last executing test programs:

16.340643429s ago: executing program 2 (id=2029):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r2, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[], 0x78}}, 0x0)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x1a8)
r6 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r6, 0x0, 0x25, 0x0, 0xc)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x17, 0x3, 'lblcr\x00', 0xd, 0x4, 0x5d}, 0x2c)
r7 = socket$kcm(0xa, 0x2, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'wrr\x00', 0x23, 0x81, 0x5}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x4e23, 0x10000, 0x1cb, 0x12d61, 0x12d58}}, 0x44)
sendmsg$sock(r7, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x2400c5, &(0x7f0000000080)={[{@journal_async_commit}, {@commit={'commit', 0x3d, 0xfffffffffffffffe}}], [], 0x3d}, 0x1, 0x540, &(0x7f0000000780)="$eJzs3UFsI1cZAOB/HHu72U2bFDhAJUqhRbsrWHvT0DbqoRQJwakSUO5LSLxRFCeOYqfdRBVkxYEjEkKAxKlcuCBx4oSEKnHhiJAqwRkECIRgCwckaAeNPc7uJuMkTRw7m3yfNJ43b2be/56jmfiNn2cCOLeeioiXI+K9NE2vRcRkljnWXVfKXra7U7bdO3ffmM+mJNL01X8kkeR5vbLSjkficr7bxYj4yhcjvp7sjdva3FqeazTq6/lyrb2yVmttbl1fWplbrC/WV2dmpp+ffWH2udkbA2nnRES89Pm/fP87P/nCS7/89Ot/vPm3q99I8vzY1Y73qbzfym7TK5334v4d1o8Y7DQqd1qYGy/aYmxPzp0TrhMAAP19ICI+ERHXYjLG9v84CwAAADyE0s9OxP+S3nd3e1zokw8AAAA8REqdMbBJqZqP952IUqlajc4Y3g/FpVKj2Wp/6lZzY3WhO1Z2KiqlW0uN+o18rPBUVJJsebqTvrf8bJZO83GfS436TEQ8HhHfmxzvrK/ONxsLo774AQAAAOfE5V39/39Pdvv/AAAAwBkzNeoKAAAAACdO/x8AAADOvqP0//c+0gkAAAA4pb70yivZlPaef73w2ubGcvO16wv11nJ1ZWO+Ot9cX6suNpuLnXv2rRxUXqPZXPtMrG7crrXrrXattbl1c6W5sdq+ufTAI7ABAACAIXr8Y2/9PomI7RfHO1PmwuF2PeRmwGlV3kkl+XznsE7TXuoPj3Xnfx5mzYCTdqRhfI8Ovh7A8JVHXQFgZCrF2ePDrgcwOskB6/sO3vlNPv/4YOsDAAAM3pWPFH//f/B1we3SEKoHnCAHMQCcP53P+YcdyevDApwpFTfyg3Pv2N//H+jezwkAAIDRmOhMSamaX96biFKpWu3+xG8qKsmtpUb9RkQ8FhG/m6w8ki1Pd/ZMDuwzAAAAAAAAAAAAAAAAAAAAAAAAAABdaZpECgAAAJxpEaW/Jr/q3sv/yuQzE7uvD1xI/jMZ+SNCX//Rqz+4Pddur09n+f/cyW//MM9/dhRXMAAAAOBcKL+fjXv99F4/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG6Z27b8z3pmHG/fvnImKqKH45LnbmF6MSEZf+lUT5vv2SiBgbQPzx7OXDRfGTrFo7IXfHfzfb983jx9++s2/8mMrfhaL2Xz5+eDjX3srOPy8XHX+leKozLz7+yhEPLB9V//Nf7Jz/xvoc/48eMsYTb/+s1jf+nYgnysXnn178pE/8p4sK/Pm392R97atbW/3ip29GXCn8/5M8EKvWXlmrtTa3ri+tzC3WF+urMzPTz8++MPvc7I3araVGPX8tjPHdj/7ivf3af6lP/KkD2v9MQXkXCvLeffv23Q92k5Wi+FefLoj/6x/nW+yNX8r/930yT2frr/TS2930/Z786W+f3K/9C33af9Df/2q/Qne59uVv/emQmwIAQ9Da3FqeazTq66cj8WIMvOSshz/ydh02MX46qrE81/hveiqqcbKJbw60wDRN0+yYOkY5SQzvTUj2r+qoz0wAAMCg3fvQP+qaAAAAAAAAAAAAAAAAAAAAwPk1jDuN7Y65vZNKBnELbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfh/AAAA///IO+M6")

14.39633565s ago: executing program 2 (id=2034):
mlock2(&(0x7f00008d2000/0x1000)=nil, 0x1000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udp(0x2, 0x2, 0x0)
fsopen(0x0, 0x0)
fsopen(0x0, 0x1)
fchdir(0xffffffffffffffff)
openat(0xffffffffffffff9c, 0x0, 0x141442, 0x98)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000040), 0x6)

13.017437523s ago: executing program 0 (id=2038):
sched_setaffinity(0x0, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x40002000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001e000503"], 0x24}, 0x1, 0x8000000, 0x0, 0x400c880}, 0x0)

11.338739066s ago: executing program 2 (id=2040):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10008, &(0x7f0000000080)={[{@nombcache}, {@nogrpid}]}, 0xff, 0x49e, &(0x7f0000000f40)="$eJzs3M9vFFUcAPDvbH/Qyo9WRBQEraCR+KOlBZWDBzSaeNDERA94rG1BZKGG1gRIo8UYPBoS78ajiX+BNy9GPRgTr5p4NCREe6F4qpmdGbpsd0u3tF3pfj7Jdt/bmd33vjPv7b6Z15kA2tZA+ieJ2BYRv0dEX5a9fYWB7Gl+bmbs5tzMWBILC2//nVTWuzE3M1asWrxva545VIoofZbE8WRpuVMXL50ZLZcnzuf5oemzHw5NXbz03Omzo6cmTk2cGzl27OiR4RdfGHl+TeJM47qx9+PJfXtef/fqm2Mnrr7307dptXbvz5ZXx3FHN+sEVMdAutX+WaioXfZkE3W/F2yvSiedLawITemIiHR3dVX6f190xOLO64vXPm1p5YB1lf42bWm8eHYB2MSSaHUNgNYofujT49/isUFDj/+F6y9HdOfp+bmZsflb8XdGKX+9ax3LH4iIE7P/fpU+otnzEAAAq1AZ2zxbb/xXit2V52yuY0c+h9IfEfdHxM6IeCAidkXEgxGVdR+KiIezNy/0rbD8gZr80vFP6VrdOq+RdPz3UtXYb74q/vypvyPPba/E35WcPF2eOJxvk0PRtSXNDy9Txvev/vZFo2XV47/0kZZfjAXzClzrrDlBNz46PbpWG+H65Yi9nfXiT27NBKQtYE9E7G3uo3cUidNPf7Ov0Up3jn8ZazDPtPB1xFPZ/p+NmvgLyfLzk0M9UZ44PFS0iqV+/vXKW43Kv6v418D1A49kicX9X7NGVUMrlyfOTzVfxpU/Pm94TLPa9t+dvFOZs/7l/ey1C6PT0+eHI7qTNyr54piu8vrI4nsvjE73pvli/bT9HzpYv//vzN+T7v90K6WNeH9EPBoRj+V1fzwiDkTEwWXi//GVJz5YJv4kkmjd/r8cMV73++9W++9PqufrV5HoOPPDd41mzFe2/4/GbOW7NlP5/ruDlVbwLjcfAAAA3BNKEbEtktJglh7YFqXS4GD2P/y74r5SeXJq+pmTkx+dG8+uEeiPrlJxpquv6nzocDKbf2KWH8nPFRfLj+Tnjb/s6K3kB8cmy+Mtjh3a3dbb+38U/T/1V0erawesO9drQfuq7f+lFtUD2Hgr+f13LACb0+39vyf909uqugAby/E/tK96/f+TmrzxP2xOS/v/n3VuWQdsRsb/0L70f2hf+j+0pWYu54/jjRb1REQztwUoLhZY/V0FelZ8hX+7JIo7XqxnWb1x6Ux3/kqUWhRpR5ONbVMk0h6zsYUu3kMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgXvZfAAAA//8hId5P")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./bus\x00', 0x432300c, 0x0, 0x21, 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0xa, 0x2000006, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf7, 0x0, 0x9, 0xfffffffb, 0x0, 0x0, 0x0, 0x3, [0xb3c]}})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x40001, 0x0)
prlimit64(r0, 0x5, &(0x7f00000000c0)={0x1, 0x6}, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x82100, 0x2)
read$eventfd(r4, &(0x7f0000000040), 0x8)
syz_usb_connect$uac3(0x5, 0x80, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x8, 0x41e, 0x3048, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6e, 0x3, 0x1, 0x1, 0x10, 0x1, {0x8, 0xb, 0x0, 0x1, 0x1, 0x1, 0x30, 0x8}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x7, 0xa, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x6, 0x9, 0x6, {0xa, 0x25, 0x25, 0x8, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x2, 0xc, 0x0, {0xa, 0x25, 0x25, 0xc9d, 0x0, 0x9}}}}}}}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})

11.259024631s ago: executing program 3 (id=2042):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000022c0)=@newtfilter={0x38, 0x2c, 0xd3f, 0x30bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r10, 0x3e}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000180)="27030200080314000e00002fb96dffff1144ee163cddcb000000800000827600000000000000", 0x26}, {&(0x7f0000000780)="f058050000007f8f", 0x8}, {&(0x7f0000000440)="3f1d98666b93ca8a90d3d3f40a574fa0ddf27b459867178cf7024b1ed3065b076d01bf5e1e0755310d2b67d05b5c1762ffe3782b02c9b5ca095ffee719981149505aa401018eb8483e7f6d6c02239ed4c7d0de793e81c6811fb32c0fa6c78e808d4fafbe29b2cbb107a7fe1b809db3155a1023cf55683bc67d1450997091ac01f5698cadf6a72b77fb56b45d2187d9adf23477f1ab2cb379887a63c90ffe8cda2ee8853ec85732fba8a99efadaa2dc2a79306b63c84004279d3b2132a95f785c42ebbe82cc9659128c99b4debd9dab4d225feb603c95e8e9a3f22b98f9", 0xdd}], 0x3}, 0x5)

10.491481773s ago: executing program 1 (id=2046):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$SIOCPNENABLEPIPE(0xffffffffffffffff, 0x80108907, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x202, 0x0)
write$sequencer(r2, &(0x7f0000000200)=[@t={0x81, 0x5}, @x={0x94, 0x4, "554043d7dde9"}], 0x10)
r3 = accept4(r0, 0x0, 0x0, 0x800)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000500)

9.660407659s ago: executing program 3 (id=2049):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10008, &(0x7f0000000080)={[{@nombcache}, {@nogrpid}]}, 0xff, 0x49e, &(0x7f0000000f40)="$eJzs3M9vFFUcAPDvbH/Qyo9WRBQEraCR+KOlBZWDBzSaeNDERA94rG1BZKGG1gRIo8UYPBoS78ajiX+BNy9GPRgTr5p4NCREe6F4qpmdGbpsd0u3tF3pfj7Jdt/bmd33vjPv7b6Z15kA2tZA+ieJ2BYRv0dEX5a9fYWB7Gl+bmbs5tzMWBILC2//nVTWuzE3M1asWrxva545VIoofZbE8WRpuVMXL50ZLZcnzuf5oemzHw5NXbz03Omzo6cmTk2cGzl27OiR4RdfGHl+TeJM47qx9+PJfXtef/fqm2Mnrr7307dptXbvz5ZXx3FHN+sEVMdAutX+WaioXfZkE3W/F2yvSiedLawITemIiHR3dVX6f190xOLO64vXPm1p5YB1lf42bWm8eHYB2MSSaHUNgNYofujT49/isUFDj/+F6y9HdOfp+bmZsflb8XdGKX+9ax3LH4iIE7P/fpU+otnzEAAAq1AZ2zxbb/xXit2V52yuY0c+h9IfEfdHxM6IeCAidkXEgxGVdR+KiIezNy/0rbD8gZr80vFP6VrdOq+RdPz3UtXYb74q/vypvyPPba/E35WcPF2eOJxvk0PRtSXNDy9Txvev/vZFo2XV47/0kZZfjAXzClzrrDlBNz46PbpWG+H65Yi9nfXiT27NBKQtYE9E7G3uo3cUidNPf7Ov0Up3jn8ZazDPtPB1xFPZ/p+NmvgLyfLzk0M9UZ44PFS0iqV+/vXKW43Kv6v418D1A49kicX9X7NGVUMrlyfOTzVfxpU/Pm94TLPa9t+dvFOZs/7l/ey1C6PT0+eHI7qTNyr54piu8vrI4nsvjE73pvli/bT9HzpYv//vzN+T7v90K6WNeH9EPBoRj+V1fzwiDkTEwWXi//GVJz5YJv4kkmjd/r8cMV73++9W++9PqufrV5HoOPPDd41mzFe2/4/GbOW7NlP5/ruDlVbwLjcfAAAA3BNKEbEtktJglh7YFqXS4GD2P/y74r5SeXJq+pmTkx+dG8+uEeiPrlJxpquv6nzocDKbf2KWH8nPFRfLj+Tnjb/s6K3kB8cmy+Mtjh3a3dbb+38U/T/1V0erawesO9drQfuq7f+lFtUD2Hgr+f13LACb0+39vyf909uqugAby/E/tK96/f+TmrzxP2xOS/v/n3VuWQdsRsb/0L70f2hf+j+0pWYu54/jjRb1REQztwUoLhZY/V0FelZ8hX+7JIo7XqxnWb1x6Ux3/kqUWhRpR5ONbVMk0h6zsYUu3kMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgXvZfAAAA//8hId5P")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./bus\x00', 0x432300c, 0x0, 0x21, 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0xa, 0x2000006, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf7, 0x0, 0x9, 0xfffffffb, 0x0, 0x0, 0x0, 0x3, [0xb3c]}})
mkdir(&(0x7f0000000040)='./file0\x00', 0x28)
prlimit64(r0, 0x5, &(0x7f00000000c0)={0x1, 0x6}, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x82100, 0x2)
read$eventfd(r4, &(0x7f0000000040), 0x8)
syz_usb_connect$uac3(0x5, 0x80, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x8, 0x41e, 0x3048, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6e, 0x3, 0x1, 0x1, 0x10, 0x1, {0x8, 0xb, 0x0, 0x1, 0x1, 0x1, 0x30, 0x8}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x7, 0xa, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x6, 0x9, 0x6, {0xa, 0x25, 0x25, 0x8, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x2, 0xc, 0x0, {0xa, 0x25, 0x25, 0xc9d, 0x0, 0x9}}}}}}}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})

9.570277465s ago: executing program 1 (id=2050):
syz_mount_image$fuse(0x0, 0x0, 0x12040d0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r3, 0x5453, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)

9.110167406s ago: executing program 4 (id=2051):
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1d, &(0x7f0000000280)=0x2, 0x4)
syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @empty}, 0x1c)

7.951034504s ago: executing program 1 (id=2052):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x1c}, 0x1, 0x0, 0x0, 0x20004044}, 0x24040804)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

7.839800162s ago: executing program 4 (id=2053):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1acb74fef", 0x87}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d05805063967de38327e", 0x9e}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9968fe8", 0x60}, {&(0x7f0000000800)}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c800a837a0236309d25e82d5767d8df7512b2beb324c2a2fd6f4ed3a3eb7396f02d515396a3be574d721df257dbf0bc39c617c69458d721eb85d0e", 0x93}, {&(0x7f00000000c0)}], 0x6}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000ac0)="3eb85e3024a2953147f5444738e1388e15fef01893884c2eeb5c559f4a030ee6b08fca1e38ee56dac9cbbea3d6d43e34d9daf81d45289d2bc841e2c4c7072582b15ce7ff3e22b0f19d8a2643280daeb9791b2d0f9b216a0fda4f30804b739da3cce1691d6d88ff52d3e43b26d935d69e99673e98e92fe2fd18e63d4d5699814d9843367774e155678592d0eec07073e851f50827bde418748aa0741684fe603e34dcc960678c7b3e71e48befa166d4a5247325fa881fc7857a8caadde6a2ac9cdcc4ead01267dbb4c639d6d8a80f9637e0c2a3f962347813", 0xd8}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1de30c5c7e914b13514dea44fb2b964aaa280d5a85512fede48830ca6ea5cd18ff95c871d91454240f370e0c8e2629e58605c4b29017a160709ec76547c92a21d0ec5589e228922b105d0b8b29256620c44d2118334025dedd46db5194f22b349264de22068d3d4db627db4fa827907e5bc02b69c36e94f8149f12116f75bd48aa86d41dfdf52e74b442782f530da1263fd0f699776e9459e33fe5", 0xef}, {&(0x7f0000000580)}], 0x3, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}], 0x48}}], 0x2, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

7.692927181s ago: executing program 1 (id=2054):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x24000000, 0x0, 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/mcfilter\x00')
syz_open_procfs(0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
read(r3, &(0x7f0000000880)=""/4096, 0x1000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
pread64(r2, &(0x7f0000000380)=""/148, 0x94, 0x2f)

6.792229832s ago: executing program 0 (id=2055):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x130}, 0x94)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1acb74fef", 0x87}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d05805063967de38327e", 0x9e}, {&(0x7f0000000480)}, {0x0}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e", 0x62}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2", 0x39}, {&(0x7f00000000c0)}], 0x7}}, {{0x0, 0x0, &(0x7f0000003a40)=[{&(0x7f0000000640)="f3f4c60f4caeeeb0b0c17aa464613c", 0xf}], 0x1}}], 0x2, 0x20000044)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

6.713674758s ago: executing program 4 (id=2056):
r0 = socket(0x10, 0x3, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x40002000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001e0005"], 0x24}, 0x1, 0x8000000, 0x0, 0x400c880}, 0x0)

6.266567858s ago: executing program 2 (id=2057):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sendmsg(r0, 0x0, 0x20000014)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x4)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000019080)=0x30)

6.260103258s ago: executing program 0 (id=2058):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf6", 0x7f}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d05805063967de38327e", 0x9e}, {&(0x7f0000000480)}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9968fe8", 0x60}, {&(0x7f0000000800)}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c800a837a0236309d25e82d5767d8df7512b2beb324c2a2fd6f4ed3a3eb7396f02d515396a3be574d721df257dbf0bc39c617c69458d721eb85d0e", 0x93}, {&(0x7f00000000c0)}], 0x7}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000ac0)="3eb85e3024a2953147f5444738e1388e15fef01893884c2eeb5c559f4a030ee6b08fca1e38ee56dac9cbbea3d6d43e34d9daf81d45289d2bc841e2c4c7072582b15ce7ff3e22b0f19d8a2643280daeb9791b2d0f9b216a0fda4f30804b739da3cce1691d6d88ff52d3e43b26d935d69e99673e98e92fe2fd18e63d4d5699814d9843367774e155678592d0eec07073e851f50827bde418748aa0741684fe603e34dcc960678c7b3e71e48befa166d4a5247325fa881fc7857a8caadde6a2ac9cdcc4ead01267dbb4c639d6d8a80f9637e0c2a3f962347813", 0xd8}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1de30c5c7e914b13514dea44fb2b964aaa280d5a85512fede48830ca6ea5cd18ff95c871d91454240f370e0c8e2629e58605c4b29017a160709ec76547c92a21d0ec5589e228922b105d0b8b29256620c44d2118334025dedd46db5194f22b349264de22068d3d4db627db4fa827907e5bc02b69c36e94f8149f12116f75bd48aa86d41dfdf52e74b442782f530da1263fd0f699776e9459e33fe5", 0xef}, {&(0x7f0000000580)}], 0x3, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}], 0x60}}], 0x2, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

6.119578998s ago: executing program 0 (id=2059):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000022c0)=@newtfilter={0x3c, 0x2c, 0xd3f, 0x30bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_matchall={{0xd}, {0x8, 0x2, [@TCA_MATCHALL_ACT={0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r10, 0x3e}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000180)="27030200080314000e00002fb96dffff1144ee163cddcb000000800000827600000000000000", 0x26}, {&(0x7f0000000780)="f058050000007f8f", 0x8}, {&(0x7f0000000440)="3f1d98666b93ca8a90d3d3f40a574fa0ddf27b459867178cf7024b1ed3065b076d01bf5e1e0755310d2b67d05b5c1762ffe3782b02c9b5ca095ffee719981149505aa401018eb8483e7f6d6c02239ed4c7d0de793e81c6811fb32c0fa6c78e808d4fafbe29b2cbb107a7fe1b809db3155a1023cf55683bc67d1450997091ac01f5698cadf6a72b77fb56b45d2187d9adf23477f1ab2cb379887a63c90ffe8cda2ee8853ec85732fba8a99efadaa2dc2a79306b63c84004279d3b2132a95f785c42ebbe82cc9659128c99b4debd9dab4d225feb603c95e8e9a3f22b98f9", 0xdd}], 0x3}, 0x5)

6.087705689s ago: executing program 3 (id=2060):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$SIOCPNENABLEPIPE(0xffffffffffffffff, 0x80108907, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x202, 0x0)
write$sequencer(r2, &(0x7f0000000200)=[@t={0x81, 0x5}, @x={0x94, 0x4, "554043d7dde9"}], 0x10)
r3 = accept4(r0, 0x0, 0x0, 0x800)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000500)

6.055200952s ago: executing program 1 (id=2061):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4ad, 0x8000000000000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
fsopen(&(0x7f0000000280)='ncpfs\x00', 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
gettid()
timer_create(0x8, &(0x7f00000000c0)={0x0, 0x30, 0x4, @thr={&(0x7f00000006c0)="1248eeccd46713468edf99fb4fbb53f422d166732ee8cd5314b3666050e6bc8b1f6cee4a73ac3c8acef8b84604ccbb5e3d4e79eaae3f3e0466883ef855aa35d94a2699a0f95763762f47032ae0f28cf3eedaa7828b7fecc277099fc73e71c68222748f2519a129f914dac88bec60f16196c4fae9d73e692fde2d41ed5dc76abd22762d9937be3d50ccb7b71c103038f9b2970e8708a371ec8836e5dcf27b26eb8d81487535131febceba810367c59ff9a7bf18", &(0x7f0000000780)="096f53484b71b21a16f0bd1cbdc2e6340dc2d06460ac4c4123099b13a72067745a203ddae75e15a10cd7254c75d648ec29f81c69b6378b34bed381130a1b597c3bb145b475c9c445da19297eb47870eb9177ca40fafb8a6bc99fa823cbf71444346a14078b1a37fdfcd04e5733c9f0d8822c4ab8719f261cf2fa32c09a393940098e19812585"}}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0xfffd, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_genetlink_get_family_id$tipc2(&(0x7f00000020c0), 0xffffffffffffffff)
ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000000000/0x800000)=nil, 0x800000})

4.878416901s ago: executing program 1 (id=2062):
r0 = socket$inet6(0xa, 0x2, 0x3a)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
socket(0x80000000000000a, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000380)={0xa, 0x0, 0x3, @mcast2={0xff, 0x5, '\x00', 0x0}}, 0x1c, 0x0}}], 0x1, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r5, &(0x7f0000000300)=""/184, 0x10c)

4.877801381s ago: executing program 4 (id=2063):
syz_mount_image$fuse(0x0, 0x0, 0x12040d0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r3, 0x5453, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)

4.530207474s ago: executing program 2 (id=2064):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x1c}, 0x1, 0x0, 0x0, 0x20004044}, 0x24040804)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, 0x0, 0x0)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

4.15250119s ago: executing program 2 (id=2065):
sched_setaffinity(0x0, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x40002000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001e000503"], 0x24}, 0x1, 0x8000000, 0x0, 0x400c880}, 0x0)

4.00978209s ago: executing program 3 (id=2066):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1acb74fef", 0x87}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d05805063967de38327e", 0x9e}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9968fe8", 0x60}, {&(0x7f0000000800)}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c800a837a0236309d25e82d5767d8df7512b2beb324c2a2fd6f4ed3a3eb7396f02d515396a3be574d721df257dbf0bc39c617c69458d721eb85d0e", 0x93}, {&(0x7f00000000c0)}], 0x6}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000ac0)="3eb85e3024a2953147f5444738e1388e15fef01893884c2eeb5c559f4a030ee6b08fca1e38ee56dac9cbbea3d6d43e34d9daf81d45289d2bc841e2c4c7072582b15ce7ff3e22b0f19d8a2643280daeb9791b2d0f9b216a0fda4f30804b739da3cce1691d6d88ff52d3e43b26d935d69e99673e98e92fe2fd18e63d4d5699814d9843367774e155678592d0eec07073e851f50827bde418748aa0741684fe603e34dcc960678c7b3e71e48befa166d4a5247325fa881fc7857a8caadde6a2ac9cdcc4ead01267dbb4c639d6d8a80f9637e0c2a3f962347813", 0xd8}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1de30c5c7e914b13514dea44fb2b964aaa280d5a85512fede48830ca6ea5cd18ff95c871d91454240f370e0c8e2629e58605c4b29017a160709ec76547c92a21d0ec5589e228922b105d0b8b29256620c44d2118334025dedd46db5194f22b349264de22068d3d4db627db4fa827907e5bc02b69c36e94f8149f12116f75bd48aa86d41dfdf52e74b442782f530da1263fd0f699776e9459e33fe5", 0xef}, {&(0x7f0000000580)}], 0x3, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}], 0x48}}], 0x2, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

3.829708892s ago: executing program 4 (id=2067):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r2, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[], 0x78}}, 0x0)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, 0x0, 0x1a8)
r6 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r6, 0x0, 0x25, 0x0, 0xc)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x17, 0x3, 'lblcr\x00', 0xd, 0x4, 0x5d}, 0x2c)
r7 = socket$kcm(0xa, 0x2, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'wrr\x00', 0x23, 0x81, 0x5}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x4e23, 0x10000, 0x1cb, 0x12d61, 0x12d58}}, 0x44)
sendmsg$sock(r7, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x2400c5, &(0x7f0000000080)={[{@journal_async_commit}, {@commit={'commit', 0x3d, 0xfffffffffffffffe}}], [], 0x3d}, 0x1, 0x540, &(0x7f0000000780)="$eJzs3UFsI1cZAOB/HHu72U2bFDhAJUqhRbsrWHvT0DbqoRQJwakSUO5LSLxRFCeOYqfdRBVkxYEjEkKAxKlcuCBx4oSEKnHhiJAqwRkECIRgCwckaAeNPc7uJuMkTRw7m3yfNJ43b2be/56jmfiNn2cCOLeeioiXI+K9NE2vRcRkljnWXVfKXra7U7bdO3ffmM+mJNL01X8kkeR5vbLSjkficr7bxYj4yhcjvp7sjdva3FqeazTq6/lyrb2yVmttbl1fWplbrC/WV2dmpp+ffWH2udkbA2nnRES89Pm/fP87P/nCS7/89Ot/vPm3q99I8vzY1Y73qbzfym7TK5334v4d1o8Y7DQqd1qYGy/aYmxPzp0TrhMAAP19ICI+ERHXYjLG9v84CwAAADyE0s9OxP+S3nd3e1zokw8AAAA8REqdMbBJqZqP952IUqlajc4Y3g/FpVKj2Wp/6lZzY3WhO1Z2KiqlW0uN+o18rPBUVJJsebqTvrf8bJZO83GfS436TEQ8HhHfmxzvrK/ONxsLo774AQAAAOfE5V39/39Pdvv/AAAAwBkzNeoKAAAAACdO/x8AAADOvqP0//c+0gkAAAA4pb70yivZlPaef73w2ubGcvO16wv11nJ1ZWO+Ot9cX6suNpuLnXv2rRxUXqPZXPtMrG7crrXrrXattbl1c6W5sdq+ufTAI7ABAACAIXr8Y2/9PomI7RfHO1PmwuF2PeRmwGlV3kkl+XznsE7TXuoPj3Xnfx5mzYCTdqRhfI8Ovh7A8JVHXQFgZCrF2ePDrgcwOskB6/sO3vlNPv/4YOsDAAAM3pWPFH//f/B1we3SEKoHnCAHMQCcP53P+YcdyevDApwpFTfyg3Pv2N//H+jezwkAAIDRmOhMSamaX96biFKpWu3+xG8qKsmtpUb9RkQ8FhG/m6w8ki1Pd/ZMDuwzAAAAAAAAAAAAAAAAAAAAAAAAAABdaZpECgAAAJxpEaW/Jr/q3sv/yuQzE7uvD1xI/jMZ+SNCX//Rqz+4Pddur09n+f/cyW//MM9/dhRXMAAAAOBcKL+fjXv99F4/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG6Z27b8z3pmHG/fvnImKqKH45LnbmF6MSEZf+lUT5vv2SiBgbQPzx7OXDRfGTrFo7IXfHfzfb983jx9++s2/8mMrfhaL2Xz5+eDjX3srOPy8XHX+leKozLz7+yhEPLB9V//Nf7Jz/xvoc/48eMsYTb/+s1jf+nYgnysXnn178pE/8p4sK/Pm392R97atbW/3ip29GXCn8/5M8EKvWXlmrtTa3ri+tzC3WF+urMzPTz8++MPvc7I3araVGPX8tjPHdj/7ivf3af6lP/KkD2v9MQXkXCvLeffv23Q92k5Wi+FefLoj/6x/nW+yNX8r/930yT2frr/TS2930/Z786W+f3K/9C33af9Df/2q/Qne59uVv/emQmwIAQ9Da3FqeazTq66cj8WIMvOSshz/ydh02MX46qrE81/hveiqqcbKJbw60wDRN0+yYOkY5SQzvTUj2r+qoz0wAAMCg3fvQP+qaAAAAAAAAAAAAAAAAAAAAwPk1jDuN7Y65vZNKBnELbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfh/AAAA///IO+M6")

3.796383514s ago: executing program 0 (id=2068):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10008, &(0x7f0000000080)={[{@nombcache}, {@nogrpid}]}, 0xff, 0x49e, &(0x7f0000000f40)="$eJzs3M9vFFUcAPDvbH/Qyo9WRBQEraCR+KOlBZWDBzSaeNDERA94rG1BZKGG1gRIo8UYPBoS78ajiX+BNy9GPRgTr5p4NCREe6F4qpmdGbpsd0u3tF3pfj7Jdt/bmd33vjPv7b6Z15kA2tZA+ieJ2BYRv0dEX5a9fYWB7Gl+bmbs5tzMWBILC2//nVTWuzE3M1asWrxva545VIoofZbE8WRpuVMXL50ZLZcnzuf5oemzHw5NXbz03Omzo6cmTk2cGzl27OiR4RdfGHl+TeJM47qx9+PJfXtef/fqm2Mnrr7307dptXbvz5ZXx3FHN+sEVMdAutX+WaioXfZkE3W/F2yvSiedLawITemIiHR3dVX6f190xOLO64vXPm1p5YB1lf42bWm8eHYB2MSSaHUNgNYofujT49/isUFDj/+F6y9HdOfp+bmZsflb8XdGKX+9ax3LH4iIE7P/fpU+otnzEAAAq1AZ2zxbb/xXit2V52yuY0c+h9IfEfdHxM6IeCAidkXEgxGVdR+KiIezNy/0rbD8gZr80vFP6VrdOq+RdPz3UtXYb74q/vypvyPPba/E35WcPF2eOJxvk0PRtSXNDy9Txvev/vZFo2XV47/0kZZfjAXzClzrrDlBNz46PbpWG+H65Yi9nfXiT27NBKQtYE9E7G3uo3cUidNPf7Ov0Up3jn8ZazDPtPB1xFPZ/p+NmvgLyfLzk0M9UZ44PFS0iqV+/vXKW43Kv6v418D1A49kicX9X7NGVUMrlyfOTzVfxpU/Pm94TLPa9t+dvFOZs/7l/ey1C6PT0+eHI7qTNyr54piu8vrI4nsvjE73pvli/bT9HzpYv//vzN+T7v90K6WNeH9EPBoRj+V1fzwiDkTEwWXi//GVJz5YJv4kkmjd/r8cMV73++9W++9PqufrV5HoOPPDd41mzFe2/4/GbOW7NlP5/ruDlVbwLjcfAAAA3BNKEbEtktJglh7YFqXS4GD2P/y74r5SeXJq+pmTkx+dG8+uEeiPrlJxpquv6nzocDKbf2KWH8nPFRfLj+Tnjb/s6K3kB8cmy+Mtjh3a3dbb+38U/T/1V0erawesO9drQfuq7f+lFtUD2Hgr+f13LACb0+39vyf909uqugAby/E/tK96/f+TmrzxP2xOS/v/n3VuWQdsRsb/0L70f2hf+j+0pWYu54/jjRb1REQztwUoLhZY/V0FelZ8hX+7JIo7XqxnWb1x6Ux3/kqUWhRpR5ONbVMk0h6zsYUu3kMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgXvZfAAAA//8hId5P")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./bus\x00', 0x432300c, 0x0, 0x21, 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
socket(0x10, 0x803, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x28)
prlimit64(r0, 0x5, &(0x7f00000000c0)={0x1, 0x6}, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x82100, 0x2)
read$eventfd(r3, &(0x7f0000000040), 0x8)
syz_usb_connect$uac3(0x5, 0x80, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x8, 0x41e, 0x3048, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6e, 0x3, 0x1, 0x1, 0x10, 0x1, {0x8, 0xb, 0x0, 0x1, 0x1, 0x1, 0x30, 0x8}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x7, 0xa, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x6, 0x9, 0x6, {0xa, 0x25, 0x25, 0x8, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x2, 0xc, 0x0, {0xa, 0x25, 0x25, 0xc9d, 0x0, 0x9}}}}}}}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})

3.70980952s ago: executing program 3 (id=2069):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r2, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='x\x00\x00\x009\x00\t\x00\x00'], 0x78}}, 0x0)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x1a8)
r6 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r6, 0x0, 0x25, 0x0, 0xc)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x17, 0x3, 'lblcr\x00', 0xd, 0x4, 0x5d}, 0x2c)
r7 = socket$kcm(0xa, 0x2, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'wrr\x00', 0x23, 0x81, 0x5}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x4e23, 0x10000, 0x1cb, 0x12d61, 0x12d58}}, 0x44)
sendmsg$sock(r7, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x2400c5, &(0x7f0000000080)={[{@journal_async_commit}, {@commit={'commit', 0x3d, 0xfffffffffffffffe}}], [], 0x3d}, 0x1, 0x540, &(0x7f0000000780)="$eJzs3UFsI1cZAOB/HHu72U2bFDhAJUqhRbsrWHvT0DbqoRQJwakSUO5LSLxRFCeOYqfdRBVkxYEjEkKAxKlcuCBx4oSEKnHhiJAqwRkECIRgCwckaAeNPc7uJuMkTRw7m3yfNJ43b2be/56jmfiNn2cCOLeeioiXI+K9NE2vRcRkljnWXVfKXra7U7bdO3ffmM+mJNL01X8kkeR5vbLSjkficr7bxYj4yhcjvp7sjdva3FqeazTq6/lyrb2yVmttbl1fWplbrC/WV2dmpp+ffWH2udkbA2nnRES89Pm/fP87P/nCS7/89Ot/vPm3q99I8vzY1Y73qbzfym7TK5334v4d1o8Y7DQqd1qYGy/aYmxPzp0TrhMAAP19ICI+ERHXYjLG9v84CwAAADyE0s9OxP+S3nd3e1zokw8AAAA8REqdMbBJqZqP952IUqlajc4Y3g/FpVKj2Wp/6lZzY3WhO1Z2KiqlW0uN+o18rPBUVJJsebqTvrf8bJZO83GfS436TEQ8HhHfmxzvrK/ONxsLo774AQAAAOfE5V39/39Pdvv/AAAAwBkzNeoKAAAAACdO/x8AAADOvqP0//c+0gkAAAA4pb70yivZlPaef73w2ubGcvO16wv11nJ1ZWO+Ot9cX6suNpuLnXv2rRxUXqPZXPtMrG7crrXrrXattbl1c6W5sdq+ufTAI7ABAACAIXr8Y2/9PomI7RfHO1PmwuF2PeRmwGlV3kkl+XznsE7TXuoPj3Xnfx5mzYCTdqRhfI8Ovh7A8JVHXQFgZCrF2ePDrgcwOskB6/sO3vlNPv/4YOsDAAAM3pWPFH//f/B1we3SEKoHnCAHMQCcP53P+YcdyevDApwpFTfyg3Pv2N//H+jezwkAAIDRmOhMSamaX96biFKpWu3+xG8qKsmtpUb9RkQ8FhG/m6w8ki1Pd/ZMDuwzAAAAAAAAAAAAAAAAAAAAAAAAAABdaZpECgAAAJxpEaW/Jr/q3sv/yuQzE7uvD1xI/jMZ+SNCX//Rqz+4Pddur09n+f/cyW//MM9/dhRXMAAAAOBcKL+fjXv99F4/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG6Z27b8z3pmHG/fvnImKqKH45LnbmF6MSEZf+lUT5vv2SiBgbQPzx7OXDRfGTrFo7IXfHfzfb983jx9++s2/8mMrfhaL2Xz5+eDjX3srOPy8XHX+leKozLz7+yhEPLB9V//Nf7Jz/xvoc/48eMsYTb/+s1jf+nYgnysXnn178pE/8p4sK/Pm392R97atbW/3ip29GXCn8/5M8EKvWXlmrtTa3ri+tzC3WF+urMzPTz8++MPvc7I3araVGPX8tjPHdj/7ivf3af6lP/KkD2v9MQXkXCvLeffv23Q92k5Wi+FefLoj/6x/nW+yNX8r/930yT2frr/TS2930/Z786W+f3K/9C33af9Df/2q/Qne59uVv/emQmwIAQ9Da3FqeazTq66cj8WIMvOSshz/ydh02MX46qrE81/hveiqqcbKJbw60wDRN0+yYOkY5SQzvTUj2r+qoz0wAAMCg3fvQP+qaAAAAAAAAAAAAAAAAAAAAwPk1jDuN7Y65vZNKBnELbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfh/AAAA///IO+M6")

2.505206061s ago: executing program 3 (id=2070):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10008, &(0x7f0000000080)={[{@nombcache}, {@nogrpid}]}, 0xff, 0x49e, &(0x7f0000000f40)="$eJzs3M9vFFUcAPDvbH/Qyo9WRBQEraCR+KOlBZWDBzSaeNDERA94rG1BZKGG1gRIo8UYPBoS78ajiX+BNy9GPRgTr5p4NCREe6F4qpmdGbpsd0u3tF3pfj7Jdt/bmd33vjPv7b6Z15kA2tZA+ieJ2BYRv0dEX5a9fYWB7Gl+bmbs5tzMWBILC2//nVTWuzE3M1asWrxva545VIoofZbE8WRpuVMXL50ZLZcnzuf5oemzHw5NXbz03Omzo6cmTk2cGzl27OiR4RdfGHl+TeJM47qx9+PJfXtef/fqm2Mnrr7307dptXbvz5ZXx3FHN+sEVMdAutX+WaioXfZkE3W/F2yvSiedLawITemIiHR3dVX6f190xOLO64vXPm1p5YB1lf42bWm8eHYB2MSSaHUNgNYofujT49/isUFDj/+F6y9HdOfp+bmZsflb8XdGKX+9ax3LH4iIE7P/fpU+otnzEAAAq1AZ2zxbb/xXit2V52yuY0c+h9IfEfdHxM6IeCAidkXEgxGVdR+KiIezNy/0rbD8gZr80vFP6VrdOq+RdPz3UtXYb74q/vypvyPPba/E35WcPF2eOJxvk0PRtSXNDy9Txvev/vZFo2XV47/0kZZfjAXzClzrrDlBNz46PbpWG+H65Yi9nfXiT27NBKQtYE9E7G3uo3cUidNPf7Ov0Up3jn8ZazDPtPB1xFPZ/p+NmvgLyfLzk0M9UZ44PFS0iqV+/vXKW43Kv6v418D1A49kicX9X7NGVUMrlyfOTzVfxpU/Pm94TLPa9t+dvFOZs/7l/ey1C6PT0+eHI7qTNyr54piu8vrI4nsvjE73pvli/bT9HzpYv//vzN+T7v90K6WNeH9EPBoRj+V1fzwiDkTEwWXi//GVJz5YJv4kkmjd/r8cMV73++9W++9PqufrV5HoOPPDd41mzFe2/4/GbOW7NlP5/ruDlVbwLjcfAAAA3BNKEbEtktJglh7YFqXS4GD2P/y74r5SeXJq+pmTkx+dG8+uEeiPrlJxpquv6nzocDKbf2KWH8nPFRfLj+Tnjb/s6K3kB8cmy+Mtjh3a3dbb+38U/T/1V0erawesO9drQfuq7f+lFtUD2Hgr+f13LACb0+39vyf909uqugAby/E/tK96/f+TmrzxP2xOS/v/n3VuWQdsRsb/0L70f2hf+j+0pWYu54/jjRb1REQztwUoLhZY/V0FelZ8hX+7JIo7XqxnWb1x6Ux3/kqUWhRpR5ONbVMk0h6zsYUu3kMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgXvZfAAAA//8hId5P")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./bus\x00', 0x432300c, 0x0, 0x21, 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
socket(0x10, 0x803, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x28)
prlimit64(r0, 0x5, &(0x7f00000000c0)={0x1, 0x6}, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x82100, 0x2)
read$eventfd(r3, &(0x7f0000000040), 0x8)
syz_usb_connect$uac3(0x5, 0x80, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x8, 0x41e, 0x3048, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6e, 0x3, 0x1, 0x1, 0x10, 0x1, {0x8, 0xb, 0x0, 0x1, 0x1, 0x1, 0x30, 0x8}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x7, 0xa, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x6, 0x9, 0x6, {0xa, 0x25, 0x25, 0x8, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x2, 0xc, 0x0, {0xa, 0x25, 0x25, 0xc9d, 0x0, 0x9}}}}}}}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})

272.644232ms ago: executing program 0 (id=2071):
socket$unix(0x1, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000001080), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000008000400", @ANYRES32=r4, @ANYBLOB="06001500070000000c00168008000100", @ANYRES64=r3], 0x38}}, 0x10)

0s ago: executing program 4 (id=2072):
bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e20, @loopback}}, 0x0, 0x0, 0x4, 0x0, "e83ae75240c2d6d8ec87bb53679fd0450078548ceb6c4414fab091000000000000000776aea5922406b64cddaeb9d339ba3c01c2c7d0df8e61740b9af2d4e499d58654a4cf0fa0ce1f830c3279cffcfd"}, 0xd8)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r3)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x1, 0x0, &(0x7f0000000000)="c1", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

kernel console output (not intermixed with test programs):

 mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  428.431214][   T26] audit: type=1800 audit(1775749020.742:76): pid=8137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.871" name="file1" dev="loop2" ino=15 res=0 errno=0
[  428.899996][   T26] audit: type=1800 audit(1775749020.922:77): pid=8142 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.871" name="file1" dev="loop2" ino=15 res=0 errno=0
[  429.140083][ T8150] netlink: 28 bytes leftover after parsing attributes in process `syz.4.872'.
[  429.363453][ T8164] loop3: detected capacity change from 0 to 512
[  429.422491][ T8164] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  429.616401][ T8164] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  430.661559][ T8185] loop0: detected capacity change from 0 to 512
[  431.877044][ T8185] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  432.016207][ T8186] loop2: detected capacity change from 0 to 512
[  432.793642][ T8186] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  433.751094][ T8185] EXT4-fs: error -4 creating inode table initialization thread
[  433.895061][ T8185] EXT4-fs (loop0): mount failed
[  433.945366][ T8186] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  434.380357][ T8192] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  434.390692][ T8192] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  434.399025][ T8192] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  434.445940][ T8197] device syzkaller0 entered promiscuous mode
[  434.535472][ T8198] netlink: 4 bytes leftover after parsing attributes in process `syz.3.879'.
[  434.727751][   T26] audit: type=1326 audit(1775749027.042:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c9152f819 code=0x7ffc0000
[  434.763731][ T8198] device macvtap6 entered promiscuous mode
[  434.843522][ T8198] 8021q: adding VLAN 0 to HW filter on device macvtap6
[  434.937384][   T26] audit: type=1326 audit(1775749027.062:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2c9152f819 code=0x7ffc0000
[  435.463590][   T26] audit: type=1326 audit(1775749027.062:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c9152f819 code=0x7ffc0000
[  435.546842][   T26] audit: type=1326 audit(1775749027.072:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f2c9152f819 code=0x7ffc0000
[  435.569405][   T26] audit: type=1326 audit(1775749027.072:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c9152f819 code=0x7ffc0000
[  435.592099][   T26] audit: type=1326 audit(1775749027.072:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c9152f819 code=0x7ffc0000
[  436.369716][   T26] audit: type=1326 audit(1775749028.682:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8214 comm="syz.3.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9bb13819 code=0x7ffc0000
[  436.688419][   T26] audit: type=1326 audit(1775749028.702:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8214 comm="syz.3.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3d9bb13819 code=0x7ffc0000
[  437.018530][   T26] audit: type=1326 audit(1775749028.712:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8214 comm="syz.3.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d9bb13819 code=0x7ffc0000
[  437.160707][   T26] audit: type=1326 audit(1775749028.712:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8214 comm="syz.3.888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f3d9bb13819 code=0x7ffc0000
[  437.503825][ T8233] loop1: detected capacity change from 0 to 512
[  437.555356][ T8233] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  437.682267][ T8225] loop2: detected capacity change from 0 to 2048
[  437.713737][ T8233] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  437.841632][ T8235] netlink: 28 bytes leftover after parsing attributes in process `syz.4.895'.
[  437.945785][ T8225] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  439.157788][ T8247] loop0: detected capacity change from 0 to 1024
[  439.182624][ T8231] netlink: 'syz.3.893': attribute type 1 has an invalid length.
[  439.300640][ T8252] loop2: detected capacity change from 0 to 512
[  439.366709][ T8252] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  439.471940][ T8252] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  440.171088][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  440.177619][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  440.781868][ T8259] loop1: detected capacity change from 0 to 512
[  440.800380][ T8259] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  440.940272][ T8259] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  441.465608][ T6161] hfsplus: b-tree write err: -5, ino 25
[  441.476597][ T6161] hfsplus: b-tree write err: -5, ino 4
[  441.482319][ T6161] hfsplus: b-tree write err: -5, ino 2
[  441.572496][ T6161] hfsplus: b-tree write err: -5, ino 26
[  441.652175][ T8271] loop4: detected capacity change from 0 to 512
[  441.712044][ T8268] loop2: detected capacity change from 0 to 1024
[  441.727872][ T8272] loop3: detected capacity change from 0 to 512
[  441.814744][ T8271] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  441.841910][ T8272] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  441.885653][ T8271] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  442.889048][ T8272] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  444.320644][ T8297] loop1: detected capacity change from 0 to 512
[  444.376022][ T8297] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  444.533450][ T8297] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  445.456489][ T8303] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  445.505358][ T8303] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  445.559162][ T8303] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  445.623442][ T8303] bond1: (slave gretap1): Releasing backup interface
[  445.724305][ T8308] loop4: detected capacity change from 0 to 512
[  445.796948][ T8308] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  445.922727][ T8308] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  445.941898][ T6303] hfsplus: b-tree write err: -5, ino 25
[  446.042667][ T6303] hfsplus: b-tree write err: -5, ino 4
[  446.716420][ T8312] loop1: detected capacity change from 0 to 512
[  446.813825][ T8312] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  446.955326][ T8312] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  447.709575][ T6290] hfsplus: b-tree write err: -5, ino 2
[  447.715864][ T6290] hfsplus: b-tree write err: -5, ino 26
[  447.760278][ T8316] netlink: 'syz.0.911': attribute type 1 has an invalid length.
[  447.980511][ T8316] device macvlan2 entered promiscuous mode
[  448.047364][ T8316] device bond2 entered promiscuous mode
[  448.053650][ T8316] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  448.062728][ T8316] device bond2 left promiscuous mode
[  448.078591][ T8322] loop2: detected capacity change from 0 to 512
[  448.300002][ T8322] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  449.694955][   T26] kauditd_printk_skb: 2 callbacks suppressed
[  449.695152][   T26] audit: type=1326 audit(1775749041.212:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8325 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a1d8a7819 code=0x7ffc0000
[  449.727118][ T8327] loop1: detected capacity change from 0 to 512
[  450.019744][   T26] audit: type=1326 audit(1775749041.222:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8325 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a1d8a7819 code=0x7ffc0000
[  450.189782][   T26] audit: type=1326 audit(1775749041.342:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8325 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0a1d8a7819 code=0x7ffc0000
[  450.213223][   T26] audit: type=1326 audit(1775749041.352:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8325 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a1d8a7819 code=0x7ffc0000
[  450.237478][   T26] audit: type=1326 audit(1775749041.352:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8325 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a1d8a7819 code=0x7ffc0000
[  450.372645][ T8336] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  450.588580][ T8336] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  451.070437][ T8336] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  451.312599][ T8322] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  451.368586][ T8327] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  451.403455][ T8327] EXT4-fs warning (device loop1): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop1.
[  451.602765][ T8343] loop4: detected capacity change from 0 to 512
[  451.694696][ T8343] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  451.733829][ T8347] netlink: 'syz.0.919': attribute type 1 has an invalid length.
[  451.893438][ T8354] loop1: detected capacity change from 0 to 512
[  451.952450][ T8354] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  453.073444][ T8343] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  453.143343][ T8354] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  453.610457][ T8361] loop3: detected capacity change from 0 to 2048
[  453.715694][ T8361] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  454.149284][ T8372] loop0: detected capacity change from 0 to 256
[  454.645996][ T8372] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  454.748691][ T8376] loop2: detected capacity change from 0 to 1024
[  455.697980][ T8381] loop1: detected capacity change from 0 to 512
[  456.854200][ T4330] hfsplus: b-tree write err: -5, ino 25
[  456.866766][ T4330] hfsplus: b-tree write err: -5, ino 4
[  457.033499][ T8384] loop3: detected capacity change from 0 to 512
[  457.288158][ T8381] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  458.333652][ T8381] EXT4-fs warning (device loop1): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop1.
[  458.356197][ T8384] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  458.421846][ T4330] hfsplus: b-tree write err: -5, ino 2
[  458.531632][ T8384] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  458.568380][ T4330] hfsplus: b-tree write err: -5, ino 26
[  459.080677][ T8390] loop4: detected capacity change from 0 to 2048
[  460.172724][ T8395] loop1: detected capacity change from 0 to 512
[  460.208500][ T8390] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  460.269867][ T8395] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  460.577097][ T8413] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  460.586562][ T8413] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  461.213763][ T8395] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  461.495743][ T8404] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  461.528911][ T8404] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  461.587191][ T8404] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  462.155520][ T8423] loop1: detected capacity change from 0 to 512
[  462.474673][ T8423] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  463.366091][ T8423] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  463.962099][ T8429] loop3: detected capacity change from 0 to 512
[  465.122861][ T8418] netlink: 'syz.4.935': attribute type 1 has an invalid length.
[  465.153176][ T8429] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  465.275132][ T8429] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  466.026712][ T8436] loop4: detected capacity change from 0 to 512
[  467.885176][ T8434] loop2: detected capacity change from 0 to 2048
[  468.035065][ T8436] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  468.086445][ T8442] netlink: 4 bytes leftover after parsing attributes in process `syz.0.943'.
[  468.109626][ T8434] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  468.358309][ T8442] device macvtap2 entered promiscuous mode
[  468.366755][ T8442] 8021q: adding VLAN 0 to HW filter on device macvtap2
[  468.378947][ T8436] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  468.451032][ T8454] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  468.460420][ T8454] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  469.204212][ T8457] loop3: detected capacity change from 0 to 512
[  470.414692][ T8453] netlink: 'syz.1.944': attribute type 1 has an invalid length.
[  470.465497][ T8457] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  470.625868][ T8457] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  471.296073][ T8467] loop4: detected capacity change from 0 to 512
[  471.313715][ T8467] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  471.485476][ T8467] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  472.592404][ T8476] loop1: detected capacity change from 0 to 512
[  472.858128][ T8476] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  473.774568][ T8476] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  474.486835][ T8484] loop3: detected capacity change from 0 to 512
[  475.187848][ T8484] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  475.973668][ T8484] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  478.298765][ T8497] loop4: detected capacity change from 0 to 512
[  478.455301][ T8497] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  478.579528][ T8497] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  480.482037][ T8512] loop3: detected capacity change from 0 to 512
[  480.732456][ T8516] loop2: detected capacity change from 0 to 2048
[  482.553679][ T8512] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  482.659449][ T8529] netlink: 'syz.4.960': attribute type 1 has an invalid length.
[  482.892350][ T8533] netlink: 8 bytes leftover after parsing attributes in process `syz.4.960'.
[  482.902764][ T8533] netlink: 4 bytes leftover after parsing attributes in process `syz.4.960'.
[  482.921100][ T8516] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  483.658331][ T8512] EXT4-fs warning (device loop3): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop3.
[  483.684163][ T8537] bond1: (slave gretap1): making interface the new active one
[  483.845144][ T8537] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  483.929532][ T8529] device macvlan2 entered promiscuous mode
[  484.015167][ T8546] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  484.015375][ T8546] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  484.652075][ T8529] device bond1 entered promiscuous mode
[  484.696920][ T8529] device gretap1 entered promiscuous mode
[  485.117864][ T8529] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  485.188630][ T8529] bond1: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  485.292367][ T8529] device bond1 left promiscuous mode
[  485.306333][ T8529] device gretap1 left promiscuous mode
[  487.255144][ T8553] loop2: detected capacity change from 0 to 512
[  488.029595][ T8553] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  488.422114][ T8569] loop3: detected capacity change from 0 to 512
[  489.513724][ T8553] EXT4-fs: error -4 creating inode table initialization thread
[  489.876144][ T8553] EXT4-fs (loop2): mount failed
[  490.159765][ T8569] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  491.048009][ T8578] device syzkaller0 entered promiscuous mode
[  491.058165][ T8569] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  491.094316][ T8585] netlink: 'syz.1.973': attribute type 1 has an invalid length.
[  491.105731][ T8578] simple: basic_1
[  491.109549][ T8578] simple: basic_2
[  491.113359][ T8578] simple: basic_3
[  491.117084][ T8578] simple: basic_4
[  491.120779][ T8578] simple: basic_5
[  491.124470][ T8578] simple: basic_6
[  491.128169][ T8578] simple: basic_7
[  491.131962][ T8578] simple: basic_8
[  491.136020][ T8578] simple: basic_9
[  491.139813][ T8578] simple: basic_10
[  491.143671][ T8578] simple: basic_11
[  491.147475][ T8578] simple: basic_12
[  491.151244][ T8578] simple: basic_13
[  491.154999][ T8578] simple: basic_14
[  491.158876][ T8578] simple: basic_15
[  491.162630][ T8578] simple: basic_16
[  491.166416][ T8578] simple: basic_17
[  491.170306][ T8578] 0: reclassify loop, rule prio 0, protocol 800
[  491.301194][ T8588] netlink: 8 bytes leftover after parsing attributes in process `syz.1.973'.
[  491.362616][ T8588] netlink: 4 bytes leftover after parsing attributes in process `syz.1.973'.
[  491.929666][ T8585] device macvlan2 entered promiscuous mode
[  491.948176][ T8585] device bond4 entered promiscuous mode
[  491.954345][ T8585] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  491.980898][ T8585] device bond4 left promiscuous mode
[  492.394291][ T8609] CUSE: info not properly terminated
[  492.559282][ T8605] loop4: detected capacity change from 0 to 32768
[  492.661421][ T8605] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.979 (8605)
[  492.776515][ T8605] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  492.785381][ T8605] BTRFS info (device loop4): force zlib compression, level 3
[  492.793356][ T8605] BTRFS info (device loop4): force clearing of disk cache
[  492.800701][ T8605] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  492.810390][ T8605] BTRFS info (device loop4): use zstd compression, level 3
[  492.817987][ T8605] BTRFS info (device loop4): using free space tree
[  492.824947][ T8605] BTRFS info (device loop4): has skinny extents
[  493.508694][ T8615] netlink: 'syz.3.981': attribute type 1 has an invalid length.
[  493.608410][ T8615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.981'.
[  493.649573][ T8615] netlink: 4 bytes leftover after parsing attributes in process `syz.3.981'.
[  493.954907][ T8629] bond4: (slave gretap1): making interface the new active one
[  493.971646][ T8629] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  494.448706][ T8605] BTRFS info (device loop4): enabling ssd optimizations
[  494.464587][ T8605] BTRFS info (device loop4): clearing free space tree
[  494.471750][ T8605] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  494.481964][ T8605] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  494.858674][ T8605] BTRFS info (device loop4): creating free space tree
[  494.868642][ T8605] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  494.880153][ T8605] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  496.639079][ T8672] netlink: 4 bytes leftover after parsing attributes in process `syz.3.989'.
[  496.723897][ T8672] device macvtap7 entered promiscuous mode
[  496.740896][ T8672] 8021q: adding VLAN 0 to HW filter on device macvtap7
[  500.426115][ T8696] netlink: 'syz.4.995': attribute type 1 has an invalid length.
[  500.877752][ T8710] device syzkaller0 entered promiscuous mode
[  501.612414][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  501.621671][ T8716] loop1: detected capacity change from 0 to 1024
[  501.628580][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  501.658596][ T8707] loop0: detected capacity change from 0 to 512
[  501.731942][ T8707] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  502.117833][ T8707] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  502.213453][ T8731] loop3: detected capacity change from 0 to 1024
[  502.615287][ T4326] hfsplus: b-tree write err: -5, ino 25
[  502.670243][ T4326] hfsplus: b-tree write err: -5, ino 4
[  502.680985][ T4326] hfsplus: b-tree write err: -5, ino 2
[  502.688889][ T4326] hfsplus: b-tree write err: -5, ino 26
[  503.178421][ T6153] hfsplus: b-tree write err: -5, ino 25
[  503.184349][ T6153] hfsplus: b-tree write err: -5, ino 4
[  503.258342][ T6153] hfsplus: b-tree write err: -5, ino 2
[  503.264776][ T6153] hfsplus: b-tree write err: -5, ino 26
[  506.447677][ T8776] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  506.463845][ T8776] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  506.473451][ T8776] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  507.119238][ T8775] device syzkaller0 entered promiscuous mode
[  507.854881][ T8798] loop1: detected capacity change from 0 to 512
[  507.935427][ T8798] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  508.820039][ T8798] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  509.294668][ T8802] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  509.440181][ T8802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  509.545116][ T8802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  509.671809][ T8808] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1021'.
[  509.695830][ T8808] device macvtap3 entered promiscuous mode
[  509.733458][ T8808] 8021q: adding VLAN 0 to HW filter on device macvtap3
[  509.938279][ T8817] netlink: 'syz.1.1025': attribute type 1 has an invalid length.
[  509.975507][ T8815] loop4: detected capacity change from 0 to 32768
[  510.023818][ T8815] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.1024 (8815)
[  510.080249][ T8815] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  510.089338][ T8815] BTRFS info (device loop4): force zlib compression, level 3
[  510.096853][ T8815] BTRFS info (device loop4): force clearing of disk cache
[  510.104383][ T8815] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  510.114157][ T8815] BTRFS info (device loop4): use zstd compression, level 3
[  510.121748][ T8815] BTRFS info (device loop4): using free space tree
[  510.128441][ T8815] BTRFS info (device loop4): has skinny extents
[  510.138255][ T8820] IPVS: wlc: FWM 3 0x00000003 - no destination available
[  510.177488][ T8824] loop3: detected capacity change from 0 to 512
[  510.208628][ T8817] device macvlan2 entered promiscuous mode
[  510.216968][ T8817] device bond5 entered promiscuous mode
[  510.223216][ T8817] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  510.237399][ T8824] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  510.271297][ T8817] device bond5 left promiscuous mode
[  510.318258][ T8824] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  510.400576][ T8815] BTRFS info (device loop4): enabling ssd optimizations
[  510.417994][ T8815] BTRFS info (device loop4): clearing free space tree
[  510.424965][ T8815] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  510.435359][ T8815] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  510.502554][ T8815] BTRFS info (device loop4): creating free space tree
[  510.510946][ T8815] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  510.520695][ T8815] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  513.515671][ T8874] loop1: detected capacity change from 0 to 512
[  513.710823][ T8874] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  513.916539][ T8881] loop4: detected capacity change from 0 to 512
[  513.955552][ T8874] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  514.008587][ T8881] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  514.286013][ T8881] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  514.421717][ T8895] loop2: detected capacity change from 0 to 512
[  515.948658][ T8897] IPVS: wlc: FWM 3 0x00000003 - no destination available
[  515.968334][ T8895] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  516.158026][ T8899] Bluetooth: hci0: invalid len left 7, exp >= 38
[  518.705261][ T8895] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  518.796337][ T8908] loop3: detected capacity change from 0 to 2048
[  519.004402][ T8908] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  519.125447][ T8914] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  519.299222][ T8914] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  519.370261][ T8914] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  519.398628][ T8924] overlayfs: missing 'lowerdir'
[  520.219503][ T8917] loop4: detected capacity change from 0 to 512
[  520.376880][ T8917] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  522.518934][ T8943] loop0: detected capacity change from 0 to 512
[  522.595605][ T8917] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  522.672586][ T8943] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  523.175335][ T8943] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  524.821983][ T8947] loop1: detected capacity change from 0 to 512
[  525.507684][ T8947] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  525.988932][ T8947] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  527.034636][ T8965] loop3: detected capacity change from 0 to 1024
[  528.148413][ T6161] hfsplus: b-tree write err: -5, ino 25
[  528.161029][ T6161] hfsplus: b-tree write err: -5, ino 4
[  528.183239][ T6161] hfsplus: b-tree write err: -5, ino 2
[  528.189443][ T6161] hfsplus: b-tree write err: -5, ino 26
[  530.135858][ T8995] loop4: detected capacity change from 0 to 512
[  530.263178][ T8998] loop2: detected capacity change from 0 to 512
[  530.489428][ T8995] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  530.517526][ T8998] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  531.815491][ T9014] loop1: detected capacity change from 0 to 512
[  531.828800][ T8995] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  531.857928][ T8998] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  531.877718][ T9014] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  531.964126][ T9014] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  536.091008][ T9060] netlink: 'syz.1.1084': attribute type 1 has an invalid length.
[  536.843003][ T9068] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1084'.
[  537.097751][ T9060] device macvlan2 entered promiscuous mode
[  537.106026][ T9060] device bond6 entered promiscuous mode
[  537.155898][ T9060] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  537.353200][ T9072] loop2: detected capacity change from 0 to 32768
[  537.399367][ T9060] device bond6 left promiscuous mode
[  537.444417][ T9072] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 scanned by syz.2.1087 (9072)
[  538.217567][ T9072] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  538.227638][ T9072] BTRFS info (device loop2): force zlib compression, level 3
[  538.235611][ T9072] BTRFS info (device loop2): force clearing of disk cache
[  538.242862][ T9072] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  538.252853][ T9072] BTRFS info (device loop2): use zstd compression, level 3
[  538.260926][ T9072] BTRFS info (device loop2): using free space tree
[  538.267794][ T9072] BTRFS info (device loop2): has skinny extents
[  538.338267][ T4233] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  538.367006][ T4233] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  538.677139][ T9072] BTRFS info (device loop2): enabling ssd optimizations
[  538.686863][ T9072] BTRFS info (device loop2): clearing free space tree
[  538.693780][ T9072] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  538.703746][ T9072] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  538.718207][ T9072] BTRFS info (device loop2): creating free space tree
[  538.726160][ T9072] BTRFS info (device loop2): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  538.736907][ T9072] BTRFS info (device loop2): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  539.167148][ T9112] loop1: detected capacity change from 0 to 512
[  539.248779][ T9112] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  539.407728][ T9112] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  540.315625][ T9133] loop2: detected capacity change from 0 to 512
[  540.390914][ T9133] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  540.497062][ T9133] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  541.277559][ T9141] device syzkaller0 entered promiscuous mode
[  541.288445][ T9141] simple: basic_1
[  541.292160][ T9141] simple: basic_2
[  541.296008][ T9141] simple: basic_3
[  541.299882][ T9141] simple: basic_4
[  541.303697][ T9141] simple: basic_5
[  541.307435][ T9141] simple: basic_6
[  541.311117][ T9141] simple: basic_7
[  541.314790][ T9141] simple: basic_8
[  541.318638][ T9141] simple: basic_9
[  541.322431][ T9141] simple: basic_10
[  541.326245][ T9141] simple: basic_11
[  541.330103][ T9141] simple: basic_12
[  541.334051][ T9141] simple: basic_13
[  541.338151][ T9141] simple: basic_14
[  541.341962][ T9141] simple: basic_15
[  541.345830][ T9141] simple: basic_16
[  541.350228][ T9141] simple: basic_17
[  541.354146][ T9141] 0: reclassify loop, rule prio 0, protocol 800
[  541.388600][ T9142] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  541.453576][ T9142] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  541.477447][ T9142] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  541.781610][ T9151] CUSE: info not properly terminated
[  543.016976][ T9162] kvm: apic: phys broadcast and lowest prio
[  543.414771][ T9169] loop1: detected capacity change from 0 to 512
[  543.514927][ T9169] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  543.627246][ T9176] loop4: detected capacity change from 0 to 512
[  543.677013][ T9176] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  544.311492][ T9176] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  544.810395][ T9169] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  545.376444][ T9188] CUSE: info not properly terminated
[  545.807446][ T9199] loop1: detected capacity change from 0 to 512
[  545.946613][ T9199] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  546.256982][ T9199] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  547.683918][ T9216] loop0: detected capacity change from 0 to 512
[  547.778300][ T9216] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  548.915247][ T9216] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  551.079318][ T9235] netlink: 'syz.0.1124': attribute type 1 has an invalid length.
[  551.230975][ T9235] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  551.388658][ T9235] bond4: (slave vxcan3): Error -22 calling dev_set_mtu
[  551.536813][ T9238] loop4: detected capacity change from 0 to 512
[  551.549538][ T9243] device macvlan2 entered promiscuous mode
[  551.573833][ T9243] device bond4 entered promiscuous mode
[  551.581582][ T9243] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  551.600487][ T9243] device bond4 left promiscuous mode
[  551.633764][ T9238] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  551.675859][ T9244] netlink: 'syz.1.1126': attribute type 1 has an invalid length.
[  551.771251][ T9238] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  551.882258][ T9245] bond7: (slave vxcan7): The slave device specified does not support setting the MAC address
[  551.969505][ T9245] bond7: (slave vxcan7): Error -22 calling dev_set_mtu
[  552.170651][ T4230] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  552.218750][ T4230] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  552.330316][ T9264] loop1: detected capacity change from 0 to 512
[  553.506419][ T9264] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  553.654207][ T9264] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  554.204955][ T9267] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1130'.
[  554.237272][ T9267] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1130'.
[  554.684094][ T9282] netlink: 'syz.1.1133': attribute type 1 has an invalid length.
[  554.830575][ T9285] loop4: detected capacity change from 0 to 512
[  556.056693][ T9285] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  556.161057][ T9285] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  556.719782][ T9283] bond8: (slave vxcan7): The slave device specified does not support setting the MAC address
[  556.743414][ T9283] bond8: (slave vxcan7): Error -22 calling dev_set_mtu
[  556.795839][ T9293] netlink: 'syz.2.1135': attribute type 1 has an invalid length.
[  557.161313][ T9300] loop0: detected capacity change from 0 to 32768
[  557.333384][ T9300] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz.0.1136 (9300)
[  557.411263][ T9300] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  557.430599][ T9300] BTRFS info (device loop0): force zlib compression, level 3
[  557.466647][ T9300] BTRFS info (device loop0): force clearing of disk cache
[  557.623919][ T9300] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  557.854967][ T9300] BTRFS info (device loop0): use zstd compression, level 3
[  558.089195][ T9300] BTRFS info (device loop0): using free space tree
[  558.136457][ T9300] BTRFS info (device loop0): has skinny extents
[  559.481469][ T9327] loop1: detected capacity change from 0 to 512
[  560.025327][ T9338] loop4: detected capacity change from 0 to 512
[  560.105260][ T9338] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  560.678527][ T9327] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  560.825336][ T9338] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  560.937431][ T9327] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  561.741563][ T9351] loop2: detected capacity change from 0 to 1024
[  562.595232][ T6173] hfsplus: b-tree write err: -5, ino 25
[  562.647719][ T5005] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by udevd (5005)
[  562.660912][ T9300] BTRFS error (device loop0): open_ctree failed: -12
[  562.699941][ T6173] hfsplus: b-tree write err: -5, ino 4
[  562.711924][ T9357] loop3: detected capacity change from 0 to 512
[  562.723567][ T6173] hfsplus: b-tree write err: -5, ino 2
[  562.785226][ T9357] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  562.901446][ T6173] hfsplus: b-tree write err: -5, ino 26
[  562.927687][ T9357] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  563.050263][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  563.057423][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  563.538402][ T8668] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[  563.620990][ T8668] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  564.197934][ T9370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1149'.
[  564.246861][ T9370] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1149'.
[  565.729018][ T9390] loop2: detected capacity change from 0 to 512
[  565.826972][ T9390] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  565.963466][ T9390] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  566.487659][ T9400] loop0: detected capacity change from 0 to 16
[  566.527898][ T4907] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  566.574054][ T4907] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  566.631856][ T9400] erofs: (device loop0): mounted with root inode @ nid 36.
[  566.673808][ T8477] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0
[  566.902769][ T8477] hid-generic 0000:0000:0000.0016: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  567.750550][ T9417] loop2: detected capacity change from 0 to 512
[  567.832587][ T9417] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  567.991862][ T9417] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  568.884197][ T9420] loop0: detected capacity change from 0 to 32768
[  568.962411][ T9420] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  568.990228][ T9420] BTRFS info (device loop0): force zlib compression, level 3
[  569.019912][ T9420] BTRFS info (device loop0): force clearing of disk cache
[  569.029306][ T9420] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  569.104108][ T9420] BTRFS info (device loop0): use zstd compression, level 3
[  569.116604][ T9420] BTRFS info (device loop0): using free space tree
[  569.127638][ T9420] BTRFS info (device loop0): has skinny extents
[  569.543999][ T9449] loop1: detected capacity change from 0 to 512
[  569.606420][ T9449] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  569.811794][ T9449] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  570.034138][ T9420] BTRFS info (device loop0): enabling ssd optimizations
[  570.111625][ T9420] BTRFS info (device loop0): clearing free space tree
[  570.274617][ T9420] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  570.415964][ T9420] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  570.437424][ T9420] BTRFS info (device loop0): creating free space tree
[  570.473593][ T9420] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  570.546409][ T9420] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  570.767982][ T9464] loop3: detected capacity change from 0 to 512
[  570.817028][ T9464] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  570.987903][ T9464] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  571.904283][ T9469] CUSE: info not properly terminated
[  572.133447][ T9474] loop1: detected capacity change from 0 to 512
[  574.126580][ T9480] loop2: detected capacity change from 0 to 512
[  574.858467][ T9480] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  575.964665][ T9480] EXT4-fs warning (device loop2): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop2.
[  577.197079][ T9496] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1173'.
[  577.268068][ T9502] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1176'.
[  578.191803][ T9508] loop3: detected capacity change from 0 to 512
[  578.297797][ T9508] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  578.409911][ T9508] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  579.002666][ T9519] CUSE: info not properly terminated
[  579.344198][ T9520] loop4: detected capacity change from 0 to 512
[  579.430463][ T9520] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  579.523422][ T9520] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  580.052338][ T9524] loop0: detected capacity change from 0 to 32768
[  580.100987][ T9524] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz.0.1182 (9524)
[  580.161089][ T9524] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  580.170607][ T9524] BTRFS info (device loop0): force zlib compression, level 3
[  580.178936][ T9524] BTRFS info (device loop0): force clearing of disk cache
[  580.186278][ T9524] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  580.195880][ T9524] BTRFS info (device loop0): use zstd compression, level 3
[  580.203355][ T9524] BTRFS info (device loop0): using free space tree
[  580.210210][ T9524] BTRFS info (device loop0): has skinny extents
[  580.630316][ T9543] loop2: detected capacity change from 0 to 128
[  580.652349][ T9543] qnx6: invalid mount options.
[  582.480744][ T9524] BTRFS info (device loop0): enabling ssd optimizations
[  582.492966][ T9524] BTRFS info (device loop0): clearing free space tree
[  582.500184][ T9524] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  582.510165][ T9524] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  582.598964][ T9524] BTRFS info (device loop0): creating free space tree
[  582.606911][ T9524] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  582.616953][ T9524] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  582.849313][ T8477] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  584.074715][ T9580] loop4: detected capacity change from 0 to 512
[  584.775603][ T8477] usb 2-1: Using ep0 maxpacket: 32
[  584.795310][ T9580] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  584.977542][ T9580] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  585.066772][ T8477] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  585.126057][ T8477] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.188425][ T4176] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 11 /dev/loop0 scanned by udevd (4176)
[  585.249578][ T8477] usb 2-1: Product: syz
[  585.297104][ T8477] usb 2-1: Manufacturer: syz
[  585.336661][ T8477] usb 2-1: SerialNumber: syz
[  585.434646][ T8477] usb 2-1: config 0 descriptor??
[  585.486446][ T8477] usb 2-1: can't set config #0, error -71
[  585.549554][ T8477] usb 2-1: USB disconnect, device number 16
[  585.644333][ T9590] loop1: detected capacity change from 0 to 2048
[  585.767098][ T9591] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  586.694356][ T9604] xt_CT: You must specify a L4 protocol and not use inversions on it
[  587.048421][ T4233] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[  587.087417][ T4233] hid-generic 0000:0000:0000.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  587.269173][ T9611] loop0: detected capacity change from 0 to 512
[  587.374282][ T9613] CUSE: info not properly terminated
[  587.659237][ T9611] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  587.756918][ T9611] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  588.195863][ T9618] loop4: detected capacity change from 0 to 32768
[  589.355975][ T9625] loop3: detected capacity change from 0 to 512
[  589.834102][ T9625] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  590.903101][ T9639] loop0: detected capacity change from 0 to 512
[  591.009775][ T9639] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  591.029836][ T9625] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  591.386085][ T9639] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  591.981269][ T9665] loop0: detected capacity change from 0 to 2048
[  592.176509][ T9670] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  593.255820][ T9675] loop1: detected capacity change from 0 to 512
[  593.549968][ T9677] loop2: detected capacity change from 0 to 32768
[  593.612037][ T9675] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  593.946934][ T9675] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  594.881198][ T9684] autofs4:pid:9684:autofs_fill_super: called with bogus options
[  595.899513][ T9689] loop1: detected capacity change from 0 to 512
[  597.073036][ T9689] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  597.344056][ T9690] loop2: detected capacity change from 0 to 512
[  597.354732][ T9689] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  597.560993][ T9690] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  597.844989][ T9695] autofs4:pid:9695:autofs_fill_super: called with bogus options
[  598.753926][ T9690] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  599.237114][ T9712] loop1: detected capacity change from 0 to 16
[  599.302348][ T9714] CUSE: info not properly terminated
[  599.342216][ T9712] erofs: (device loop1): mounted with root inode @ nid 36.
[  600.147922][ T9720] loop3: detected capacity change from 0 to 512
[  600.194879][ T9720] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  601.538471][ T9724] loop0: detected capacity change from 0 to 512
[  601.725965][ T9724] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  602.984531][ T9720] EXT4-fs: failed to create workqueue
[  603.055416][ T9724] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  603.107302][ T9720] EXT4-fs (loop3): mount failed
[  603.821070][ T9730] loop3: detected capacity change from 0 to 2048
[  603.940048][ T9736] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  604.036850][ T9733] loop4: detected capacity change from 0 to 32768
[  604.668860][ T9742] autofs4:pid:9742:autofs_fill_super: called with bogus options
[  607.808210][ T9771] xt_CT: You must specify a L4 protocol and not use inversions on it
[  609.430309][ T9780] loop4: detected capacity change from 0 to 512
[  609.631586][ T9780] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  609.705465][ T9799] netlink: 'syz.0.1245': attribute type 1 has an invalid length.
[  609.736251][ T9780] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  609.825324][ T9804] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  609.837552][ T9804] bond5: (slave vxcan3): Error -22 calling dev_set_mtu
[  609.875470][ T9799] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1245'.
[  609.888938][ T9799] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1245'.
[  609.984958][ T9799] device macvlan2 entered promiscuous mode
[  610.001844][ T9799] device bond5 entered promiscuous mode
[  610.046955][ T9799] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  610.067505][ T9799] device bond5 left promiscuous mode
[  610.205644][ T9808] loop4: detected capacity change from 0 to 16
[  610.408719][ T9808] erofs: (device loop4): mounted with root inode @ nid 36.
[  611.692673][ T9823] device syzkaller0 entered promiscuous mode
[  613.684830][ T9853] loop1: detected capacity change from 0 to 512
[  615.920556][ T9849] loop0: detected capacity change from 0 to 512
[  615.999860][ T9849] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  616.023617][ T9853] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  616.102987][ T9853] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  616.116400][ T9849] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  616.191323][ T4914] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  616.283321][ T4914] hid-generic 0000:0000:0000.0018: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  616.593047][ T9867] loop4: detected capacity change from 0 to 512
[  617.218925][ T9867] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  617.909619][ T9867] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  618.807048][ T9356] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0
[  618.842212][ T9356] hid-generic 0000:0000:0000.0019: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  619.739040][ T9905] loop3: detected capacity change from 0 to 512
[  620.010707][ T9905] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  621.190520][   T26] audit: type=1800 audit(1775749213.492:95): pid=9894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1269" name="bus" dev="ramfs" ino=60408 res=0 errno=0
[  622.520521][ T9927] loop1: detected capacity change from 0 to 2048
[  622.627136][ T9905] EXT4-fs: error -4 creating inode table initialization thread
[  622.637707][ T9905] EXT4-fs (loop3): mount failed
[  622.720677][ T9935] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  622.737017][ T9935] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  622.754607][ T9935] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  622.762245][ T9936] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  623.216604][ T8668] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  624.106422][ T8668] usb 4-1: Using ep0 maxpacket: 32
[  624.475033][ T9952] loop1: detected capacity change from 0 to 512
[  624.490156][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  624.497916][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  624.512625][ T9952] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  624.536811][ T8668] usb 4-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  624.567752][ T8668] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  624.577624][ T8668] usb 4-1: Product: syz
[  624.582646][ T8668] usb 4-1: Manufacturer: syz
[  624.632132][ T8668] usb 4-1: SerialNumber: syz
[  624.834889][ T8668] usb 4-1: config 0 descriptor??
[  625.406488][ T8668] airspy 4-1:0.0: Board ID: 00
[  625.428250][ T8668] airspy 4-1:0.0: Firmware version: 
[  625.628653][ T8668] airspy 4-1:0.0: usb_control_msg() failed -71 request 11
[  625.668246][ T8668] airspy 4-1:0.0: Registered as swradio24
[  625.696448][ T8668] airspy 4-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  625.723060][ T8668] usb 4-1: USB disconnect, device number 26
[  627.157573][ T9952] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  627.345065][ T9973] loop0: detected capacity change from 0 to 512
[  627.418585][ T9973] EXT4-fs (loop0): Ignoring removed nobh option
[  627.466087][ T9973] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.1291: iget: bad i_size value: 38620345925642
[  627.486824][ T9973] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1291: couldn't read orphan inode 15 (err -117)
[  627.499474][ T9973] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback.
[  628.438944][ T9981] loop1: detected capacity change from 0 to 512
[  628.458834][ T9981] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  628.545856][ T9981] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  629.285516][ T9988] loop4: detected capacity change from 0 to 2048
[  629.590130][ T9996] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  629.697007][ T9997] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  629.706805][ T9998] loop3: detected capacity change from 0 to 2048
[  629.773536][ T9997] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  629.782046][ T9997] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  629.829455][ T9998] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  630.728895][ T4186] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  631.063029][T10015] netlink: 'syz.4.1303': attribute type 1 has an invalid length.
[  631.844418][T10019] bond3: (slave vxcan5): The slave device specified does not support setting the MAC address
[  631.974353][T10027] loop2: detected capacity change from 0 to 512
[  632.067399][T10019] bond3: (slave vxcan5): Error -22 calling dev_set_mtu
[  632.301354][T10027] EXT4-fs (loop2): Ignoring removed nobh option
[  632.416690][T10027] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.1306: iget: bad i_size value: 38620345925642
[  632.470698][T10015] device macvlan2 entered promiscuous mode
[  632.542552][T10015] device bond3 entered promiscuous mode
[  632.555303][T10027] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1306: couldn't read orphan inode 15 (err -117)
[  632.593711][T10015] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  632.615554][T10015] device bond3 left promiscuous mode
[  632.615710][T10027] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback.
[  632.727539][T10036] hub 8-0:1.0: USB hub found
[  632.734443][T10036] hub 8-0:1.0: 1 port detected
[  634.096992][ T9970] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  634.688144][T10051] Bluetooth: hci0: invalid len left 7, exp >= 108
[  636.169140][T10068] netlink: 'syz.0.1318': attribute type 1 has an invalid length.
[  636.515651][ T1337] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0
[  636.534647][ T1337] hid-generic 0000:0000:0000.001A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  636.700981][T10074] bond6: (slave vxcan3): The slave device specified does not support setting the MAC address
[  636.787325][T10074] bond6: (slave vxcan3): Error -22 calling dev_set_mtu
[  637.088767][T10095] hub 8-0:1.0: USB hub found
[  637.094519][T10095] hub 8-0:1.0: 1 port detected
[  638.117206][T10097] netlink: 'syz.3.1326': attribute type 1 has an invalid length.
[  638.132641][T10102] loop4: detected capacity change from 0 to 2048
[  638.192183][   T26] audit: type=1800 audit(1775749230.502:96): pid=10080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1320" name="bus" dev="ramfs" ino=61790 res=0 errno=0
[  638.304442][T10107] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  638.472910][T10113] overlayfs: failed to resolve './file0': -2
[  639.400923][T10105] bond5: (slave vxcan9): The slave device specified does not support setting the MAC address
[  639.473782][T10105] bond5: (slave vxcan9): Error -22 calling dev_set_mtu
[  639.998643][T10123] loop1: detected capacity change from 0 to 512
[  640.143528][T10123] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  640.291931][T10123] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  640.347501][T10133] hub 8-0:1.0: USB hub found
[  640.417203][T10133] hub 8-0:1.0: 1 port detected
[  641.016400][T10140] netlink: 'syz.2.1336': attribute type 10 has an invalid length.
[  641.858600][T10158] overlayfs: failed to resolve './file0': -2
[  642.705813][T10169] loop1: detected capacity change from 0 to 2048
[  642.732001][   T26] audit: type=1800 audit(1775749235.042:97): pid=10147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1338" name="bus" dev="ramfs" ino=61129 res=0 errno=0
[  642.837645][T10173] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  643.042789][T10175] netlink: 'syz.0.1347': attribute type 1 has an invalid length.
[  643.154393][T10177] bond7: (slave vxcan3): The slave device specified does not support setting the MAC address
[  643.165906][T10177] bond7: (slave vxcan3): Error -22 calling dev_set_mtu
[  643.844919][T10184] loop0: detected capacity change from 0 to 512
[  644.066613][T10184] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  644.614193][   T26] audit: type=1800 audit(1775749236.922:98): pid=10181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1348" name="bus" dev="ramfs" ino=61240 res=0 errno=0
[  644.667884][T10184] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  645.113034][T10204] overlayfs: failed to resolve './file0': -2
[  645.919803][T10206] netlink: 'syz.1.1355': attribute type 1 has an invalid length.
[  646.091442][T10209] bond9: (slave vxcan7): The slave device specified does not support setting the MAC address
[  646.218372][T10209] bond9: (slave vxcan7): Error -22 calling dev_set_mtu
[  646.470883][T10217] loop3: detected capacity change from 0 to 32768
[  646.707168][T10223] loop1: detected capacity change from 0 to 128
[  646.906258][T10223] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  646.962867][T10223] ext4 filesystem being mounted at /281/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  647.810868][T10241] loop4: detected capacity change from 0 to 128
[  647.914441][T10243] netlink: 'syz.3.1364': attribute type 1 has an invalid length.
[  648.030697][T10241] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  648.046531][   T26] audit: type=1800 audit(1775749240.352:99): pid=10218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1357" name="bus" dev="ramfs" ino=61953 res=0 errno=0
[  648.067092][T10241] ext4 filesystem being mounted at /288/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  648.101759][    C1] vkms_vblank_simulate: vblank timer overrun
[  649.286936][T10245] bond6: (slave vxcan9): The slave device specified does not support setting the MAC address
[  649.348691][T10245] bond6: (slave vxcan9): Error -22 calling dev_set_mtu
[  649.403284][T10257] loop2: detected capacity change from 0 to 2048
[  649.454066][T10243] device macvlan2 entered promiscuous mode
[  649.497333][T10243] bond6: (slave macvlan2): Error -98 calling set_mac_address
[  649.500534][T10257] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  649.798718][T10266] loop4: detected capacity change from 0 to 512
[  650.021117][T10266] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  650.118694][T10266] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  650.406425][T10277] device syzkaller0 entered promiscuous mode
[  651.673064][T10290] Bluetooth: hci0: invalid len left 7, exp >= 108
[  654.781793][T10327] CUSE: info not properly terminated
[  654.883096][ T4193] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  655.958738][T10333] device syzkaller0 entered promiscuous mode
[  656.297578][T10355] hub 8-0:1.0: USB hub found
[  656.302441][T10355] hub 8-0:1.0: 1 port detected
[  656.558760][T10346] loop4: detected capacity change from 0 to 1024
[  656.733589][T10346] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  656.921249][T10346] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  657.427837][T10346] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #11: comm syz.4.1388: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  657.537621][T10346] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1388: couldn't read orphan inode 11 (err -117)
[  657.605853][T10346] EXT4-fs (loop4): mounted filesystem without journal. Opts: sysvgroups,bsdgroups,mblk_io_submit,jqfmt=vfsv0,discard,usrjquota=,grpquota,quota,,errors=continue. Quota mode: writeback.
[  657.723299][T10346] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.1388: Invalid block bitmap block 0 in block_group 0
[  657.806753][T10346] Quota error (device loop4): write_blk: dquota write failed
[  657.842976][T10346] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  657.872644][T10346] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.1388: Failed to acquire dquot type 0
[  657.933227][T10356] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1388: Invalid inode bitmap blk 137438953472 in block_group 0
[  658.224700][ T4330] EXT4-fs error (device loop4): __ext4_get_inode_loc:4327: comm kworker/u4:10: Invalid inode table block 8589934593 in block_group 0
[  658.407751][T10375] Bluetooth: hci0: invalid len left 7, exp >= 108
[  658.826773][T10381] loop4: detected capacity change from 0 to 256
[  659.631250][T10381] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  660.151982][T10390] hub 8-0:1.0: USB hub found
[  660.156912][T10390] hub 8-0:1.0: 1 port detected
[  660.572738][T10394] CUSE: info not properly terminated
[  661.603028][T10402] loop2: detected capacity change from 0 to 128
[  662.627913][T10402] qnx6: invalid mount options.
[  662.717248][T10407] loop4: detected capacity change from 0 to 512
[  662.829488][T10409] netlink: 'syz.3.1403': attribute type 10 has an invalid length.
[  662.962646][T10407] EXT4-fs (loop4): Ignoring removed nobh option
[  663.093389][T10407] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1404: iget: bad i_size value: 38620345925642
[  663.108980][T10412] loop0: detected capacity change from 0 to 32768
[  663.124162][T10418] loop3: detected capacity change from 0 to 128
[  663.148535][T10407] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1404: couldn't read orphan inode 15 (err -117)
[  663.162972][T10417] Bluetooth: hci0: invalid len left 7, exp >= 108
[  663.206705][T10407] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback.
[  663.229108][T10412] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  663.238140][T10412] BTRFS info (device loop0): force zlib compression, level 3
[  663.245570][T10412] BTRFS info (device loop0): force clearing of disk cache
[  663.253075][T10412] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  663.263573][T10412] BTRFS info (device loop0): use zstd compression, level 3
[  663.270900][T10412] BTRFS info (device loop0): using free space tree
[  663.277680][T10412] BTRFS info (device loop0): has skinny extents
[  663.294541][T10418] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  663.308072][T10418] ext4 filesystem being mounted at /264/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  663.803751][T10436] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.1410'.
[  663.915639][T10445] loop4: detected capacity change from 0 to 128
[  663.995194][T10434] netlink: 'syz.1.1409': attribute type 10 has an invalid length.
[  664.012475][T10412] BTRFS info (device loop0): enabling ssd optimizations
[  664.022748][T10412] BTRFS info (device loop0): clearing free space tree
[  664.029673][T10412] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  664.039544][T10412] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  664.054053][T10412] BTRFS info (device loop0): creating free space tree
[  664.062003][T10412] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  664.072360][T10412] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  664.075029][T10445] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  664.096441][T10445] ext4 filesystem being mounted at /301/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  665.469541][T10471] device syzkaller0 entered promiscuous mode
[  665.728464][T10479] Bluetooth: hci0: invalid len left 7, exp >= 108
[  666.878296][T10494] netlink: 'syz.0.1423': attribute type 10 has an invalid length.
[  667.956661][T10505] loop2: detected capacity change from 0 to 128
[  669.106370][T10508] hub 8-0:1.0: USB hub found
[  669.113411][T10508] hub 8-0:1.0: 1 port detected
[  669.682469][T10505] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  669.738889][T10505] ext4 filesystem being mounted at /278/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  670.293541][T10525] device syzkaller0 entered promiscuous mode
[  671.810590][T10539] netlink: 'syz.3.1435': attribute type 10 has an invalid length.
[  671.833328][T10541] hub 8-0:1.0: USB hub found
[  671.863210][T10541] hub 8-0:1.0: 1 port detected
[  672.315198][ T4910] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[  672.359287][ T4910] hid-generic 0000:0000:0000.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  672.633169][T10549] netlink: 'syz.2.1439': attribute type 10 has an invalid length.
[  672.795828][T10534] loop4: detected capacity change from 0 to 40427
[  672.922610][T10534] F2FS-fs (loop4): invalid crc value
[  672.944969][T10534] F2FS-fs (loop4): Found nat_bits in checkpoint
[  673.081964][T10534] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  673.276919][T10565] device syzkaller0 entered promiscuous mode
[  673.666944][T10569] netlink: 'syz.2.1444': attribute type 10 has an invalid length.
[  673.742569][T10572] netlink: 'syz.3.1445': attribute type 10 has an invalid length.
[  673.882172][ T4910] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  673.901554][ T4910] hid-generic 0000:0000:0000.001C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  674.420102][T10585] netlink: 'syz.1.1449': attribute type 10 has an invalid length.
[  674.490461][ T4188] attempt to access beyond end of device
[  674.490461][ T4188] loop4: rw=2049, want=45104, limit=40427
[  674.805996][T10595] loop2: detected capacity change from 0 to 2048
[  674.921320][T10595] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  675.497214][T10615] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1456'.
[  677.267148][T10626] loop0: detected capacity change from 0 to 32768
[  677.327419][T10626] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz.0.1459 (10626)
[  677.467514][T10626] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  677.476537][T10626] BTRFS info (device loop0): force zlib compression, level 3
[  677.484093][T10626] BTRFS info (device loop0): force clearing of disk cache
[  677.491448][T10626] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  677.502116][T10626] BTRFS info (device loop0): use zstd compression, level 3
[  677.509641][T10626] BTRFS info (device loop0): using free space tree
[  677.516373][T10626] BTRFS info (device loop0): has skinny extents
[  677.530876][T10629] loop4: detected capacity change from 0 to 2048
[  677.549773][T10628] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1458'.
[  678.842223][ T4193] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  678.910568][T10641] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  680.666622][T10669] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1465'.
[  680.800633][T10626] BTRFS error (device loop0): open_ctree failed: -12
[  680.862662][T10642] loop1: detected capacity change from 0 to 40427
[  680.977761][T10642] F2FS-fs (loop1): invalid crc value
[  681.001610][T10642] F2FS-fs (loop1): Found nat_bits in checkpoint
[  681.101106][T10678] netlink: 'syz.4.1467': attribute type 10 has an invalid length.
[  681.169901][T10642] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  682.235936][ T4187] attempt to access beyond end of device
[  682.235936][ T4187] loop1: rw=2049, want=45104, limit=40427
[  682.763448][T10695] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1472'.
[  683.076881][T10695] loop2: detected capacity change from 0 to 512
[  686.037931][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  686.044315][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  686.842291][T10728] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1478'.
[  687.149880][T10732] loop4: detected capacity change from 0 to 512
[  690.553048][T10756] netlink: 'syz.2.1486': attribute type 10 has an invalid length.
[  691.903579][T10765] loop2: detected capacity change from 0 to 1024
[  692.663333][T10773] loop3: detected capacity change from 0 to 2048
[  692.803092][T10773] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  693.320011][T10782] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1492'.
[  694.552237][ T4186] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  694.653586][T10786] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1493'.
[  694.787466][ T6173] hfsplus: b-tree write err: -5, ino 25
[  694.808241][ T6173] hfsplus: b-tree write err: -5, ino 4
[  694.828296][ T6173] hfsplus: b-tree write err: -5, ino 2
[  694.860472][ T6173] hfsplus: b-tree write err: -5, ino 26
[  695.008234][T10786] loop0: detected capacity change from 0 to 512
[  698.202563][T10811] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1501'.
[  698.520847][T10819] loop1: detected capacity change from 0 to 512
[  700.272914][T10816] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1496'.
[  701.943129][T10834] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1507'.
[  702.021843][T10832] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1504'.
[  703.319416][T10836] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1506'.
[  705.504784][T10861] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1513'.
[  708.231829][T10885] Bluetooth: hci0: unsupported parameter 255
[  708.301010][T10885] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  708.789522][T10888] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1517'.
[  708.825825][T10884] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1519'.
[  709.324652][T10889] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1521'.
[  709.812637][T10895] loop3: detected capacity change from 0 to 512
[  710.602593][T10898] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1523'.
[  711.856716][T10907] loop2: detected capacity change from 0 to 1024
[  713.541325][T10924] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1530'.
[  713.916344][T10933] loop1: detected capacity change from 0 to 512
[  716.418098][T10939] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1532'.
[  716.710779][T10939] loop4: detected capacity change from 0 to 512
[  717.319112][T10945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1534'.
[  717.507902][T10950] Bluetooth: hci0: unsupported parameter 255
[  717.514063][T10950] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  718.219520][T10955] loop4: detected capacity change from 0 to 2048
[  718.334395][T10955] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  718.797744][ T6303] hfsplus: b-tree write err: -5, ino 25
[  718.808288][ T6303] hfsplus: b-tree write err: -5, ino 4
[  718.823632][ T6303] hfsplus: b-tree write err: -5, ino 2
[  718.832691][ T6303] hfsplus: b-tree write err: -5, ino 26
[  719.029979][T10963] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1539'.
[  719.818652][T10965] CUSE: info not properly terminated
[  722.478428][ T4188] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  722.886338][ T8668] Bluetooth: hci5: command 0x1003 tx timeout
[  722.905728][T10723] Bluetooth: hci5: sending frame failed (-49)
[  724.976417][ T4910] Bluetooth: hci5: command 0x1001 tx timeout
[  724.987559][T10723] Bluetooth: hci5: sending frame failed (-49)
[  725.079145][T11020] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1553'.
[  725.454075][T11022] loop3: detected capacity change from 0 to 512
[  727.080172][ T4910] Bluetooth: hci5: command 0x1009 tx timeout
[  727.311798][T11026] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1555'.
[  727.629637][T11028] loop3: detected capacity change from 0 to 512
[  729.430955][T11039] loop1: detected capacity change from 0 to 512
[  729.470083][T11038] loop3: detected capacity change from 0 to 2048
[  729.523803][T11039] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  729.685056][T11039] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  729.748434][T11038] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  730.042265][ T4186] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  730.059737][T11052] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1561'.
[  731.877289][T11072] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1566'.
[  733.506917][T11077] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1569'.
[  733.816448][T11081] loop2: detected capacity change from 0 to 512
[  734.916903][T11087] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1568'.
[  735.792119][T11089] loop4: detected capacity change from 0 to 32768
[  736.886694][T11089] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.1571 (11089)
[  737.384041][T11089] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  737.392981][T11089] BTRFS info (device loop4): force zlib compression, level 3
[  737.401398][T11089] BTRFS info (device loop4): force clearing of disk cache
[  737.409146][T11089] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  737.418790][T11089] BTRFS info (device loop4): use zstd compression, level 3
[  737.426065][T11089] BTRFS info (device loop4): using free space tree
[  737.432629][T11089] BTRFS info (device loop4): has skinny extents
[  737.664274][T11107] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1576'.
[  737.981708][T11107] loop2: detected capacity change from 0 to 512
[  738.533809][T11089] BTRFS error (device loop4): open_ctree failed: -12
[  739.785298][ T5005] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by udevd (5005)
[  740.102228][T11137] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1580'.
[  740.376751][T11137] loop2: detected capacity change from 0 to 512
[  741.873499][T11160] loop3: detected capacity change from 0 to 512
[  741.974061][T11160] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  742.265938][T11160] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  747.530497][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  747.537299][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  750.186299][T11230] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1604'.
[  750.710218][T11235] loop1: detected capacity change from 0 to 512
[  752.721912][ T6147] Bluetooth: hci5: Frame reassembly failed (-84)
[  754.018628][T11255] loop3: detected capacity change from 0 to 512
[  754.061125][T11255] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  754.182486][T11255] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  754.667671][T11267] loop3: detected capacity change from 0 to 2048
[  754.726379][ T5371] Bluetooth: hci5: command 0x1003 tx timeout
[  754.733175][T10723] Bluetooth: hci5: sending frame failed (-49)
[  754.761103][T11267] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  754.803933][T11274] loop4: detected capacity change from 0 to 1024
[  755.584058][ T4186] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  755.767739][ T6147] hfsplus: b-tree write err: -5, ino 25
[  755.789324][ T6147] hfsplus: b-tree write err: -5, ino 4
[  755.795047][ T6147] hfsplus: b-tree write err: -5, ino 2
[  755.856249][ T6147] hfsplus: b-tree write err: -5, ino 26
[  756.233678][T11288] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1615'.
[  756.806250][ T4230] Bluetooth: hci5: command 0x1001 tx timeout
[  756.812671][T10723] Bluetooth: hci5: sending frame failed (-49)
[  757.767884][T11307] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1621'.
[  758.139907][T11312] device syzkaller0 entered promiscuous mode
[  758.428502][T11315] loop0: detected capacity change from 0 to 2048
[  758.523407][T11315] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  758.779044][T11321] loop4: detected capacity change from 0 to 1024
[  759.008598][ T4175] Bluetooth: hci5: command 0x1009 tx timeout
[  759.318894][ T4189] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  759.784709][T11330] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1630'.
[  760.266890][    T9] hfsplus: b-tree write err: -5, ino 25
[  760.282525][    T9] hfsplus: b-tree write err: -5, ino 4
[  760.301347][    T9] hfsplus: b-tree write err: -5, ino 2
[  760.319077][    T9] hfsplus: b-tree write err: -5, ino 26
[  762.550382][T11355] device syzkaller0 entered promiscuous mode
[  762.752290][T11362] loop4: detected capacity change from 0 to 2048
[  762.913348][T11367] loop3: detected capacity change from 0 to 1024
[  763.181998][T11362] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  763.463934][T11378] loop2: detected capacity change from 0 to 512
[  763.661334][T11378] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  763.844139][ T4188] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  763.902021][ T6147] hfsplus: b-tree write err: -5, ino 25
[  763.922945][T11378] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  763.943671][ T6147] hfsplus: b-tree write err: -5, ino 4
[  763.982996][ T6147] hfsplus: b-tree write err: -5, ino 2
[  764.044599][ T6147] hfsplus: b-tree write err: -5, ino 26
[  766.076925][T11408] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1651'.
[  766.579550][T11412] device syzkaller0 entered promiscuous mode
[  766.855787][T11419] loop0: detected capacity change from 0 to 1024
[  767.265446][T11427] loop3: detected capacity change from 0 to 512
[  767.344216][T11427] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  767.485207][T11427] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  767.714101][ T4329] hfsplus: b-tree write err: -5, ino 25
[  767.774499][ T4329] hfsplus: b-tree write err: -5, ino 4
[  767.782190][ T4329] hfsplus: b-tree write err: -5, ino 2
[  767.795928][ T4329] hfsplus: b-tree write err: -5, ino 26
[  768.658906][T11447] loop0: detected capacity change from 0 to 512
[  770.209300][T11454] device syzkaller0 entered promiscuous mode
[  770.814732][T11470] loop3: detected capacity change from 0 to 1024
[  771.286955][T11473] loop2: detected capacity change from 0 to 512
[  771.543612][T11473] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  771.805855][T11482] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1674'.
[  771.986475][T11482] loop1: detected capacity change from 0 to 512
[  771.997393][ T6161] hfsplus: b-tree write err: -5, ino 25
[  772.003179][ T6161] hfsplus: b-tree write err: -5, ino 4
[  772.054272][T11473] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  772.238328][ T6161] hfsplus: b-tree write err: -5, ino 2
[  772.248446][ T6161] hfsplus: b-tree write err: -5, ino 26
[  774.453544][T11509] device syzkaller0 entered promiscuous mode
[  775.125143][T11520] loop1: detected capacity change from 0 to 1024
[  775.729513][T11526] loop0: detected capacity change from 0 to 512
[  775.741570][T11527] loop2: detected capacity change from 0 to 512
[  775.748744][  T155] hfsplus: b-tree write err: -5, ino 25
[  775.754613][  T155] hfsplus: b-tree write err: -5, ino 4
[  775.814201][  T155] hfsplus: b-tree write err: -5, ino 2
[  775.820300][  T155] hfsplus: b-tree write err: -5, ino 26
[  775.901210][T11526] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  776.134221][T11527] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  776.959606][T11526] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  777.005710][T11527] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  779.378221][T11574] loop2: detected capacity change from 0 to 512
[  780.384667][T11588] loop3: detected capacity change from 0 to 512
[  780.421388][T11588] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  780.504634][T11588] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  780.838132][T11600] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1708'.
[  781.202289][T11599] loop2: detected capacity change from 0 to 512
[  784.226692][T11633] Bluetooth: hci0: invalid len left 7, exp >= 108
[  784.520673][T11642] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1721'.
[  784.976887][T11641] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1723'.
[  785.555266][T11656] loop0: detected capacity change from 0 to 512
[  785.703539][T11656] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  785.846877][T11656] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  789.932942][T11701] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1739'.
[  790.199085][T11710] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1742'.
[  790.554075][T11711] loop3: detected capacity change from 0 to 512
[  791.658501][T11724] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  792.650804][T11740] netlink: 'syz.0.1753': attribute type 10 has an invalid length.
[  792.953010][T11736] loop3: detected capacity change from 0 to 40427
[  793.050651][T11738] loop1: detected capacity change from 0 to 32768
[  793.087004][T11736] F2FS-fs (loop3): invalid crc value
[  793.528330][T11736] F2FS-fs (loop3): Found nat_bits in checkpoint
[  793.916700][T11738] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  793.946380][T11738] BTRFS info (device loop1): force zlib compression, level 3
[  793.953921][T11738] BTRFS info (device loop1): force clearing of disk cache
[  794.001180][T11738] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  794.095250][T11738] BTRFS info (device loop1): use zstd compression, level 3
[  794.125145][T11738] BTRFS info (device loop1): using free space tree
[  794.148758][T11738] BTRFS info (device loop1): has skinny extents
[  794.255327][T11736] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  795.158554][T11738] BTRFS info (device loop1): enabling ssd optimizations
[  795.268649][T11738] BTRFS info (device loop1): clearing free space tree
[  795.296362][T11738] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  795.316264][T11738] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  795.328882][ T4186] attempt to access beyond end of device
[  795.328882][ T4186] loop3: rw=2049, want=45104, limit=40427
[  795.435807][T11738] BTRFS info (device loop1): creating free space tree
[  795.482845][T11738] BTRFS info (device loop1): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  795.532982][T11738] BTRFS info (device loop1): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  795.932934][T11787] loop4: detected capacity change from 0 to 512
[  799.538376][ T4885] Bluetooth: hci6: received HCILL_GO_TO_SLEEP_ACK in state 0
[  800.175492][ T4912] Bluetooth: hci5: command 0x1003 tx timeout
[  800.196432][T11809] Bluetooth: hci5: sending frame failed (-49)
[  800.473588][T11816] netlink: 'syz.3.1768': attribute type 10 has an invalid length.
[  802.316159][ T5371] Bluetooth: hci6: command 0x1003 tx timeout
[  802.671729][    T7] Bluetooth: hci5: command 0x1001 tx timeout
[  802.719981][ T4199] Bluetooth: hci6: sending frame failed (-49)
[  803.098631][T11828] netlink: 'syz.1.1767': attribute type 10 has an invalid length.
[  803.315076][T11825] Bluetooth: hci5: sending frame failed (-49)
[  804.954183][T11844] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1774'.
[  805.169169][ T5371] Bluetooth: hci7: command 0x1003 tx timeout
[  805.175291][ T5371] Bluetooth: hci6: command 0x1001 tx timeout
[  805.197861][T11825] Bluetooth: hci7: sending frame failed (-49)
[  805.204547][T11825] Bluetooth: hci6: sending frame failed (-49)
[  805.378086][T11846] loop3: detected capacity change from 0 to 512
[  806.229012][    T7] Bluetooth: hci5: command 0x1009 tx timeout
[  806.791721][T11851] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1776'.
[  807.167249][T11855] loop3: detected capacity change from 0 to 512
[  807.206407][ T9593] Bluetooth: hci7: command 0x1001 tx timeout
[  807.220316][T11825] Bluetooth: hci7: sending frame failed (-49)
[  808.018055][ T7066] Bluetooth: hci6: command 0x1009 tx timeout
[  808.583406][T11859] loop3: detected capacity change from 0 to 512
[  808.808512][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  808.815202][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  809.286235][ T7066] Bluetooth: hci7: command 0x1009 tx timeout
[  809.449667][T11870] CUSE: info not properly terminated
[  810.131851][T11884] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1782'.
[  810.326438][ T9593] Bluetooth: hci8: command 0x1003 tx timeout
[  810.360369][T10723] Bluetooth: hci8: sending frame failed (-49)
[  810.811098][ T4329] Bluetooth: hci5: Frame reassembly failed (-84)
[  810.935439][ T4329] Bluetooth: hci6: Frame reassembly failed (-84)
[  812.406244][ T7066] Bluetooth: hci8: command 0x1001 tx timeout
[  812.433111][ T4199] Bluetooth: hci8: sending frame failed (-49)
[  813.016364][ T8668] Bluetooth: hci5: command 0x1003 tx timeout
[  813.023201][T11809] Bluetooth: hci5: sending frame failed (-49)
[  813.030347][ T8668] Bluetooth: hci6: command 0x1003 tx timeout
[  813.036886][T11809] Bluetooth: hci6: sending frame failed (-49)
[  814.496186][ T7066] Bluetooth: hci8: command 0x1009 tx timeout
[  815.046243][ T7066] Bluetooth: hci6: command 0x1001 tx timeout
[  815.054244][T11809] Bluetooth: hci6: sending frame failed (-49)
[  815.064669][ T7066] Bluetooth: hci5: command 0x1001 tx timeout
[  815.077391][T11809] Bluetooth: hci5: sending frame failed (-49)
[  817.126236][ T7066] Bluetooth: hci5: command 0x1009 tx timeout
[  817.132443][ T7066] Bluetooth: hci6: command 0x1009 tx timeout
[  822.847817][T11985] netlink: 'syz.2.1810': attribute type 10 has an invalid length.
[  823.057606][   T23] Bluetooth: hci7: command 0x1003 tx timeout
[  823.063904][T10723] Bluetooth: hci7: sending frame failed (-49)
[  823.427240][T11990] loop3: detected capacity change from 0 to 32768
[  823.572214][T11998] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1815'.
[  823.798211][T11990] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by syz.3.1812 (11990)
[  824.868072][T11990] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  824.886375][T11990] BTRFS info (device loop3): force zlib compression, level 3
[  824.894304][T11990] BTRFS info (device loop3): force clearing of disk cache
[  824.946172][T11990] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  824.993728][T11990] BTRFS info (device loop3): use zstd compression, level 3
[  825.006203][T11990] BTRFS info (device loop3): using free space tree
[  825.012765][T11990] BTRFS info (device loop3): has skinny extents
[  825.142721][ T9593] Bluetooth: hci7: command 0x1001 tx timeout
[  825.297639][T10723] Bluetooth: hci7: sending frame failed (-49)
[  825.868487][T11990] BTRFS error (device loop3): open_ctree failed: -12
[  825.897726][ T5005] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by udevd (5005)
[  826.347152][T12007] loop2: detected capacity change from 0 to 40427
[  826.410251][T12007] F2FS-fs (loop2): invalid crc value
[  826.432895][T12047] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1824'.
[  827.366303][ T5371] Bluetooth: hci7: command 0x1009 tx timeout
[  827.473192][T12051] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1826'.
[  827.607516][T12007] F2FS-fs (loop2): Found nat_bits in checkpoint
[  827.689164][T12056] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1827'.
[  827.776537][T12007] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  828.634461][ T4193] attempt to access beyond end of device
[  828.634461][ T4193] loop2: rw=2049, want=45104, limit=40427
[  828.714224][T12057] loop4: detected capacity change from 0 to 512
[  829.570243][T12066] loop2: detected capacity change from 0 to 512
[  830.039828][T12066] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  830.154769][T12066] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  830.708954][T12087] loop0: detected capacity change from 0 to 512
[  830.749770][T12087] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  830.844710][T12087] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  830.964601][T12084] loop4: detected capacity change from 0 to 32768
[  831.190584][T12084] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  831.210783][T12084] BTRFS info (device loop4): force zlib compression, level 3
[  831.228572][T12084] BTRFS info (device loop4): force clearing of disk cache
[  831.481462][T12084] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  831.491855][T12084] BTRFS info (device loop4): use zstd compression, level 3
[  831.499309][T12084] BTRFS info (device loop4): using free space tree
[  831.996221][T12084] BTRFS info (device loop4): has skinny extents
[  832.399115][T12110] netlink: 'syz.0.1838': attribute type 10 has an invalid length.
[  832.457969][T12084] BTRFS info (device loop4): enabling ssd optimizations
[  832.486741][T12127] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1841'.
[  832.715102][T12127] loop3: detected capacity change from 0 to 512
[  832.733223][T12084] BTRFS info (device loop4): clearing free space tree
[  832.753567][T12084] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  832.896335][T12084] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  833.528015][T12084] BTRFS info (device loop4): creating free space tree
[  833.681199][T12084] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  833.691069][T12084] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  833.804307][T12137] loop1: detected capacity change from 0 to 512
[  833.875241][T12137] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  833.980149][T12141] netlink: 'syz.2.1846': attribute type 10 has an invalid length.
[  834.043559][T12137] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  837.653155][T12179] loop3: detected capacity change from 0 to 512
[  837.912944][T12183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1847'.
[  838.115070][T12187] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1859'.
[  838.145512][T12189] loop4: detected capacity change from 0 to 512
[  838.158785][T12185] loop2: detected capacity change from 0 to 512
[  838.289940][T12189] EXT4-fs error (device loop4): ext4_xattr_inode_iget:401: inode #12: comm syz.4.1860: missing EA_INODE flag
[  838.370041][T12189] EXT4-fs error (device loop4): ext4_xattr_inode_iget:406: comm syz.4.1860: error while reading EA inode 12 err=-117
[  838.391530][T12189] EXT4-fs (loop4): 1 orphan inode deleted
[  838.400300][T12189] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  838.508851][T12193] loop0: detected capacity change from 0 to 512
[  839.687218][T12195] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1861'.
[  843.026856][T12228] netlink: 'syz.2.1869': attribute type 10 has an invalid length.
[  844.671206][T12263] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1879'.
[  844.847903][T12230] loop4: detected capacity change from 0 to 512
[  846.117889][T12263] loop2: detected capacity change from 0 to 512
[  846.330572][T12289] netlink: 'syz.3.1886': attribute type 10 has an invalid length.
[  847.451430][T12296] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1890'.
[  847.862508][T12305] loop1: detected capacity change from 0 to 512
[  849.023688][T12316] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1892'.
[  851.518796][T12336] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1901'.
[  851.579323][T12341] netlink: 'syz.0.1902': attribute type 10 has an invalid length.
[  852.438709][T12335] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1900'.
[  852.805383][T12335] loop3: detected capacity change from 0 to 512
[  853.075892][T12348] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1905'.
[  853.732342][T12354] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1906'.
[  853.782988][T12336] loop4: detected capacity change from 0 to 512
[  855.980590][T12367] loop2: detected capacity change from 0 to 512
[  856.611219][T12367] EXT4-fs error (device loop2): ext4_xattr_inode_iget:401: inode #12: comm syz.2.1910: missing EA_INODE flag
[  856.865446][T12367] EXT4-fs error (device loop2): ext4_xattr_inode_iget:406: comm syz.2.1910: error while reading EA inode 12 err=-117
[  857.344318][T12367] EXT4-fs (loop2): 1 orphan inode deleted
[  857.351723][T12367] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  858.477480][ T4885] Bluetooth: hci5: Frame reassembly failed (-84)
[  858.488580][ T4885] Bluetooth: hci5: Frame reassembly failed (-84)
[  858.625805][ T4885] Bluetooth: hci5: Frame reassembly failed (-84)
[  858.879002][T12398] loop0: detected capacity change from 0 to 512
[  858.934971][T12398] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  859.045646][   T13] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  859.150954][T12398] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  859.263610][T12402] loop2: detected capacity change from 0 to 512
[  859.394887][T12402] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  860.449437][T12402] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  860.496490][ T5371] Bluetooth: hci5: command 0x1003 tx timeout
[  860.504000][ T4370] Bluetooth: hci5: Frame reassembly failed (-84)
[  860.751422][T12396] loop3: detected capacity change from 0 to 32768
[  860.926228][T12396] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by syz.3.1915 (12396)
[  860.957572][T12396] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  860.972590][T12396] BTRFS info (device loop3): force zlib compression, level 3
[  860.991179][T12396] BTRFS info (device loop3): force clearing of disk cache
[  861.019858][T12396] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  861.030158][T12396] BTRFS info (device loop3): use zstd compression, level 3
[  861.042725][T12396] BTRFS info (device loop3): using free space tree
[  861.050233][T12396] BTRFS info (device loop3): has skinny extents
[  861.502649][T12396] BTRFS info (device loop3): enabling ssd optimizations
[  861.537609][T12396] BTRFS info (device loop3): clearing free space tree
[  861.549768][T12396] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  861.560367][T12396] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  861.715133][T12454] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1923'.
[  861.735248][T12396] BTRFS info (device loop3): creating free space tree
[  861.771655][T12396] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  861.823338][T12458] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1925'.
[  862.125678][T12460] loop1: detected capacity change from 0 to 512
[  862.646131][ T5371] Bluetooth: hci5: command 0x1001 tx timeout
[  862.652326][T10723] Bluetooth: hci5: sending frame failed (-49)
[  862.681556][T12396] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  863.834079][T12477] loop2: detected capacity change from 0 to 512
[  863.891781][T12477] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  864.015426][T12477] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  864.839321][ T5371] Bluetooth: hci5: command 0x1009 tx timeout
[  865.478111][T12496] loop1: detected capacity change from 0 to 512
[  865.526206][T12492] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1933'.
[  865.921295][T12500] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1935'.
[  866.336522][ T5371] Bluetooth: hci6: command 0x1003 tx timeout
[  866.342627][T11825] Bluetooth: hci6: sending frame failed (-49)
[  866.367930][T12496] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  866.451651][T12492] loop2: detected capacity change from 0 to 512
[  866.586740][T12496] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  866.772521][T12506] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1936'.
[  867.127454][T12506] loop3: detected capacity change from 0 to 512
[  867.378108][T12510] loop2: detected capacity change from 0 to 32768
[  867.466296][T12510] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 scanned by syz.2.1938 (12510)
[  867.539934][T12510] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  867.550184][T12510] BTRFS info (device loop2): force zlib compression, level 3
[  867.557815][T12510] BTRFS info (device loop2): force clearing of disk cache
[  867.565002][T12510] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  867.574562][T12510] BTRFS info (device loop2): use zstd compression, level 3
[  867.582066][T12510] BTRFS info (device loop2): using free space tree
[  867.588850][T12510] BTRFS info (device loop2): has skinny extents
[  867.879075][T12510] BTRFS info (device loop2): enabling ssd optimizations
[  867.887369][T12510] BTRFS info (device loop2): clearing free space tree
[  867.894364][T12510] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  867.904650][T12510] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  867.919778][T12510] BTRFS info (device loop2): creating free space tree
[  867.928076][T12510] BTRFS info (device loop2): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  867.938027][T12510] BTRFS info (device loop2): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  868.416405][ T5371] Bluetooth: hci6: command 0x1001 tx timeout
[  868.422598][ T4202] Bluetooth: hci6: sending frame failed (-49)
[  870.916420][T12547] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1942'.
[  871.220885][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  871.227377][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  871.279629][ T5371] Bluetooth: hci6: command 0x1009 tx timeout
[  871.400888][T12547] loop4: detected capacity change from 0 to 512
[  872.851461][T12566] netlink: 'syz.1.1948': attribute type 10 has an invalid length.
[  873.103959][T12569] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1949'.
[  874.870137][T12586] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1953'.
[  876.337960][T12597] loop4: detected capacity change from 0 to 32768
[  876.379743][T12597] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.1956 (12597)
[  876.430973][T12597] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  876.439800][T12597] BTRFS info (device loop4): force zlib compression, level 3
[  876.447314][T12597] BTRFS info (device loop4): force clearing of disk cache
[  876.454608][T12597] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  876.464755][T12597] BTRFS info (device loop4): use zstd compression, level 3
[  876.472144][T12597] BTRFS info (device loop4): using free space tree
[  876.478752][T12597] BTRFS info (device loop4): has skinny extents
[  876.925845][T12597] BTRFS info (device loop4): enabling ssd optimizations
[  876.939254][T12597] BTRFS info (device loop4): clearing free space tree
[  876.946494][T12597] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  876.956560][T12597] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  876.983238][T12597] BTRFS info (device loop4): creating free space tree
[  876.991296][T12597] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  877.001312][T12597] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  877.973356][T12635] loop3: detected capacity change from 0 to 512
[  878.044606][T12635] EXT4-fs error (device loop3): ext4_xattr_inode_iget:401: inode #12: comm syz.3.1961: missing EA_INODE flag
[  878.440185][T12635] EXT4-fs error (device loop3): ext4_xattr_inode_iget:406: comm syz.3.1961: error while reading EA inode 12 err=-117
[  879.197578][T12635] EXT4-fs (loop3): 1 orphan inode deleted
[  879.344249][T12635] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  879.388658][T12649] loop1: detected capacity change from 0 to 512
[  880.695774][T12649] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  880.877688][T12649] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  880.916130][ T4910] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  883.146553][T12671] loop0: detected capacity change from 0 to 512
[  883.222696][T12671] EXT4-fs error (device loop0): ext4_xattr_inode_iget:401: inode #12: comm syz.0.1969: missing EA_INODE flag
[  883.236521][T12671] EXT4-fs error (device loop0): ext4_xattr_inode_iget:406: comm syz.0.1969: error while reading EA inode 12 err=-117
[  883.261230][T12671] EXT4-fs (loop0): 1 orphan inode deleted
[  883.272962][T12671] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  884.106398][ T8668] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  884.396763][ T8668] usb 1-1: Using ep0 maxpacket: 8
[  884.726333][ T8668] usb 1-1: unable to get BOS descriptor or descriptor too short
[  885.718914][ T8668] usb 1-1: New USB device found, idVendor=041e, idProduct=3048, bcdDevice= 0.40
[  885.736140][ T8668] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  885.821818][ T8668] usb 1-1: Product: syz
[  885.890037][ T8668] usb 1-1: Manufacturer: syz
[  885.945388][ T8668] usb 1-1: SerialNumber: syz
[  886.249015][ T8668] usb 1-1: can't set config #1, error -71
[  886.390421][ T8668] usb 1-1: USB disconnect, device number 30
[  886.691512][T12691] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1970'.
[  887.084073][T12698] loop4: detected capacity change from 0 to 512
[  888.839123][T12708] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1977'.
[  889.929523][T12720] loop2: detected capacity change from 0 to 32768
[  890.004481][T12720] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 scanned by syz.2.1981 (12720)
[  890.024910][T12720] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  890.033972][T12720] BTRFS info (device loop2): force zlib compression, level 3
[  890.041467][T12720] BTRFS info (device loop2): force clearing of disk cache
[  890.048757][T12720] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  890.058562][T12720] BTRFS info (device loop2): use zstd compression, level 3
[  890.065808][T12720] BTRFS info (device loop2): using free space tree
[  890.072431][T12720] BTRFS info (device loop2): has skinny extents
[  890.381809][T12720] BTRFS info (device loop2): enabling ssd optimizations
[  890.409980][T12720] BTRFS info (device loop2): clearing free space tree
[  890.417122][T12720] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  890.426888][T12720] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  890.460808][T12720] BTRFS info (device loop2): creating free space tree
[  890.468719][T12720] BTRFS info (device loop2): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  890.478419][T12720] BTRFS info (device loop2): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  890.911454][T12747] loop1: detected capacity change from 0 to 512
[  891.028123][T12747] EXT4-fs error (device loop1): ext4_xattr_inode_iget:401: inode #12: comm syz.1.1983: missing EA_INODE flag
[  891.072420][T12747] EXT4-fs error (device loop1): ext4_xattr_inode_iget:406: comm syz.1.1983: error while reading EA inode 12 err=-117
[  891.176363][T12747] EXT4-fs (loop1): 1 orphan inode deleted
[  891.202475][T12747] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  891.956288][ T9593] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  892.256368][ T9593] usb 2-1: Using ep0 maxpacket: 8
[  892.456496][ T9593] usb 2-1: unable to get BOS descriptor or descriptor too short
[  892.806367][ T9593] usb 2-1: New USB device found, idVendor=041e, idProduct=3048, bcdDevice= 0.40
[  892.815565][ T9593] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  892.861874][ T9593] usb 2-1: Product: syz
[  892.866443][ T9593] usb 2-1: Manufacturer: syz
[  892.876323][ T9593] usb 2-1: SerialNumber: syz
[  892.944654][T12757] netlink: 'syz.4.1985': attribute type 10 has an invalid length.
[  893.448518][T12754] loop3: detected capacity change from 0 to 512
[  894.529836][T12768] loop2: detected capacity change from 0 to 2048
[  894.558382][T12775] loop4: detected capacity change from 0 to 512
[  894.620914][T12775] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  894.660911][ T9593] usb 2-1: USB disconnect, device number 17
[  894.699278][T12775] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: writeback.
[  894.727437][T12768] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  895.015651][T12785] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  895.025099][T12785] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  897.294256][ T5005] udevd[5005]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  897.849096][T12798] loop4: detected capacity change from 0 to 32768
[  897.897968][T12798] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.1997 (12798)
[  897.953804][T12798] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  897.965196][T12798] BTRFS info (device loop4): force zlib compression, level 3
[  897.972890][T12798] BTRFS info (device loop4): force clearing of disk cache
[  897.980575][T12798] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  897.990249][T12798] BTRFS info (device loop4): use zstd compression, level 3
[  897.997799][T12798] BTRFS info (device loop4): using free space tree
[  898.004520][T12798] BTRFS info (device loop4): has skinny extents
[  898.503021][T12798] BTRFS info (device loop4): enabling ssd optimizations
[  898.511393][T12798] BTRFS info (device loop4): clearing free space tree
[  898.518808][T12798] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  898.528662][T12798] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  898.546680][T12798] BTRFS info (device loop4): creating free space tree
[  898.554337][T12798] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  898.564270][T12798] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  899.007985][ T5005] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 11 /dev/loop4 scanned by udevd (5005)
[  899.181591][T12825] loop3: detected capacity change from 0 to 512
[  899.310699][T12825] EXT4-fs error (device loop3): ext4_xattr_inode_iget:401: inode #12: comm syz.3.2001: missing EA_INODE flag
[  899.427167][T12825] EXT4-fs error (device loop3): ext4_xattr_inode_iget:406: comm syz.3.2001: error while reading EA inode 12 err=-117
[  899.640818][T12825] EXT4-fs (loop3): 1 orphan inode deleted
[  899.653269][T12825] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  902.466118][ T8667] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  902.796154][ T8667] usb 4-1: Using ep0 maxpacket: 8
[  902.961878][ T8667] usb 4-1: unable to get BOS descriptor or descriptor too short
[  902.978094][T12847] loop4: detected capacity change from 0 to 2048
[  903.045548][T12847] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  903.312787][T12857] loop1: detected capacity change from 0 to 512
[  903.398664][T12859] overlayfs: missing 'lowerdir'
[  903.908637][T12857] EXT4-fs error (device loop1): ext4_xattr_inode_iget:401: inode #12: comm syz.1.2006: missing EA_INODE flag
[  903.974053][T12857] EXT4-fs error (device loop1): ext4_xattr_inode_iget:406: comm syz.1.2006: error while reading EA inode 12 err=-117
[  904.018809][T12853] device syzkaller0 entered promiscuous mode
[  904.086200][T12857] EXT4-fs (loop1): 1 orphan inode deleted
[  904.092284][T12857] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  904.296205][ T8667] usb 4-1: New USB device found, idVendor=041e, idProduct=3048, bcdDevice= 0.40
[  904.305325][ T8667] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  904.336209][ T8667] usb 4-1: can't set config #1, error -71
[  904.345912][ T8667] usb 4-1: USB disconnect, device number 28
[  906.745092][T12883] netlink: 'syz.3.2011': attribute type 10 has an invalid length.
[  907.762873][ T6173] Bluetooth: hci5: Frame reassembly failed (-84)
[  908.503826][T12909] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2018'.
[  909.776365][ T4904] Bluetooth: hci5: command 0x1003 tx timeout
[  909.785918][ T4202] Bluetooth: hci5: sending frame failed (-49)
[  911.193546][T12924] loop0: detected capacity change from 0 to 512
[  912.085067][ T4904] Bluetooth: hci5: command 0x1001 tx timeout
[  912.094048][ T4202] Bluetooth: hci5: sending frame failed (-49)
[  912.319405][T12926] device syzkaller0 entered promiscuous mode
[  912.331593][T12923] loop2: detected capacity change from 0 to 512
[  915.012111][ T4175] Bluetooth: hci5: command 0x1009 tx timeout
[  916.115907][T12957] netlink: 'syz.3.2035': attribute type 10 has an invalid length.
[  916.210622][T12962] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  918.218867][T12977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2038'.
[  918.308937][T12978] device syzkaller0 entered promiscuous mode
[  918.525725][T12985] netlink: 'syz.1.2045': attribute type 10 has an invalid length.
[  919.872268][T12998] loop3: detected capacity change from 0 to 512
[  919.899165][T13001] loop2: detected capacity change from 0 to 512
[  920.364325][T12998] EXT4-fs error (device loop3): ext4_xattr_inode_iget:401: inode #12: comm syz.3.2049: missing EA_INODE flag
[  920.381508][T13001] EXT4-fs error (device loop2): ext4_xattr_inode_iget:401: inode #12: comm syz.2.2040: missing EA_INODE flag
[  920.443486][T12998] EXT4-fs error (device loop3): ext4_xattr_inode_iget:406: comm syz.3.2049: error while reading EA inode 12 err=-117
[  920.469042][T13001] EXT4-fs error (device loop2): ext4_xattr_inode_iget:406: comm syz.2.2040: error while reading EA inode 12 err=-117
[  920.692375][T12998] EXT4-fs (loop3): 1 orphan inode deleted
[  920.702162][T13001] EXT4-fs (loop2): 1 orphan inode deleted
[  920.719975][T13001] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  921.466200][T12998] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  922.816104][ T5371] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  923.099233][T13027] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2056'.
[  923.331863][T13033] device syzkaller0 entered promiscuous mode
[  925.645842][T13061] loop0: detected capacity change from 0 to 512
[  925.713321][T13063] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2065'.
[  925.789467][T13061] EXT4-fs error (device loop0): ext4_xattr_inode_iget:401: inode #12: comm syz.0.2068: missing EA_INODE flag
[  925.878375][T13061] EXT4-fs error (device loop0): ext4_xattr_inode_iget:406: comm syz.0.2068: error while reading EA inode 12 err=-117
[  925.962550][T13061] EXT4-fs (loop0): 1 orphan inode deleted
[  926.003140][T13061] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  926.284078][T13066] loop3: detected capacity change from 0 to 512
[  927.346358][ T8667] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  927.676397][ T8667] usb 1-1: Using ep0 maxpacket: 8
[  927.837026][ T8667] usb 1-1: unable to get BOS descriptor or descriptor too short
[  927.900884][T13075] loop3: detected capacity change from 0 to 512
[  927.990585][T13075] EXT4-fs error (device loop3): ext4_xattr_inode_iget:401: inode #12: comm syz.3.2070: missing EA_INODE flag
[  928.011881][T13075] EXT4-fs error (device loop3): ext4_xattr_inode_iget:406: comm syz.3.2070: error while reading EA inode 12 err=-117
[  928.037209][T13075] EXT4-fs (loop3): 1 orphan inode deleted
[  928.043022][T13075] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  928.066589][T13059] loop4: detected capacity change from 0 to 512
[  928.276330][ T8667] usb 1-1: New USB device found, idVendor=041e, idProduct=3048, bcdDevice= 0.40
[  928.286109][ T8667] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  928.324982][ T8667] usb 1-1: Product: syz
[  928.336141][ T8667] usb 1-1: Manufacturer: syz
[  928.340849][ T8667] usb 1-1: SerialNumber: syz
[  929.176104][   T23] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  929.203913][ T8667] usb 1-1: USB disconnect, device number 31
[  929.416133][   T23] usb 4-1: Using ep0 maxpacket: 8
[  929.669854][    C0] 
[  929.672658][    C0] =============================
[  929.677613][    C0] WARNING: suspicious RCU usage
[  929.682516][    C0] syzkaller #0 Not tainted
[  929.687030][    C0] -----------------------------
[  929.691923][    C0] net/sched/sch_api.c:304 suspicious rcu_dereference_protected() usage!
[  929.700780][    C0] 
[  929.700780][    C0] other info that might help us debug this:
[  929.700780][    C0] 
[  929.711317][    C0] 
[  929.711317][    C0] rcu_scheduler_active = 2, debug_locks = 1
[  929.719477][    C0] 6 locks held by syz.4.2072/13083:
[  929.724829][    C0]  #0: ffff88807ceb4028 (&mm->mmap_lock){++++}-{3:3}, at: do_user_addr_fault+0x2b9/0xc80
[  929.735000][    C0]  #1: ffffffff8c31eaa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[  929.744806][    C0]  #2: ffffffff8c31eaa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x9/0x30
[  929.754281][    C0]  #3: ffff888048063148 (dev->qdisc_running_key ?: &qdisc_running_key){+...}-{0:0}, at: net_tx_action+0x6d9/0x880
[  929.767390][    C0]  #4: ffff888048063108
[  929.767412][   T23] usb 4-1: unable to get BOS descriptor or descriptor too short
[  929.772246][    C0]  (&sch->q.lock){+.-.}-{2:2}, at: sch_direct_xmit+0x311/0x4b0
[  929.787810][    C0]  #5: ffffffff8c31eaa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[  929.797325][    C0] 
[  929.797325][    C0] stack backtrace:
[  929.803540][    C0] CPU: 0 PID: 13083 Comm: syz.4.2072 Not tainted syzkaller #0
[  929.811484][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  929.821793][    C0] Call Trace:
[  929.825118][    C0]  <IRQ>
[  929.828016][    C0]  dump_stack_lvl+0x188/0x250
[  929.832752][    C0]  ? show_regs_print_info+0x20/0x20
[  929.838104][    C0]  ? lockdep_rcu_suspicious+0x110/0x180
[  929.844025][    C0]  qdisc_lookup+0xa6/0x650
[  929.848583][    C0]  qdisc_tree_reduce_backlog+0x190/0x430
[  929.854261][    C0]  ? cake_dequeue_one+0x305/0x4e0
[  929.859474][    C0]  cake_dequeue+0x1bd6/0x4b10
[  929.864236][    C0]  ? do_raw_spin_lock+0x128/0x2f0
[  929.869697][    C0]  ? cake_enqueue+0x7fc0/0x7fc0
[  929.874614][    C0]  qdisc_peek_dequeued+0x6e/0x1f0
[  929.879990][    C0]  tbf_dequeue+0x7d/0xce0
[  929.884485][    C0]  __qdisc_run+0x236/0x1490
[  929.889268][    C0]  qdisc_run+0x103/0x2f0
[  929.893761][    C0]  net_tx_action+0x6d9/0x880
[  929.898859][    C0]  ? process_backlog+0x790/0x790
[  929.903946][    C0]  ? sched_clock_cpu+0x15/0x3c0
[  929.909210][    C0]  ? ktime_get_real_ts64+0x440/0x440
[  929.914790][    C0]  handle_softirqs+0x339/0x830
[  929.919629][    C0]  ? __irq_exit_rcu+0x13b/0x230
[  929.924646][    C0]  ? do_softirq+0x210/0x210
[  929.929228][    C0]  __irq_exit_rcu+0x13b/0x230
[  929.934408][    C0]  ? irq_exit_rcu+0x20/0x20
[  929.939223][    C0]  irq_exit_rcu+0x5/0x20
[  929.943530][    C0]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  929.949321][    C0]  </IRQ>
[  929.952292][    C0]  <TASK>
[  929.955297][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  929.961520][    C0] RIP: 0010:lock_acquire+0x208/0x400
[  929.966881][    C0] Code: f7 84 24 80 00 00 00 00 02 00 00 43 c6 44 3d 04 f8 0f 85 f1 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 43 c7 44 3d 08 00 00 00 00 65 48 8b 04
[  929.986873][    C0] RSP: 0018:ffffc90006506be0 EFLAGS: 00000206
[  929.993172][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: b9eb03d6c6149e00
[  930.001485][    C0] RDX: 0000000000000000 RSI: ffffffff8a2b3a20 RDI: ffffffff8a79f980
[  930.010014][    C0] RBP: ffffc90006506d00 R08: dffffc0000000000 R09: 1ffffffff203a818
[  930.018139][    C0] R10: dffffc0000000000 R11: fffffbfff203a819 R12: ffffffff8c31eaa0
[  930.026477][    C0] R13: 1ffff92000ca0d88 R14: 0000000000000246 R15: dffffc0000000000
[  930.034782][    C0]  ? read_lock_is_recursive+0x10/0x10
[  930.040595][    C0]  ? deref_stack_reg+0xd0/0x120
[  930.045751][    C0]  ? preempt_count_add+0x8d/0x190
[  930.051293][    C0]  rcu_lock_acquire+0x2a/0x30
[  930.056303][    C0]  ? rcu_lock_acquire+0x5/0x30
[  930.061403][    C0]  is_bpf_text_address+0x1d/0x270
[  930.066507][    C0]  __kernel_text_address+0x9a/0x100
[  930.072085][    C0]  unwind_get_return_address+0x49/0x80
[  930.077210][   T23] usb 4-1: New USB device found, idVendor=041e, idProduct=3048, bcdDevice= 0.40
[  930.077713][    C0]  ? stack_trace_save+0xf0/0xf0
[  930.077741][    C0]  arch_stack_walk+0xf2/0x140
[  930.097023][    C0]  stack_trace_save+0xa6/0xf0
[  930.101753][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  930.105818][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  930.106951][    C0]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  930.106994][    C0]  save_stack+0x121/0x230
[  930.107026][    C0]  ? __reset_page_owner+0x180/0x180
[  930.107048][    C0]  ? get_page_from_freelist+0x1bbd/0x1ca0
[  930.107074][    C0]  ? __alloc_pages+0x1ee/0x480
[  930.142091][    C0]  ? alloc_pages_vma+0x393/0x7c0
[  930.147609][    C0]  ? wp_page_copy+0x21e/0x2050
[  930.152423][    C0]  ? handle_mm_fault+0x1f06/0x4410
[  930.157747][    C0]  ? do_user_addr_fault+0x489/0xc80
[  930.163085][    C0]  ? exc_page_fault+0x60/0x100
[  930.167996][    C0]  ? asm_exc_page_fault+0x22/0x30
[  930.172700][   T23] usb 4-1: Product: syz
[  930.173150][    C0]  ? __put_user_nocheck_4+0x3/0x11
[  930.182656][    C0]  ? ____sys_recvmsg+0x399/0x5e0
[  930.188012][    C0]  ? ___sys_recvmsg+0x21a/0x5c0
[  930.192981][    C0]  ? do_recvmmsg+0x382/0x850
[  930.197659][    C0]  ? __x64_sys_recvmmsg+0x195/0x250
[  930.199240][   T23] usb 4-1: Manufacturer: syz
[  930.202969][    C0]  ? do_syscall_64+0x4c/0xa0
[  930.202996][    C0]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  930.203028][    C0]  ? lock_chain_count+0x20/0x20
[  930.223686][    C0]  ? preempt_count_add+0x8d/0x190
[  930.229139][    C0]  __set_page_owner+0x41/0x2d0
[  930.234421][    C0]  ? post_alloc_hook+0x106/0x220
[  930.239596][    C0]  get_page_from_freelist+0x1bbd/0x1ca0
[  930.245595][    C0]  ? __alloc_pages+0x11b/0x480
[  930.250534][    C0]  ? __alloc_pages+0x480/0x480
[  930.255530][    C0]  ? prepare_alloc_pages+0x368/0x5f0
[  930.260971][    C0]  __alloc_pages+0x1ee/0x480
[  930.266333][    C0]  ? zone_statistics+0x170/0x170
[  930.271508][    C0]  ? verify_lock_unused+0x140/0x140
[  930.276766][    C0]  alloc_pages_vma+0x393/0x7c0
[  930.282010][    C0]  wp_page_copy+0x21e/0x2050
[  930.286639][    C0]  ? do_wp_page+0x902/0xad0
[  930.291289][    C0]  ? insert_page_into_pte_locked+0x480/0x480
[  930.297448][    C0]  ? do_raw_spin_unlock+0x11d/0x230
[  930.302705][    C0]  ? _raw_spin_unlock+0x24/0x40
[  930.307688][    C0]  ? do_wp_page+0x902/0xad0
[  930.312344][    C0]  handle_mm_fault+0x1f06/0x4410
[  930.317433][    C0]  ? get_page+0xe0/0xe0
[  930.321853][    C0]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  930.327600][    C0]  ? vmacache_find+0x43b/0x590
[  930.332507][    C0]  ? find_vma+0xd2/0x230
[  930.336800][    C0]  do_user_addr_fault+0x489/0xc80
[  930.342056][    C0]  exc_page_fault+0x60/0x100
[  930.346795][    C0]  asm_exc_page_fault+0x22/0x30
[  930.351769][    C0] RIP: 0010:__put_user_nocheck_4+0x3/0x11
[  930.357552][    C0] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 90 90 90 90 90 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca c3 90 90 90 90 90 90 48 bb f9 ef ff ff ff 7f
[  930.377575][    C0] RSP: 0018:ffffc900065078f8 EFLAGS: 00050246
[  930.383803][    C0] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 00002000000a1030
[  930.391823][    C0] RDX: ffffc90006507d90 RSI: 0000000000000002 RDI: 00000000ffffffff
[  930.399926][    C0] RBP: ffffc90006507a90 R08: ffffc900065076e7 R09: 1ffff92000ca0edc
[  930.408039][    C0] R10: dffffc0000000000 R11: fffff52000ca0edd R12: dffffc0000000000
[  930.416143][    C0] R13: 00002000000a1000 R14: 0000000000000000 R15: 0000000000000000
[  930.424353][    C0]  ____sys_recvmsg+0x399/0x5e0
[  930.429285][    C0]  ? __sys_recvmsg_sock+0x40/0x40
[  930.434375][    C0]  ? import_iovec+0x6f/0xa0
[  930.439150][    C0]  ___sys_recvmsg+0x21a/0x5c0
[  930.444044][    C0]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  930.450330][    C0]  ? __sys_recvmsg+0x280/0x280
[  930.455161][    C0]  ? __lock_acquire+0x7d10/0x7d10
[  930.460240][    C0]  ? __might_fault+0xb3/0x110
[  930.465135][    C0]  do_recvmmsg+0x382/0x850
[  930.469640][    C0]  ? __sys_recvmmsg+0x290/0x290
[  930.474550][    C0]  ? __lock_acquire+0x7d10/0x7d10
[  930.479807][    C0]  __x64_sys_recvmmsg+0x195/0x250
[  930.484883][    C0]  ? do_recvmmsg+0x850/0x850
[  930.489962][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  930.495419][    C0]  do_syscall_64+0x4c/0xa0
[  930.500003][    C0]  ? clear_bhb_loop+0x30/0x80
[  930.504735][    C0]  ? clear_bhb_loop+0x30/0x80
[  930.509555][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  930.515505][    C0] RIP: 0033:0x7f0a1d8a7819
[  930.519965][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  930.536181][   T23] usb 4-1: SerialNumber: syz
[  930.540104][    C0] RSP: 002b:00007f0a1bb01028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  930.540138][    C0] RAX: ffffffffffffffda RBX: 00007f0a1db20fa0 RCX: 00007f0a1d8a7819
[  930.540157][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  930.570394][    C0] RBP: 00007f0a1d93dc91 R08: 0000000000000000 R09: 0000000000000000
[  930.578520][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  930.586829][    C0] R13: 00007f0a1db21038 R14: 00007f0a1db20fa0 R15: 00007ffdbfdad2e8
[  930.595041][    C0]  </TASK>
[  930.894383][   T23] usb 4-1: USB disconnect, device number 29
[  931.428844][T13091] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2073'.
[  931.689753][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  931.696242][ T1423] ieee802154 phy1 wpan1: encryption failed: -22