_slave_0 removed
[  288.116105][ T7088] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  288.153276][ T7088] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  288.313420][ T7959] loop1: detected capacity change from 0 to 32768
[  288.366837][ T7088] bond0 (unregistering): Released all slaves
[  288.400666][ T7959] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 scanned by syz.1.1112 (7959)
[  288.459985][ T7954] netlink: 'syz.0.1111': attribute type 29 has an invalid length.
[  288.546417][ T7959] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  288.599141][ T7959] BTRFS info (device loop1): using free space tree
[  288.639690][ T7959] BTRFS info (device loop1): has skinny extents
[  288.719685][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  288.727244][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  289.015396][ T7740] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.022953][ T7959] BTRFS info (device loop1): enabling ssd optimizations
[  289.558401][ T7971] loop2: detected capacity change from 0 to 32768
[  289.719579][ T7971] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1115 (7971)
[  289.738830][ T6058] Bluetooth: hci1: command 0x0419 tx timeout
[  289.856240][ T7971] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  289.896351][ T7971] BTRFS info (device loop2): using free space tree
[  289.919346][ T7971] BTRFS info (device loop2): has skinny extents
[  290.259994][ T7971] BTRFS info (device loop2): enabling ssd optimizations
[  290.677288][ T8038] loop1: detected capacity change from 0 to 256
[  291.034870][ T8038] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  291.141725][   T26] audit: type=1804 audit(1721659814.176:193): pid=8038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1116" name="/newroot/35/file0/file0" dev="loop1" ino=1048648 res=1 errno=0
[  291.243425][ T6870] handle_bad_sector: 22038 callbacks suppressed
[  291.243443][ T6870] attempt to access beyond end of device
[  291.243443][ T6870] loop4: rw=0, want=59176, limit=40427
[  291.359900][ T6870] attempt to access beyond end of device
[  291.359900][ T6870] loop4: rw=0, want=59184, limit=40427
[  291.406878][ T6870] attempt to access beyond end of device
[  291.406878][ T6870] loop4: rw=0, want=59192, limit=40427
[  291.459153][ T6870] attempt to access beyond end of device
[  291.459153][ T6870] loop4: rw=0, want=59200, limit=40427
[  291.519659][ T6870] attempt to access beyond end of device
[  291.519659][ T6870] loop4: rw=0, want=59208, limit=40427
[  291.568552][ T6870] attempt to access beyond end of device
[  291.568552][ T6870] loop4: rw=0, want=59216, limit=40427
[  291.644639][ T6870] attempt to access beyond end of device
[  291.644639][ T6870] loop4: rw=0, want=59224, limit=40427
[  291.667073][ T8050] netlink: 'syz.0.1122': attribute type 29 has an invalid length.
[  291.694811][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  291.709227][ T6870] attempt to access beyond end of device
[  291.709227][ T6870] loop4: rw=0, want=59232, limit=40427
[  291.721925][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  291.754351][ T8050] netlink: 'syz.0.1122': attribute type 29 has an invalid length.
[  291.763153][ T6870] attempt to access beyond end of device
[  291.763153][ T6870] loop4: rw=0, want=59240, limit=40427
[  291.799636][ T7740] device veth0_vlan entered promiscuous mode
[  291.827922][ T6870] attempt to access beyond end of device
[  291.827922][ T6870] loop4: rw=0, want=59248, limit=40427
[  291.842228][ T8054] netlink: 'syz.0.1122': attribute type 29 has an invalid length.
[  291.854631][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  291.863810][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  291.900233][ T7740] device veth1_vlan entered promiscuous mode
[  291.969158][ T8058] netlink: 'syz.0.1122': attribute type 29 has an invalid length.
[  291.977435][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  291.987379][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  292.009880][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  292.048048][ T8050] netlink: 'syz.0.1122': attribute type 29 has an invalid length.
[  292.917868][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  292.969861][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  292.990357][ T8074] loop2: detected capacity change from 0 to 8
[  293.009626][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  293.051699][ T7740] device veth0_macvtap entered promiscuous mode
[  293.094076][ T8074] SQUASHFS error: Failed to read block 0x62b: -5
[  293.107768][ T7740] device veth1_macvtap entered promiscuous mode
[  293.115956][ T8074] SQUASHFS error: Unable to read metadata cache entry [629]
[  293.166526][ T7838] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  293.174400][ T8074] SQUASHFS error: Unable to read inode 0x11f
[  293.240890][ T7838] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  293.278095][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.321527][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.359533][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.395462][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.437550][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.469059][ T3303] Bluetooth: hci3: command 0x0406 tx timeout
[  293.485008][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.533033][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.582557][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.613122][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.644258][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.672975][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.704903][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.764173][ T7740] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.798016][ T7838] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  293.816790][ T8027] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  293.847264][ T8027] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  293.906478][ T8027] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  293.935921][ T8027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  293.978599][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.018964][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.121586][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.171124][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.209869][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.250446][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.291066][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.327894][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.349058][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.386713][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.420135][ T7740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.472105][ T7740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.549604][ T7740] batman_adv: batadv0: Interface activated: batadv_slave_1
[  294.603365][ T7838] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  294.632245][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  294.659950][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  294.718354][ T8090] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  294.792456][ T7740] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.818991][ T7740] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.861090][ T7740] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.917543][ T7740] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.292925][ T8100] loop2: detected capacity change from 0 to 256
[  295.376463][ T8100] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  295.481353][   T26] audit: type=1804 audit(1721659818.526:194): pid=8100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1129" name="/newroot/61/file0/file0" dev="loop2" ino=1048649 res=1 errno=0
[  295.919363][ T7038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.959767][ T7038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.077430][ T3549] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  296.111024][ T8108] loop2: detected capacity change from 0 to 256
[  296.168614][ T4160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  296.235564][ T4160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.259013][ T6870] handle_bad_sector: 9150 callbacks suppressed
[  296.259032][ T6870] attempt to access beyond end of device
[  296.259032][ T6870] loop4: rw=0, want=58728, limit=40427
[  296.290222][ T7838] 8021q: adding VLAN 0 to HW filter on device bond0
[  296.335055][ T3549] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  296.372194][ T3549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  296.413866][ T6870] attempt to access beyond end of device
[  296.413866][ T6870] loop4: rw=0, want=58736, limit=40427
[  296.433369][ T3549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  296.459115][ T6870] attempt to access beyond end of device
[  296.459115][ T6870] loop4: rw=0, want=58744, limit=40427
[  296.483248][ T7838] 8021q: adding VLAN 0 to HW filter on device team0
[  296.539349][ T6870] attempt to access beyond end of device
[  296.539349][ T6870] loop4: rw=0, want=58752, limit=40427
[  296.590086][ T3303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  296.630125][ T3303] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  296.638652][ T3303] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.645758][ T3303] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.659089][ T6870] attempt to access beyond end of device
[  296.659089][ T6870] loop4: rw=0, want=58760, limit=40427
[  296.776573][ T6870] attempt to access beyond end of device
[  296.776573][ T6870] loop4: rw=0, want=58768, limit=40427
[  296.809996][ T8114] loop2: detected capacity change from 0 to 32768
[  296.820512][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  296.828486][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  296.863796][ T8114] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1131 (8114)
[  296.909756][ T6870] attempt to access beyond end of device
[  296.909756][ T6870] loop4: rw=0, want=58776, limit=40427
[  296.949798][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  296.952237][ T6870] attempt to access beyond end of device
[  296.952237][ T6870] loop4: rw=0, want=58784, limit=40427
[  297.003774][ T6870] attempt to access beyond end of device
[  297.003774][ T6870] loop4: rw=0, want=58792, limit=40427
[  297.006683][ T3898] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.021890][ T3898] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.084367][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  297.172723][ T6870] attempt to access beyond end of device
[  297.172723][ T6870] loop4: rw=0, want=58800, limit=40427
[  297.194515][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  297.272210][ T8114] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  297.281041][ T8114] BTRFS info (device loop2): using free space tree
[  297.287619][ T8114] BTRFS info (device loop2): has skinny extents
[  297.299309][ T3303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  297.311705][ T3303] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  297.435366][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  297.450042][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  297.503884][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  297.562110][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  297.621745][   T26] audit: type=1800 audit(1721659820.676:195): pid=8155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1135" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  297.661113][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  297.752736][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  297.804967][ T8114] BTRFS info (device loop2): enabling ssd optimizations
[  297.969138][ T3561] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  298.064015][ T8166] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1131'.
[  298.503812][ T7838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  299.073073][ T3549] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  299.089408][ T3549] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  299.117849][ T7838] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.203296][ T3883] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  299.249773][ T3883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  299.379658][ T3883] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  299.394751][ T3883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  299.424719][ T7838] device veth0_vlan entered promiscuous mode
[  299.439159][ T3552] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  299.441857][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  299.470072][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  299.546633][ T8200] loop2: detected capacity change from 0 to 1764
[  299.641200][ T7838] device veth1_vlan entered promiscuous mode
[  299.688874][ T3883] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  299.700196][ T8200] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1141'.
[  299.739286][ T3552] usb 2-1: Using ep0 maxpacket: 32
[  299.879511][ T3552] usb 2-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice=e0.d8
[  299.898828][ T3552] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.946939][ T7838] device veth0_macvtap entered promiscuous mode
[  299.970396][ T3552] usb 2-1: config 0 descriptor??
[  300.009591][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  300.033451][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  300.044693][ T8214] binder: BINDER_SET_CONTEXT_MGR already set
[  300.072976][ T7838] device veth1_macvtap entered promiscuous mode
[  300.095790][ T8027] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  300.104765][ T8027] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  300.116769][ T8214] binder: 8209:8214 ioctl 4018620d 20000040 returned -16
[  300.425647][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.524991][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.597084][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.677122][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.707637][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.736104][ T8228] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1146'.
[  300.814481][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.884250][ T3552] usb 2-1: string descriptor 0 read error: -71
[  301.204104][ T3552] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input11
[  301.219021][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.291265][ T6870] handle_bad_sector: 7608 callbacks suppressed
[  301.291286][ T6870] attempt to access beyond end of device
[  301.291286][ T6870] loop4: rw=0, want=58232, limit=40427
[  301.309558][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.388305][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.399825][ T2947] bcm5974 2-1:0.0: could not read from device
[  301.430218][ T6870] attempt to access beyond end of device
[  301.430218][ T6870] loop4: rw=0, want=58240, limit=40427
[  301.459074][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.494233][ T6870] attempt to access beyond end of device
[  301.494233][ T6870] loop4: rw=0, want=58248, limit=40427
[  301.505400][ T6870] attempt to access beyond end of device
[  301.505400][ T6870] loop4: rw=0, want=58256, limit=40427
[  301.516515][ T6870] attempt to access beyond end of device
[  301.516515][ T6870] loop4: rw=0, want=58264, limit=40427
[  301.528090][ T6870] attempt to access beyond end of device
[  301.528090][ T6870] loop4: rw=0, want=58272, limit=40427
[  301.534692][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.590199][ T6870] attempt to access beyond end of device
[  301.590199][ T6870] loop4: rw=0, want=58280, limit=40427
[  301.591451][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.645647][ T6870] attempt to access beyond end of device
[  301.645647][ T6870] loop4: rw=0, want=58288, limit=40427
[  301.653649][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.677541][ T6870] attempt to access beyond end of device
[  301.677541][ T6870] loop4: rw=0, want=58296, limit=40427
[  301.690746][ T8217] loop2: detected capacity change from 0 to 32768
[  301.697422][ T6870] attempt to access beyond end of device
[  301.697422][ T6870] loop4: rw=0, want=58304, limit=40427
[  301.698472][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.745477][ T3552] usb 2-1: USB disconnect, device number 7
[  301.760635][ T7838] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.774918][ T8217] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1145 (8217)
[  301.811156][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.862294][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.894166][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.959001][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.968867][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.999019][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.008888][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.024346][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.035250][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.045771][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.055661][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.066172][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.076040][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.087785][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.114433][ T8217] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  302.130915][ T7838] batman_adv: batadv0: Interface activated: batadv_slave_1
[  302.145297][ T8217] BTRFS info (device loop2): using free space tree
[  302.154461][ T8226] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  302.156139][ T8217] BTRFS info (device loop2): has skinny extents
[  302.191346][ T6057] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  302.238684][ T6057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  302.309816][ T6057] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  302.395848][ T6057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  302.431123][ T8217] BTRFS info (device loop2): enabling ssd optimizations
[  302.601899][ T7838] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  303.018797][ T7838] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  303.233558][ T7838] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  303.424164][ T7838] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.590104][ T6058] Bluetooth: hci5: command 0x0409 tx timeout
[  304.673793][ T8275] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1154'.
[  304.959129][ T3584] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.967337][ T3584] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.108871][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  305.224434][ T8284] loop1: detected capacity change from 0 to 32768
[  305.300599][ T8284] XFS: attr2 mount option is deprecated.
[  305.526730][ T8307] loop2: detected capacity change from 0 to 256
[  305.599969][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.620876][ T8284] XFS (loop1): Mounting V5 Filesystem
[  305.756396][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.807489][ T8307] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  305.914403][   T26] audit: type=1804 audit(1721659828.966:196): pid=8307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1160" name="/newroot/69/file0/file0" dev="loop2" ino=1048653 res=1 errno=0
[  306.152696][ T6056] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  306.213960][ T8284] XFS (loop1): Ending clean mount
[  306.318301][ T6870] handle_bad_sector: 11912 callbacks suppressed
[  306.318326][ T6870] attempt to access beyond end of device
[  306.318326][ T6870] loop4: rw=524288, want=57352, limit=40427
[  306.349717][ T8284] XFS (loop1): Quotacheck needed: Please wait.
[  306.367285][ T6870] attempt to access beyond end of device
[  306.367285][ T6870] loop4: rw=524288, want=57360, limit=40427
[  306.383034][ T6870] attempt to access beyond end of device
[  306.383034][ T6870] loop4: rw=524288, want=57368, limit=40427
[  306.394939][ T6870] attempt to access beyond end of device
[  306.394939][ T6870] loop4: rw=524288, want=57376, limit=40427
[  306.407992][ T6870] attempt to access beyond end of device
[  306.407992][ T6870] loop4: rw=524288, want=57384, limit=40427
[  306.420142][ T6870] attempt to access beyond end of device
[  306.420142][ T6870] loop4: rw=524288, want=57392, limit=40427
[  306.499200][ T6870] attempt to access beyond end of device
[  306.499200][ T6870] loop4: rw=524288, want=57400, limit=40427
[  306.528461][ T6870] attempt to access beyond end of device
[  306.528461][ T6870] loop4: rw=524288, want=57408, limit=40427
[  306.574182][ T6870] attempt to access beyond end of device
[  306.574182][ T6870] loop4: rw=524288, want=57416, limit=40427
[  306.621749][ T8268] chnl_net:caif_netlink_parms(): no params data found
[  306.643161][ T6870] attempt to access beyond end of device
[  306.643161][ T6870] loop4: rw=524288, want=57424, limit=40427
[  306.657472][ T8284] XFS (loop1): Quotacheck: Done.
[  307.527814][ T3552] Bluetooth: hci5: command 0x041b tx timeout
[  307.562164][ T7108] XFS (loop1): Unmounting Filesystem
[  307.736750][ T8327] loop2: detected capacity change from 0 to 4096
[  307.855590][ T8268] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.864333][ T8268] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.874464][ T8268] device bridge_slave_0 entered promiscuous mode
[  307.886652][ T8268] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.894425][ T8268] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.902946][ T8268] device bridge_slave_1 entered promiscuous mode
[  308.082235][   T26] audit: type=1800 audit(1721659831.146:197): pid=8327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1166" name="bus" dev="loop2" ino=33 res=0 errno=0
[  309.323930][ T8268] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.408348][ T8268] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  309.549303][ T3552] Bluetooth: hci5: command 0x040f tx timeout
[  309.592693][ T8348] input: syz0 as /devices/virtual/input/input13
[  309.705553][ T8268] team0: Port device team_slave_0 added
[  309.799695][ T8268] team0: Port device team_slave_1 added
[  309.975601][ T8268] batman_adv: batadv0: Adding interface: batadv_slave_0
[  309.989835][ T8268] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.083237][ T8268] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  310.129335][ T8268] batman_adv: batadv0: Adding interface: batadv_slave_1
[  310.157977][ T8268] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.256308][ T8268] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  310.309223][ T7088] device hsr_slave_0 left promiscuous mode
[  310.361827][ T7088] device hsr_slave_1 left promiscuous mode
[  310.370728][ T7088] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  310.409210][ T7088] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.437963][ T7088] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  310.459210][ T7088] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.479837][ T7088] device bridge_slave_1 left promiscuous mode
[  310.486130][ T7088] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.552092][ T7088] device bridge_slave_0 left promiscuous mode
[  310.587761][ T7088] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.689591][ T7088] device veth1_macvtap left promiscuous mode
[  310.716086][ T7088] device veth0_macvtap left promiscuous mode
[  310.748811][ T7088] device veth1_vlan left promiscuous mode
[  310.788343][ T7088] device veth0_vlan left promiscuous mode
[  311.012643][   T26] audit: type=1326 audit(1721659834.026:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8359 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff78832e99 code=0x7ffc0000
[  311.278111][ T8353] loop2: detected capacity change from 0 to 32768
[  311.325021][ T6870] handle_bad_sector: 8531 callbacks suppressed
[  311.325277][ T6870] attempt to access beyond end of device
[  311.325277][ T6870] loop4: rw=0, want=58096, limit=40427
[  311.576544][   T26] audit: type=1326 audit(1721659834.026:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8359 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff78832e99 code=0x7ffc0000
[  311.619093][ T6870] attempt to access beyond end of device
[  311.619093][ T6870] loop4: rw=0, want=58104, limit=40427
[  311.634825][ T8027] Bluetooth: hci5: command 0x0419 tx timeout
[  311.648971][   T26] audit: type=1326 audit(1721659834.026:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8359 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7eff78832e99 code=0x7ffc0000
[  311.701687][ T6870] attempt to access beyond end of device
[  311.701687][ T6870] loop4: rw=0, want=58112, limit=40427
[  311.719806][ T8353] XFS: attr2 mount option is deprecated.
[  311.760283][   T26] audit: type=1326 audit(1721659834.036:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8359 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff78832e99 code=0x7ffc0000
[  311.768574][ T6870] attempt to access beyond end of device
[  311.768574][ T6870] loop4: rw=0, want=58120, limit=40427
[  311.819139][ T6870] attempt to access beyond end of device
[  311.819139][ T6870] loop4: rw=0, want=58128, limit=40427
[  311.838162][   T26] audit: type=1326 audit(1721659834.036:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8359 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff78832e99 code=0x7ffc0000
[  311.863964][ T6870] attempt to access beyond end of device
[  311.863964][ T6870] loop4: rw=0, want=58136, limit=40427
[  311.869771][   T26] audit: type=1326 audit(1721659834.036:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8359 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7eff78832e99 code=0x7ffc0000
[  311.913584][ T8353] XFS (loop2): Mounting V5 Filesystem
[  311.946688][ T6870] attempt to access beyond end of device
[  311.946688][ T6870] loop4: rw=0, want=58144, limit=40427
[  311.957299][   T26] audit: type=1326 audit(1721659834.036:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8359 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff78832e99 code=0x7ffc0000
[  311.989302][ T6870] attempt to access beyond end of device
[  311.989302][ T6870] loop4: rw=0, want=58152, limit=40427
[  312.009722][   T26] audit: type=1326 audit(1721659834.036:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8359 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff78832e99 code=0x7ffc0000
[  312.037091][   T26] audit: type=1326 audit(1721659834.046:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8359 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7eff78832e99 code=0x7ffc0000
[  312.053109][ T6870] attempt to access beyond end of device
[  312.053109][ T6870] loop4: rw=0, want=58160, limit=40427
[  312.059479][    C0] vkms_vblank_simulate: vblank timer overrun
[  312.059869][   T26] audit: type=1326 audit(1721659834.046:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8359 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  312.110800][ T6870] attempt to access beyond end of device
[  312.110800][ T6870] loop4: rw=0, want=58168, limit=40427
[  312.179986][ T8353] XFS (loop2): Ending clean mount
[  312.207134][ T8353] XFS (loop2): Quotacheck needed: Please wait.
[  314.303531][ T8353] XFS (loop2): Quotacheck: Done.
[  314.348759][ T6733] XFS (loop2): Unmounting Filesystem
[  315.315695][ T7088] team0 (unregistering): Port device team_slave_1 removed
[  315.334516][ T7088] team0 (unregistering): Port device team_slave_0 removed
[  315.367371][ T7088] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  315.418113][ T7088] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  315.581442][ T8395] ptrace attach of "./syz-executor exec"[7108] was attempted by "./syz-executor exec"[8395]
[  315.931841][ T7088] bond0 (unregistering): Released all slaves
[  316.520231][ T6870] handle_bad_sector: 5785 callbacks suppressed
[  316.520253][ T6870] attempt to access beyond end of device
[  316.520253][ T6870] loop4: rw=524288, want=57352, limit=40427
[  316.563003][ T8400] loop1: detected capacity change from 0 to 4096
[  316.599585][ T6870] attempt to access beyond end of device
[  316.599585][ T6870] loop4: rw=524288, want=57360, limit=40427
[  316.616630][ T8268] device hsr_slave_0 entered promiscuous mode
[  316.625660][ T8268] device hsr_slave_1 entered promiscuous mode
[  316.633532][ T6870] attempt to access beyond end of device
[  316.633532][ T6870] loop4: rw=524288, want=57368, limit=40427
[  316.646765][ T8268] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  316.657245][ T6870] attempt to access beyond end of device
[  316.657245][ T6870] loop4: rw=524288, want=57376, limit=40427
[  316.671851][ T8268] Cannot create hsr debugfs directory
[  316.680735][ T8400] __ntfs_warning: 11 callbacks suppressed
[  316.680751][ T8400] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  316.725369][ T6870] attempt to access beyond end of device
[  316.725369][ T6870] loop4: rw=524288, want=57384, limit=40427
[  316.745120][ T6870] attempt to access beyond end of device
[  316.745120][ T6870] loop4: rw=524288, want=57392, limit=40427
[  316.817431][ T8400] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  316.843371][ T6870] attempt to access beyond end of device
[  316.843371][ T6870] loop4: rw=524288, want=57400, limit=40427
[  316.888753][ T8411] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[  316.891857][ T8400] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing.
[  316.919314][ T8411] XFS (loop3): SB validate failed with error -5.
[  316.920015][ T6870] attempt to access beyond end of device
[  316.920015][ T6870] loop4: rw=524288, want=57408, limit=40427
[  316.951053][ T8400] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  316.964314][ T8400] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  317.006136][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  317.012532][ T1376] ieee802154 phy1 wpan1: encryption failed: -22
[  317.029044][ T6870] attempt to access beyond end of device
[  317.029044][ T6870] loop4: rw=524288, want=57416, limit=40427
[  317.054997][ T6870] attempt to access beyond end of device
[  317.054997][ T6870] loop4: rw=524288, want=57424, limit=40427
[  317.085365][ T8400] ntfs: volume version 3.1.
[  317.274987][ T8418] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1185'.
[  317.443280][ T8268] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.589106][ T8268] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.653808][ T8430] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1192'.
[  317.673914][ T8430] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1192'.
[  317.692129][ T8430] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1192'.
[  317.751852][ T8268] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.762348][ T4546] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  317.881890][ T8268] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.032248][ T4546] usb 3-1: Using ep0 maxpacket: 8
[  318.162797][ T4546] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  318.197409][ T4546] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  318.247477][ T4546] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  318.282532][ T4546] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.313256][ T8268] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  318.325120][ T4546] usb 3-1: config 0 descriptor??
[  318.372021][ T8268] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  318.417111][ T8268] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  318.483447][ T8268] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  318.496154][ T8450] loop3: detected capacity change from 0 to 512
[  318.531453][ T8449] tipc: Enabling of bearer <Žz:l> rejected, media not registered
[  318.603281][ T4546] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  318.627098][ T8450] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001)
[  318.679528][ T8450] FAT-fs (loop3): Filesystem has been set read-only
[  318.782151][ T8268] 8021q: adding VLAN 0 to HW filter on device bond0
[  318.815594][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  318.818605][ T8422] iowarrior 3-1:0.0: Error -90 while submitting URB
[  318.854944][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  318.907206][ T8268] 8021q: adding VLAN 0 to HW filter on device team0
[  318.922994][ T4546] usb 3-1: USB disconnect, device number 10
[  318.950629][ T4546] iowarrior 3-1:0.0: I/O-Warror #0 now disconnected
[  319.001299][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  319.030518][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  319.057641][ T3894] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.064835][ T3894] bridge0: port 1(bridge_slave_0) entered forwarding state
[  319.103444][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  319.129914][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  319.159176][ T3894] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.166384][ T3894] bridge0: port 2(bridge_slave_1) entered forwarding state
[  319.215235][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  319.271391][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  319.284456][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  319.360284][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  319.524379][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  319.659138][ T8457] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1202'.
[  319.679195][ T8457] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1202'.
[  319.850381][ T8457] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1202'.
[  319.869709][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  319.878119][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  319.880000][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  319.888874][ T8268] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  319.922894][ T8268] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  319.924596][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  319.925229][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  319.925996][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  319.926535][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  319.927304][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  320.165871][ T8469] loop2: detected capacity change from 0 to 4096
[  320.260250][ T6058] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  320.260397][ T6058] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  320.270878][ T8469] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  320.277025][ T8469] ntfs: (device loop2): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  320.277050][ T8469] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing.
[  320.277075][ T8469] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  320.277129][ T8469] ntfs: (device loop2): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  320.329549][ T8469] ntfs: volume version 3.1.
[  320.340825][ T8268] 8021q: adding VLAN 0 to HW filter on device batadv0
[  320.543537][ T8482] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  320.604115][ T8485] loop1: detected capacity change from 0 to 128
[  320.718627][ T8484] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1205'.
[  320.762480][ T8485] ufs: You didn't specify the type of your ufs filesystem
[  320.762480][ T8485] 
[  320.762480][ T8485] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  320.762480][ T8485] 
[  320.762480][ T8485] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  320.849286][ T8485] ufs: ufstype=old is supported read-only
[  320.876530][ T8485] ufs: ufs_fill_super(): bad magic number
[  321.954842][ T6870] handle_bad_sector: 13302 callbacks suppressed
[  321.954862][ T6870] attempt to access beyond end of device
[  321.954862][ T6870] loop4: rw=524288, want=57352, limit=40427
[  322.078696][ T6870] attempt to access beyond end of device
[  322.078696][ T6870] loop4: rw=524288, want=57360, limit=40427
[  322.090898][ T6870] attempt to access beyond end of device
[  322.090898][ T6870] loop4: rw=524288, want=57368, limit=40427
[  322.116274][ T6870] attempt to access beyond end of device
[  322.116274][ T6870] loop4: rw=524288, want=57376, limit=40427
[  322.159114][ T6870] attempt to access beyond end of device
[  322.159114][ T6870] loop4: rw=524288, want=57384, limit=40427
[  322.203912][ T6870] attempt to access beyond end of device
[  322.203912][ T6870] loop4: rw=524288, want=57392, limit=40427
[  322.248721][ T6870] attempt to access beyond end of device
[  322.248721][ T6870] loop4: rw=524288, want=57400, limit=40427
[  322.319092][ T6870] attempt to access beyond end of device
[  322.319092][ T6870] loop4: rw=524288, want=57408, limit=40427
[  322.395147][ T8513] loop1: detected capacity change from 0 to 1024
[  322.459479][ T6870] attempt to access beyond end of device
[  322.459479][ T6870] loop4: rw=524288, want=57416, limit=40427
[  322.511751][ T6870] attempt to access beyond end of device
[  322.511751][ T6870] loop4: rw=524288, want=57424, limit=40427
[  322.606481][ T8513] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  322.854709][ T1069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  323.034688][ T1069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  323.310398][ T8268] device veth0_vlan entered promiscuous mode
[  323.384733][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  323.423346][ T3898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  323.481244][ T8268] device veth1_vlan entered promiscuous mode
[  323.529813][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  323.537800][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  323.573613][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  323.642865][ T8027] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  323.671218][ T8027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  323.720701][ T8027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  323.922923][ T8268] device veth0_macvtap entered promiscuous mode
[  323.968995][ T3894] usb 3-1: new low-speed USB device number 11 using dummy_hcd
[  323.972938][ T8268] device veth1_macvtap entered promiscuous mode
[  324.330250][ T3894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1023, setting to 8
[  324.452095][ T3894] usb 3-1: New USB device found, idVendor=046d, idProduct=08b1, bcdDevice=6d.2a
[  324.788123][ T3894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.801979][ T8538] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  324.820460][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.887915][ T3894] usb 3-1: config 0 descriptor??
[  324.905760][ T8541] loop1: detected capacity change from 0 to 128
[  324.914676][ T8540] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  324.938969][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.952991][ T3894] pwc: Logitech QuickCam Notebook Pro USB webcam detected.
[  324.959119][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.978961][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.988812][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.015688][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.039746][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.059202][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.095802][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.128682][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.162232][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.196270][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.227398][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.259216][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.298404][ T8268] batman_adv: batadv0: Interface activated: batadv_slave_0
[  325.309636][ T3894] pwc: Failed to set LED on/off time (-71)
[  325.329714][ T8542] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1227'.
[  325.339306][ T3894] pwc: send_video_command error -71
[  325.344538][ T3894] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  325.359678][ T8541] ufs: You didn't specify the type of your ufs filesystem
[  325.359678][ T8541] 
[  325.359678][ T8541] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  325.359678][ T8541] 
[  325.359678][ T8541] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  325.373578][ T3894] Philips webcam: probe of 3-1:0.0 failed with error -71
[  325.390642][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  325.430056][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  325.451697][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.469055][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.482680][ T3894] usb 3-1: USB disconnect, device number 11
[  325.498996][ T8541] ufs: ufstype=old is supported read-only
[  325.505551][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.538946][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.563714][ T8541] ufs: ufs_fill_super(): bad magic number
[  325.570476][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.605218][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.656210][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.687529][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.708736][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.728960][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.761686][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.809663][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.839064][ T8268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.859293][ T8268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.899017][ T8268] batman_adv: batadv0: Interface activated: batadv_slave_1
[  325.951074][ T8268] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.040071][ T8268] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  326.066265][ T8268] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.124022][ T8268] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  326.187594][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  326.198453][ T4544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  327.103849][ T6870] handle_bad_sector: 10413 callbacks suppressed
[  327.104184][ T6870] attempt to access beyond end of device
[  327.104184][ T6870] loop4: rw=524288, want=58816, limit=40427
[  327.657557][ T6870] attempt to access beyond end of device
[  327.657557][ T6870] loop4: rw=524288, want=58824, limit=40427
[  327.758216][ T6870] attempt to access beyond end of device
[  327.758216][ T6870] loop4: rw=524288, want=58832, limit=40427
[  327.771594][ T6870] attempt to access beyond end of device
[  327.771594][ T6870] loop4: rw=524288, want=58840, limit=40427
[  327.789152][ T6870] attempt to access beyond end of device
[  327.789152][ T6870] loop4: rw=524288, want=58848, limit=40427
[  327.807249][ T6870] attempt to access beyond end of device
[  327.807249][ T6870] loop4: rw=524288, want=58856, limit=40427
[  327.818951][ T6870] attempt to access beyond end of device
[  327.818951][ T6870] loop4: rw=524288, want=58864, limit=40427
[  327.831887][ T6870] attempt to access beyond end of device
[  327.831887][ T6870] loop4: rw=524288, want=58872, limit=40427
[  327.844409][ T6870] attempt to access beyond end of device
[  327.844409][ T6870] loop4: rw=524288, want=58880, limit=40427
[  327.857782][ T6870] attempt to access beyond end of device
[  327.857782][ T6870] loop4: rw=524288, want=58888, limit=40427
[  327.923217][ T8581] loop1: detected capacity change from 0 to 256
[  327.995613][ T3792] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.018855][ T3792] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.180891][ T3895] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  328.202224][ T3585] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.227313][ T3585] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.304216][ T8027] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  328.331974][ T8586] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  328.439287][ T8591] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1239'.
[  328.871905][ T8598] MPI: mpi too large (30216 bits)
[  329.611382][ T8285] Bluetooth: hci0: command 0x0406 tx timeout
[  329.791703][ T8576] loop3: detected capacity change from 0 to 32768
[  329.844683][ T8614] loop1: detected capacity change from 0 to 4096
[  329.990598][ T8624] loop2: detected capacity change from 0 to 256
[  330.023241][ T8576] ERROR: (device loop3): dtSearch: DT_GETPAGE: dtree page corrupt
[  330.023241][ T8576] 
[  330.073487][ T8624] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  330.096636][ T8576] ERROR: (device loop3): remounting filesystem as read-only
[  330.139970][ T8576] jfs_lookup: dtSearch returned -5
[  330.160106][ T8626] ERROR: (device loop3): dtReadFirst: DT_GETPAGE: dtree page corrupt
[  330.160106][ T8626] 
[  330.455363][ T7088] device hsr_slave_0 left promiscuous mode
[  330.513061][ T7088] device hsr_slave_1 left promiscuous mode
[  330.523874][ T7088] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.676024][ T7088] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.727473][ T7088] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  331.590940][ T7088] batman_adv: batadv0: Removing interface: batadv_slave_1
[  331.634005][ T7088] device bridge_slave_1 left promiscuous mode
[  331.659384][ T7088] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.701557][ T7088] device bridge_slave_0 left promiscuous mode
[  331.725641][ T7088] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.767457][ T7088] device veth1_macvtap left promiscuous mode
[  331.794152][ T7088] device veth0_macvtap left promiscuous mode
[  331.810026][ T7088] device veth1_vlan left promiscuous mode
[  331.816254][ T7088] device veth0_vlan left promiscuous mode
[  332.106208][ T8659] loop1: detected capacity change from 0 to 128
[  332.112913][ T6870] handle_bad_sector: 7751 callbacks suppressed
[  332.112933][ T6870] attempt to access beyond end of device
[  332.112933][ T6870] loop4: rw=0, want=57416, limit=40427
[  332.159572][ T6870] attempt to access beyond end of device
[  332.159572][ T6870] loop4: rw=0, want=57424, limit=40427
[  332.830694][ T6870] attempt to access beyond end of device
[  332.830694][ T6870] loop4: rw=0, want=57432, limit=40427
[  332.945089][ T6870] attempt to access beyond end of device
[  332.945089][ T6870] loop4: rw=0, want=57440, limit=40427
[  333.007534][ T6870] attempt to access beyond end of device
[  333.007534][ T6870] loop4: rw=0, want=57448, limit=40427
[  333.054799][ T8659] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  333.070705][ T8659] ext4 filesystem being mounted at /71/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  333.104058][ T6870] attempt to access beyond end of device
[  333.104058][ T6870] loop4: rw=0, want=57456, limit=40427
[  333.137291][ T6870] attempt to access beyond end of device
[  333.137291][ T6870] loop4: rw=0, want=57464, limit=40427
[  333.174305][ T6870] attempt to access beyond end of device
[  333.174305][ T6870] loop4: rw=0, want=57472, limit=40427
[  333.200108][ T6870] attempt to access beyond end of device
[  333.200108][ T6870] loop4: rw=0, want=57480, limit=40427
[  333.213206][ T6870] attempt to access beyond end of device
[  333.213206][ T6870] loop4: rw=0, want=57488, limit=40427
[  333.445775][ T7088] team0 (unregistering): Port device team_slave_1 removed
[  333.512257][ T7088] team0 (unregistering): Port device team_slave_0 removed
[  333.550867][ T7088] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.600958][ T7088] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  333.900504][ T7088] bond0 (unregistering): Released all slaves
[  336.464801][ T8721] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1285'.
[  336.541736][ T8721] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  336.551653][ T8721] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  336.560456][ T8721] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  336.569214][ T8721] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  336.579262][ T4546] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  336.587434][ T8721] device vxlan0 entered promiscuous mode
[  337.119998][ T6870] handle_bad_sector: 9608 callbacks suppressed
[  337.120022][ T6870] attempt to access beyond end of device
[  337.120022][ T6870] loop4: rw=524288, want=58584, limit=40427
[  337.258244][ T6870] attempt to access beyond end of device
[  337.258244][ T6870] loop4: rw=524288, want=58592, limit=40427
[  337.296876][ T6870] attempt to access beyond end of device
[  337.296876][ T6870] loop4: rw=524288, want=58600, limit=40427
[  337.342921][ T6870] attempt to access beyond end of device
[  337.342921][ T6870] loop4: rw=524288, want=58608, limit=40427
[  337.383108][ T8733] QAT: failed to copy from user cfg_data.
[  337.426127][ T6870] attempt to access beyond end of device
[  337.426127][ T6870] loop4: rw=524288, want=58616, limit=40427
[  337.437979][ T4546] usb 3-1: Using ep0 maxpacket: 32
[  337.549832][ T6870] attempt to access beyond end of device
[  337.549832][ T6870] loop4: rw=524288, want=58624, limit=40427
[  337.579166][ T4546] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  337.587571][ T4546] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  337.630270][ T6870] attempt to access beyond end of device
[  337.630270][ T6870] loop4: rw=524288, want=58632, limit=40427
[  337.648760][ T4546] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  337.698991][ T4546] usb 3-1: config 1 has no interface number 0
[  337.705147][ T4546] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  337.739142][ T6870] attempt to access beyond end of device
[  337.739142][ T6870] loop4: rw=524288, want=58640, limit=40427
[  337.767650][ T4546] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  337.800173][ T6870] attempt to access beyond end of device
[  337.800173][ T6870] loop4: rw=524288, want=58648, limit=40427
[  337.818974][ T4546] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  337.838134][ T4546] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.949235][ T6870] attempt to access beyond end of device
[  337.949235][ T6870] loop4: rw=524288, want=58656, limit=40427
[  338.122794][ T4546] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  338.296145][ T8753] device macsec0 entered promiscuous mode
[  338.319586][ T8758] QAT: failed to copy from user cfg_data.
[  339.719719][ T4546] snd_usb_pod 3-1:1.1: set_interface failed
[  339.726950][ T4546] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  339.789309][ T4546] snd_usb_pod: probe of 3-1:1.1 failed with error -71
[  339.839255][ T4546] usb 3-1: USB disconnect, device number 12
[  340.630352][ T8800] device erspan0 entered promiscuous mode
[  340.632554][ T8767] loop3: detected capacity change from 0 to 40427
[  340.672723][ T8800] device lo entered promiscuous mode
[  340.700645][ T8800] device macsec0 entered promiscuous mode
[  340.720810][ T8799] device macsec0 left promiscuous mode
[  340.751147][ T8799] device lo left promiscuous mode
[  340.787373][ T8767] F2FS-fs (loop3): Invalid segment/section count (31, 24 x 1)
[  340.814004][ T8799] device erspan0 left promiscuous mode
[  340.840079][ T8767] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  340.889944][ T8767] F2FS-fs (loop3): invalid crc value
[  340.934612][ T8767] F2FS-fs (loop3): Found nat_bits in checkpoint
[  341.140801][ T8767] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  341.147917][ T8767] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  341.776009][ T8825] device macsec0 entered promiscuous mode
[  341.826633][ T8827] device erspan0 entered promiscuous mode
[  341.898075][ T8827] device lo entered promiscuous mode
[  341.946737][ T8827] device macsec0 entered promiscuous mode
[  341.970100][ T8826] device macsec0 left promiscuous mode
[  342.009331][ T8826] device lo left promiscuous mode
[  342.044800][ T8826] device erspan0 left promiscuous mode
[  342.136823][ T6870] handle_bad_sector: 6157 callbacks suppressed
[  342.136843][ T6870] attempt to access beyond end of device
[  342.136843][ T6870] loop4: rw=524288, want=58752, limit=40427
[  342.249319][ T6870] attempt to access beyond end of device
[  342.249319][ T6870] loop4: rw=524288, want=58760, limit=40427
[  342.375415][ T6870] attempt to access beyond end of device
[  342.375415][ T6870] loop4: rw=524288, want=58768, limit=40427
[  342.441573][ T6870] attempt to access beyond end of device
[  342.441573][ T6870] loop4: rw=524288, want=58776, limit=40427
[  342.519158][ T6870] attempt to access beyond end of device
[  342.519158][ T6870] loop4: rw=524288, want=58784, limit=40427
[  342.562807][ T6870] attempt to access beyond end of device
[  342.562807][ T6870] loop4: rw=524288, want=58792, limit=40427
[  342.625708][ T6870] attempt to access beyond end of device
[  342.625708][ T6870] loop4: rw=524288, want=58800, limit=40427
[  342.694257][ T6870] attempt to access beyond end of device
[  342.694257][ T6870] loop4: rw=524288, want=58808, limit=40427
[  342.727576][ T6870] attempt to access beyond end of device
[  342.727576][ T6870] loop4: rw=524288, want=58816, limit=40427
[  342.802475][ T6870] attempt to access beyond end of device
[  342.802475][ T6870] loop4: rw=524288, want=58824, limit=40427
[  343.046878][ T8857] loop3: detected capacity change from 0 to 4096
[  343.059082][ T3895] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  343.247055][ T8847] loop1: detected capacity change from 0 to 40427
[  343.309142][ T3895] usb 5-1: Using ep0 maxpacket: 32
[  343.348358][ T8847] F2FS-fs (loop1): Invalid segment/section count (31, 24 x 1)
[  343.377635][ T8847] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  343.445593][ T8847] F2FS-fs (loop1): invalid crc value
[  343.469267][ T3895] usb 5-1: config index 0 descriptor too short (expected 26, got 18)
[  343.477561][ T3895] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  343.488436][ T8847] F2FS-fs (loop1): Found nat_bits in checkpoint
[  343.536162][ T3895] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.570721][ T3895] usb 5-1: config 0 descriptor??
[  343.608242][ T8868] device erspan0 entered promiscuous mode
[  343.636423][ T8868] device lo entered promiscuous mode
[  343.656190][ T8867] device lo left promiscuous mode
[  343.663106][ T8867] device erspan0 left promiscuous mode
[  343.678680][ T8847] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  343.679455][ T3895] as10x_usb: device has been detected
[  343.686210][ T8847] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  343.732422][ T3895] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  343.851611][ T3895] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  343.882561][ T8877] loop2: detected capacity change from 0 to 512
[  344.010813][ T3895] as10x_usb: error during firmware upload part1
[  344.020077][ T3895] Registered device nBox DVB-T Dongle
[  344.020259][ T8877] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  344.063022][ T8877] EXT4-fs (loop2): orphan cleanup on readonly fs
[  344.084496][ T8877] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #16: comm syz.2.1348: iget: immutable or append flags not allowed on symlinks
[  344.147605][ T8877] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1348: couldn't read orphan inode 16 (err -117)
[  344.163076][   T26] audit: type=1326 audit(1721659867.226:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.0.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5276dde99 code=0x7fc00000
[  344.285346][ T8877] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  344.335757][ T3895] usb 5-1: USB disconnect, device number 7
[  344.479423][ T3895] Unregistered device nBox DVB-T Dongle
[  344.492994][ T3895] as10x_usb: device has been disconnected
[  344.658254][ T8892] 9pnet: Insufficient options for proto=fd
[  345.349857][ T8899] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  345.898439][ T8909] device erspan0 entered promiscuous mode
[  345.941516][ T8913] netlink: 'syz.1.1359': attribute type 29 has an invalid length.
[  345.959422][ T8909] device lo entered promiscuous mode
[  345.993301][ T8913] netlink: 'syz.1.1359': attribute type 29 has an invalid length.
[  346.033672][ T8909] device macsec0 entered promiscuous mode
[  346.055527][ T8914] netlink: 'syz.1.1359': attribute type 29 has an invalid length.
[  346.077834][ T8908] device macsec0 left promiscuous mode
[  346.143589][ T8908] device lo left promiscuous mode
[  346.148863][ T8908] device erspan0 left promiscuous mode
[  347.223161][ T6870] handle_bad_sector: 9033 callbacks suppressed
[  347.223183][ T6870] attempt to access beyond end of device
[  347.223183][ T6870] loop4: rw=524288, want=57352, limit=40427
[  347.249087][ T6870] attempt to access beyond end of device
[  347.249087][ T6870] loop4: rw=524288, want=57360, limit=40427
[  347.266331][ T8926] loop2: detected capacity change from 0 to 512
[  347.345820][ T6870] attempt to access beyond end of device
[  347.345820][ T6870] loop4: rw=524288, want=57368, limit=40427
[  347.420537][ T8926] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  347.437802][ T6870] attempt to access beyond end of device
[  347.437802][ T6870] loop4: rw=524288, want=57376, limit=40427
[  347.440803][ T8926] EXT4-fs (loop2): orphan cleanup on readonly fs
[  347.490511][ T8926] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #16: comm syz.2.1364: iget: immutable or append flags not allowed on symlinks
[  347.509457][ T8931] loop3: detected capacity change from 0 to 4096
[  347.523911][ T8926] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1364: couldn't read orphan inode 16 (err -117)
[  347.546363][ T6870] attempt to access beyond end of device
[  347.546363][ T6870] loop4: rw=524288, want=57384, limit=40427
[  347.591488][ T8926] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  347.635196][ T6870] attempt to access beyond end of device
[  347.635196][ T6870] loop4: rw=524288, want=57392, limit=40427
[  347.712318][ T6870] attempt to access beyond end of device
[  347.712318][ T6870] loop4: rw=524288, want=57400, limit=40427
[  347.855991][ T6870] attempt to access beyond end of device
[  347.855991][ T6870] loop4: rw=524288, want=57408, limit=40427
[  347.867843][ T6870] attempt to access beyond end of device
[  347.867843][ T6870] loop4: rw=524288, want=57416, limit=40427
[  347.880334][ T6870] attempt to access beyond end of device
[  347.880334][ T6870] loop4: rw=524288, want=57424, limit=40427
[  348.055303][ T8938] 9pnet: Insufficient options for proto=fd
[  348.101828][   T26] audit: type=1326 audit(1721659871.156:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1355" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe5276dde99 code=0x0
[  348.553059][ T8921] loop1: detected capacity change from 0 to 32768
[  348.670641][ T8921] XFS: noikeep mount option is deprecated.
[  348.690078][ T8943] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  348.765561][ T8937] loop3: detected capacity change from 0 to 8192
[  348.826793][ T8921] XFS (loop1): Mounting V5 Filesystem
[  348.857009][ T8937] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  348.884149][ T8954] netlink: 'syz.2.1370': attribute type 29 has an invalid length.
[  348.924003][ T8937] REISERFS (device loop3): using ordered data mode
[  348.949060][ T8937] reiserfs: using flush barriers
[  348.955292][ T8954] netlink: 'syz.2.1370': attribute type 29 has an invalid length.
[  348.982264][ T8959] netlink: 'syz.2.1370': attribute type 29 has an invalid length.
[  349.027176][ T8921] XFS (loop1): Ending clean mount
[  349.042790][ T8921] XFS (loop1): Quotacheck needed: Please wait.
[  349.049404][ T8937] REISERFS warning (device loop3): sh-462 check_advise_trans_params: bad transaction max size (240). FSCK?
[  349.150272][ T8937] REISERFS warning (device loop3): sh-2022 reiserfs_fill_super: unable to initialize journal space
[  349.171458][ T8921] XFS (loop1): Quotacheck: Done.
[  349.338997][ T8967] ipt_REJECT: TCP_RESET invalid for non-tcp
[  349.904762][ T8978] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  349.931078][   T26] audit: type=1326 audit(1721659872.916:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.1.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb08cece99 code=0x7fc00000
[  350.028063][ T8985] loop7: detected capacity change from 0 to 16384
[  350.159889][ T7108] XFS (loop1): Unmounting Filesystem
[  350.229658][ T8990] netlink: 'syz.3.1384': attribute type 29 has an invalid length.
[  350.237903][ T8990] netlink: 'syz.3.1384': attribute type 29 has an invalid length.
[  350.252749][ T8990] netlink: 'syz.3.1384': attribute type 29 has an invalid length.
[  350.717757][ T9000] hub 6-0:1.0: USB hub found
[  350.728509][ T9000] hub 6-0:1.0: 1 port detected
[  350.825301][ T9000] mip6: mip6_rthdr_init_state: state's mode is not 2: 4
[  351.463447][ T9004] ipt_REJECT: TCP_RESET invalid for non-tcp
[  351.586502][ T9010] loop3: detected capacity change from 0 to 256
[  352.279092][ T6870] handle_bad_sector: 9776 callbacks suppressed
[  352.279111][ T6870] attempt to access beyond end of device
[  352.279111][ T6870] loop4: rw=524288, want=57816, limit=40427
[  352.309102][ T6870] attempt to access beyond end of device
[  352.309102][ T6870] loop4: rw=524288, want=57824, limit=40427
[  352.339152][ T6870] attempt to access beyond end of device
[  352.339152][ T6870] loop4: rw=524288, want=57832, limit=40427
[  352.408155][ T9026] MTD: Couldn't look up '': -22
[  352.413414][ T6870] attempt to access beyond end of device
[  352.413414][ T6870] loop4: rw=524288, want=57840, limit=40427
[  352.434243][ T9026] : Can't open blockdev
[  352.450386][ T6870] attempt to access beyond end of device
[  352.450386][ T6870] loop4: rw=524288, want=57848, limit=40427
[  352.539099][ T6870] attempt to access beyond end of device
[  352.539099][ T6870] loop4: rw=524288, want=57856, limit=40427
[  352.539466][ T4546] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  352.587249][ T6870] attempt to access beyond end of device
[  352.587249][ T6870] loop4: rw=524288, want=57864, limit=40427
[  352.632016][ T6870] attempt to access beyond end of device
[  352.632016][ T6870] loop4: rw=524288, want=57872, limit=40427
[  352.652989][ T6870] attempt to access beyond end of device
[  352.652989][ T6870] loop4: rw=524288, want=57880, limit=40427
[  352.671557][ T6870] attempt to access beyond end of device
[  352.671557][ T6870] loop4: rw=524288, want=57888, limit=40427
[  352.859101][ T4546] usb 1-1: Using ep0 maxpacket: 8
[  352.940853][ T9040] netlink: 'syz.2.1401': attribute type 11 has an invalid length.
[  352.963268][ T9018] loop1: detected capacity change from 0 to 40427
[  352.979528][ T4546] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  352.998948][ T4546] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  353.018939][ T4546] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  353.041939][ T4546] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  353.071178][ T9018] F2FS-fs (loop1): invalid crc value
[  353.081149][ T4546] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  353.098968][ T4546] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.141103][ T9018] F2FS-fs (loop1): Found nat_bits in checkpoint
[  353.332828][ T9018] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  353.364735][ T9018] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  353.409103][ T4546] usb 1-1: GET_CAPABILITIES returned 0
[  353.414638][ T4546] usbtmc 1-1:16.0: can't read capabilities
[  354.476565][   T26] audit: type=1326 audit(1721659877.536:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9017 comm="syz.1.1382" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb08cece99 code=0x0
[  354.597857][ T9061] F2FS-fs (loop1): user quota file already specified
[  354.636300][ T4546] usb 1-1: USB disconnect, device number 6
[  354.763826][ T9065] MTD: Couldn't look up '': -22
[  354.770062][ T9065] : Can't open blockdev
[  354.928413][ T3895] Bluetooth: hci4: command 0x0406 tx timeout
[  354.972943][ T9070] "syz.3.1411" (9070) uses obsolete ecb(arc4) skcipher
[  355.078995][ T8027] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  355.211067][ T9072] loop3: detected capacity change from 0 to 512
[  355.344435][ T9080] loop1: detected capacity change from 0 to 256
[  355.359051][ T8027] usb 3-1: Using ep0 maxpacket: 32
[  355.437271][   T26] audit: type=1326 audit(1721659878.496:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9021 comm="syz.4.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04e77fe99 code=0x7fc00000
[  355.704556][ T8027] usb 3-1: New USB device found, idVendor=0856, idProduct=bc01, bcdDevice=e5.a5
[  355.727415][ T8027] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  355.759255][ T8027] usb 3-1: Product: syz
[  355.767116][ T8027] usb 3-1: Manufacturer: syz
[  355.784733][ T8027] usb 3-1: SerialNumber: syz
[  355.830215][ T8027] usb 3-1: config 0 descriptor??
[  355.939703][ T9093] loop1: detected capacity change from 0 to 512
[  356.096414][ T9093] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.1417: casefold flag without casefold feature
[  356.147261][ T9093] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.1417: missing EA_INODE flag
[  356.167393][ T3552] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  356.187866][ T9093] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1417: error while reading EA inode 2 err=-117
[  356.214985][ T9093] EXT4-fs (loop1): 1 orphan inode deleted
[  356.237511][ T8027] mos7840 3-1:0.0: required endpoints missing
[  356.266344][ T9093] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  356.278125][ T8027] usb 3-1: USB disconnect, device number 13
[  356.459126][ T3552] usb 4-1: Using ep0 maxpacket: 32
[  356.779428][ T3552] usb 4-1: New USB device found, idVendor=05ac, idProduct=0254, bcdDevice=ca.76
[  356.788549][ T3552] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  356.829660][ T3552] usb 4-1: Product: syz
[  356.833962][ T3552] usb 4-1: Manufacturer: syz
[  356.838582][ T3552] usb 4-1: SerialNumber: syz
[  356.888393][ T3552] usb 4-1: config 0 descriptor??
[  357.122093][ T3552] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input18
[  357.244476][ T9129] hub 6-0:1.0: USB hub found
[  357.250020][ T9129] hub 6-0:1.0: 1 port detected
[  357.298856][ T9129] mip6: mip6_rthdr_init_state: state's mode is not 2: 4
[  357.367584][ T6870] handle_bad_sector: 16343 callbacks suppressed
[  357.380651][ T6870] attempt to access beyond end of device
[  357.380651][ T6870] loop4: rw=524288, want=57560, limit=40427
[  357.609693][ T9091] udc-core: couldn't find an available UDC or it's busy
[  357.884816][ T6870] attempt to access beyond end of device
[  357.884816][ T6870] loop4: rw=524288, want=57568, limit=40427
[  357.914945][ T9091] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  357.937015][ T6870] attempt to access beyond end of device
[  357.937015][ T6870] loop4: rw=524288, want=57576, limit=40427
[  357.952847][ T6870] attempt to access beyond end of device
[  357.952847][ T6870] loop4: rw=524288, want=57584, limit=40427
[  357.976443][ T6870] attempt to access beyond end of device
[  357.976443][ T6870] loop4: rw=524288, want=57592, limit=40427
[  358.013577][ T6870] attempt to access beyond end of device
[  358.013577][ T6870] loop4: rw=524288, want=57600, limit=40427
[  358.039141][ T2947] bcm5974 4-1:0.0: could not read from device
[  358.079525][ T6870] attempt to access beyond end of device
[  358.079525][ T6870] loop4: rw=524288, want=57608, limit=40427
[  358.081509][ T3552] usb 4-1: USB disconnect, device number 6
[  358.180839][ T6870] attempt to access beyond end of device
[  358.180839][ T6870] loop4: rw=524288, want=57616, limit=40427
[  358.236751][ T6870] attempt to access beyond end of device
[  358.236751][ T6870] loop4: rw=524288, want=57624, limit=40427
[  358.250610][ T6870] attempt to access beyond end of device
[  358.250610][ T6870] loop4: rw=524288, want=57632, limit=40427
[  358.464401][ T8027] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  358.739214][ T8027] usb 3-1: Using ep0 maxpacket: 32
[  359.201245][ T9179] loop1: detected capacity change from 0 to 1024
[  359.229311][   T27] INFO: task syz.4.869:6874 blocked for more than 143 seconds.
[  359.249029][   T27]       Not tainted 5.15.163-syzkaller #0
[  359.254787][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  359.259226][ T8027] usb 3-1: New USB device found, idVendor=0856, idProduct=bc01, bcdDevice=e5.a5
[  359.282243][ T8027] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  359.314854][ T8027] usb 3-1: Product: syz
[  359.330265][   T27] task:syz.4.869       state:D stack:27160 pid: 6874 ppid:  5933 flags:0x00004004
[  359.341746][ T8027] usb 3-1: Manufacturer: syz
[  359.356348][ T8027] usb 3-1: SerialNumber: syz
[  359.366021][   T27] Call Trace:
[  359.381095][   T27]  <TASK>
[  359.384246][ T8027] usb 3-1: config 0 descriptor??
[  359.395585][   T27]  __schedule+0x12c4/0x45b0
[  359.401615][   T27]  ? release_firmware_map_entry+0x190/0x190
[  359.407815][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  359.414486][   T27]  ? print_irqtrace_events+0x210/0x210
[  359.421442][   T27]  ? _raw_spin_lock_irq+0xdb/0x110
[  359.435561][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  359.450788][   T27]  schedule+0x11b/0x1f0
[  359.455116][   T27]  rwsem_down_write_slowpath+0xf0c/0x16a0
[  359.471553][   T27]  ? rwsem_write_trylock+0x210/0x210
[  359.480205][   T27]  ? read_lock_is_recursive+0x10/0x10
[  359.485735][   T27]  ? rwsem_write_trylock+0x166/0x210
[  359.502430][   T27]  ? clear_nonspinnable+0x60/0x60
[  359.508362][   T27]  process_measurement+0x443/0x21c0
[  359.524784][   T27]  ? mark_lock+0x98/0x340
[  359.530555][   T27]  ? mark_lock+0x98/0x340
[  359.535035][   T27]  ? ima_file_mmap+0x1c0/0x1c0
[  359.540491][   T27]  ? apparmor_task_getsecid+0xb2/0x110
[  359.546097][   T27]  ima_file_check+0xf3/0x180
[  359.551525][   T27]  ? do_dentry_open+0xc15/0xfb0
[  359.556792][   T27]  ? ima_bprm_check+0x2b0/0x2b0
[  359.562634][   T27]  path_openat+0x2748/0x2f20
[  359.567569][   T27]  ? do_filp_open+0x460/0x460
[  359.572807][   T27]  do_filp_open+0x21c/0x460
[  359.577585][   T27]  ? vfs_tmpfile+0x2e0/0x2e0
[  359.582870][   T27]  ? _raw_spin_unlock+0x24/0x40
[  359.587843][   T27]  ? alloc_fd+0x594/0x630
[  359.592747][   T27]  do_sys_openat2+0x13b/0x4f0
[  359.597556][   T27]  ? do_sys_open+0x220/0x220
[  359.602633][   T27]  __x64_sys_openat+0x243/0x290
[  359.607766][   T27]  ? __ia32_sys_open+0x270/0x270
[  359.613379][   T27]  ? syscall_enter_from_user_mode+0x2e/0x240
[  359.620488][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  359.625822][   T27]  ? syscall_enter_from_user_mode+0x2e/0x240
[  359.633122][   T27]  do_syscall_64+0x3b/0xb0
[  359.637669][   T27]  ? clear_bhb_loop+0x15/0x70
[  359.650010][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  359.656211][   T27] RIP: 0033:0x7f73f776ce99
[  359.661182][   T27] RSP: 002b:00007f73f61ab048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  359.670223][   T27] RAX: ffffffffffffffda RBX: 00007f73f78fd110 RCX: 00007f73f776ce99
[  359.678537][   T27] RDX: 0000000000020242 RSI: 0000000020000380 RDI: ffffffffffffff9c
[  359.687939][   T27] RBP: 00007f73f77dbe5d R08: 0000000000000000 R09: 0000000000000000
[  359.702677][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  359.719508][   T27] R13: 000000000000006e R14: 00007f73f78fd110 R15: 00007ffc12a81418
[  359.731257][   T27]  </TASK>
[  359.734431][   T27] 
[  359.734431][   T27] Showing all locks held in the system:
[  359.742801][   T27] 1 lock held by khungtaskd/27:
[  359.747778][   T27]  #0: ffffffff8c91fb20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  359.757705][ T8027] mos7840 3-1:0.0: required endpoints missing
[  359.764752][   T27] 1 lock held by udevd/2962:
[  359.772588][ T8027] usb 3-1: USB disconnect, device number 14
[  359.778669][   T27]  #0: ffff88801b6f3918 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x14d/0xa50
[  359.792535][   T27] 2 locks held by getty/3263:
[  359.797353][   T27]  #0: ffff88802477a098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  359.807664][   T27]  #1: ffffc9000209b2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6af/0x1db0
[  359.818791][   T27] 4 locks held by kworker/u4:5/3567:
[  359.824464][   T27]  #0: ffff8881421e9138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  359.836079][   T27]  #1: ffffc90003597d20 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  359.849818][   T27]  #2: ffff88801a0f20e0 (&type->s_umount_key#98){++++}-{3:3}, at: trylock_super+0x1b/0xf0
[  359.869605][   T27]  #3: ffff888014dcd108 (&sbi->gc_lock){+.+.}-{3:3}, at: f2fs_balance_fs+0x4d4/0x6a0
[  359.881222][   T27] 6 locks held by syz.4.869/6870:
[  359.886353][   T27] 2 locks held by syz.4.869/6874:
[  359.891810][   T27]  #0: ffff88801a0f2460 (sb_writers#30){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80
[  359.901638][   T27]  #1: ffff888063e39dd0 (&sb->s_type->i_mutex_key#37){+.+.}-{3:3}, at: process_measurement+0x443/0x21c0
[  359.913250][   T27] 3 locks held by kworker/1:20/8027:
[  359.918625][   T27]  #0: ffff888141bf4938 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  359.929947][   T27]  #1: ffffc90004457d20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  359.942602][   T27]  #2: ffff8881478b0220 (&dev->mutex){....}-{3:3}, at: hub_event+0x208/0x54c0
[  359.952679][   T27] 2 locks held by syz.1.1452/9179:
[  359.957957][   T27]  #0: ffff88801b6f3918 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xfb/0x790
[  359.979145][   T27]  #1: ffff888147158468 (&lo->lo_mutex){+.+.}-{3:3}, at: lo_release+0x4d/0x1f0
[  359.996391][   T27] 
[  359.998823][   T27] =============================================
[  359.998823][   T27] 
[  360.010402][   T27] NMI backtrace for cpu 1
[  360.014749][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.163-syzkaller #0
[  360.022737][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  360.024806][ T9179] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  360.032831][   T27] Call Trace:
[  360.032843][   T27]  <TASK>
[  360.032852][   T27]  dump_stack_lvl+0x1e3/0x2d0
[  360.032881][   T27]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  360.032918][   T27]  ? panic+0x860/0x860
[  360.032945][   T27]  ? nmi_cpu_backtrace+0x23b/0x4a0
[  360.032972][   T27]  nmi_cpu_backtrace+0x46a/0x4a0
[  360.032993][   T27]  ? __wake_up_klogd+0xd5/0x100
[  360.033019][   T27]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  360.033041][   T27]  ? _printk+0xd1/0x120
[  360.033063][   T27]  ? panic+0x860/0x860
[  360.033085][   T27]  ? __wake_up_klogd+0xcc/0x100
[  360.033106][   T27]  ? panic+0x860/0x860
[  360.033129][   T27]  ? __rcu_read_unlock+0x92/0x100
[  360.099125][ T9179] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  360.101445][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  360.101475][   T27]  nmi_trigger_cpumask_backtrace+0x181/0x2a0
[  360.101500][   T27]  watchdog+0xe72/0xeb0
[  360.132573][   T27]  kthread+0x3f6/0x4f0
[  360.136665][   T27]  ? hungtask_pm_notify+0x50/0x50
[  360.141708][   T27]  ? kthread_blkcg+0xd0/0xd0
[  360.146316][   T27]  ret_from_fork+0x1f/0x30
[  360.150762][   T27]  </TASK>
[  360.154901][   T27] Sending NMI from CPU 1 to CPUs 0:
[  360.160318][    C0] NMI backtrace for cpu 0
[  360.160329][    C0] CPU: 0 PID: 3584 Comm: kworker/u4:6 Not tainted 5.15.163-syzkaller #0
[  360.160348][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  360.160358][    C0] Workqueue: phy31 ieee80211_iface_work
[  360.160380][    C0] RIP: 0010:unwind_next_frame+0x524/0x1fa0
[  360.160403][    C0] Code: 29 f0 48 89 c1 48 c1 f9 02 48 c1 e8 3f 48 01 c8 48 83 e0 fe 49 8d 1c 46 48 89 d8 48 c1 e8 03 0f b6 04 10 84 c0 75 27 48 63 03 <48> 01 d8 48 8d 4b 04 4c 39 e8 4c 0f 46 f1 48 8d 43 fc 48 0f 47 e8
[  360.160418][    C0] RSP: 0018:ffffc9000115eee8 EFLAGS: 00000246
[  360.160431][    C0] RAX: fffffffff3d096c3 RBX: ffffffff8df994e4 RCX: 0000000000000009
[  360.160444][    C0] RDX: dffffc0000000000 RSI: ffffffff8e647fc8 RDI: ffffffff8df994d4
[  360.160458][    C0] RBP: ffffffff8df994f8 R08: 000000000000000a R09: ffffc9000115f090
[  360.160470][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffff8df994d4
[  360.160482][    C0] R13: ffffffff81ca2b69 R14: ffffffff8df994d4 R15: ffffc9000115efa0
[  360.160496][    C0] FS:  0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
[  360.160511][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  360.160523][    C0] CR2: 00007fbb08cd00a0 CR3: 000000007c48f000 CR4: 00000000003506f0
[  360.160538][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  360.160548][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  360.160559][    C0] Call Trace:
[  360.160564][    C0]  <NMI>
[  360.160569][    C0]  ? nmi_cpu_backtrace+0x39f/0x4a0
[  360.160588][    C0]  ? read_lock_is_recursive+0x10/0x10
[  360.160607][    C0]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  360.160626][    C0]  ? unknown_nmi_error+0xd0/0xd0
[  360.160652][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  360.160669][    C0]  ? nmi_handle+0xf7/0x370
[  360.160687][    C0]  ? unwind_next_frame+0x524/0x1fa0
[  360.160705][    C0]  ? default_do_nmi+0x62/0x150
[  360.160724][    C0]  ? exc_nmi+0xa8/0x100
[  360.160741][    C0]  ? end_repeat_nmi+0x16/0x31
[  360.160758][    C0]  ? kasan_record_aux_stack+0xb9/0x100
[  360.160782][    C0]  ? unwind_next_frame+0x524/0x1fa0
[  360.160800][    C0]  ? unwind_next_frame+0x524/0x1fa0
[  360.160820][    C0]  ? unwind_next_frame+0x524/0x1fa0
[  360.160837][    C0]  </NMI>
[  360.160842][    C0]  <TASK>
[  360.160851][    C0]  ? kasan_record_aux_stack+0xba/0x100
[  360.160870][    C0]  ? stack_trace_save+0x1c0/0x1c0
[  360.160888][    C0]  arch_stack_walk+0x10d/0x140
[  360.160909][    C0]  ? kasan_record_aux_stack+0xba/0x100
[  360.160935][    C0]  stack_trace_save+0x113/0x1c0
[  360.160954][    C0]  ? stack_trace_snprint+0xe0/0xe0
[  360.160978][    C0]  kasan_save_stack+0x36/0x60
[  360.160997][    C0]  ? kasan_save_stack+0x36/0x60
[  360.161026][    C0]  ? kasan_record_aux_stack+0xba/0x100
[  360.161067][    C0]  kasan_record_aux_stack+0xba/0x100
[  360.161084][    C0]  kvfree_call_rcu+0x118/0x8a0
[  360.161101][    C0]  ? read_lock_is_recursive+0x10/0x10
[  360.161118][    C0]  ? call_rcu+0xa70/0xa70
[  360.161133][    C0]  ? do_raw_spin_lock+0x14a/0x370
[  360.161151][    C0]  ? cmp_bss+0x2cb/0xde0
[  360.161174][    C0]  cfg80211_update_known_bss+0x16b/0x9e0
[  360.161197][    C0]  cfg80211_bss_update+0x187/0x21e0
[  360.161224][    C0]  ? __kmalloc+0x168/0x300
[  360.161239][    C0]  ? cfg80211_inform_bss_frame_data+0x4f8/0x20f0
[  360.161259][    C0]  ? cfg80211_inform_bss_frame_data+0x6e6/0x20f0
[  360.161282][    C0]  cfg80211_inform_bss_frame_data+0xa13/0x20f0
[  360.161314][    C0]  ? cfg80211_parse_mbssid_data+0x3410/0x3410
[  360.161343][    C0]  ? __lock_acquire+0x1ff0/0x1ff0
[  360.161367][    C0]  ieee80211_bss_info_update+0x7a6/0xc80
[  360.161390][    C0]  ? ieee80211_rx_bss_put+0x60/0x60
[  360.161415][    C0]  ieee80211_ibss_rx_queued_mgmt+0x175e/0x2af0
[  360.161436][    C0]  ? mark_lock+0x98/0x340
[  360.161460][    C0]  ? ieee80211_ibss_rx_no_sta+0x720/0x720
[  360.161480][    C0]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  360.161496][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  360.161514][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  360.161530][    C0]  ? _raw_spin_unlock+0x40/0x40
[  360.161547][    C0]  ? kcov_remote_start+0x76/0x490
[  360.161567][    C0]  ? kcov_remote_start+0xf9/0x490
[  360.161586][    C0]  ieee80211_iface_work+0x78f/0xcc0
[  360.161606][    C0]  process_one_work+0x8a1/0x10c0
[  360.161632][    C0]  ? worker_detach_from_pool+0x260/0x260
[  360.161652][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  360.161672][    C0]  ? kthread_data+0x4e/0xc0
[  360.161689][    C0]  ? wq_worker_running+0x97/0x170
[  360.161706][    C0]  worker_thread+0xaca/0x1280
[  360.161736][    C0]  kthread+0x3f6/0x4f0
[  360.161750][    C0]  ? rcu_lock_release+0x20/0x20
[  360.161767][    C0]  ? kthread_blkcg+0xd0/0xd0
[  360.161783][    C0]  ret_from_fork+0x1f/0x30
[  360.161808][    C0]  </TASK>
[  360.633373][ T9179] EXT4-fs error (device loop1): ext4_get_journal_inode:5159: inode #5: comm syz.1.1452: unexpected bad inode w/o EXT4_IGET_BAD
[  360.648848][ T9179] EXT4-fs (loop1): no journal found
[  360.654766][ T9179] EXT4-fs (loop1): can't get journal size
[  360.663181][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  360.670039][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.163-syzkaller #0
[  360.678028][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  360.688092][   T27] Call Trace:
[  360.691484][   T27]  <TASK>
[  360.694422][   T27]  dump_stack_lvl+0x1e3/0x2d0
[  360.699216][   T27]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  360.704864][   T27]  ? panic+0x860/0x860
[  360.708959][   T27]  panic+0x318/0x860
[  360.712862][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  360.718529][   T27]  ? nmi_trigger_cpumask_backtrace+0x221/0x2a0
[  360.723642][ T9179] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,stripe=0x0000000000000002,norecovery,nolazytime,noinit_itable,,errors=continue. Quota mode: writeback.
[  360.724691][   T27]  ? fb_is_primary_device+0xd0/0xd0
[  360.747774][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  360.753858][   T27]  ? nmi_trigger_cpumask_backtrace+0x221/0x2a0
[  360.760049][   T27]  ? nmi_trigger_cpumask_backtrace+0x281/0x2a0
[  360.766223][   T27]  ? nmi_trigger_cpumask_backtrace+0x286/0x2a0
[  360.772388][   T27]  watchdog+0xeb0/0xeb0
[  360.776572][   T27]  kthread+0x3f6/0x4f0
[  360.780655][   T27]  ? hungtask_pm_notify+0x50/0x50
[  360.785696][   T27]  ? kthread_blkcg+0xd0/0xd0
[  360.790302][   T27]  ret_from_fork+0x1f/0x30
[  360.794750][   T27]  </TASK>
[  360.798094][   T27] Kernel Offset: disabled
[  360.802427][   T27] Rebooting in 86400 seconds..