last executing test programs:

21m8.423288313s ago: executing program 32 (id=38):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r1, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000009c0)=@newtfilter={0xa8, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x8, 0xfff3}, {}, {0xe, 0x300}}, [@filter_kind_options=@f_flower={{0xb}, {0x60, 0x2, [@TCA_FLOWER_KEY_ETH_DST_MASK={0xa, 0x5, [0xff, 0xff, 0x0, 0xff]}, @TCA_FLOWER_KEY_MPLS_BOS={0x5, 0x44, 0x76}, @TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @remote}, @TCA_FLOWER_KEY_PORT_DST_MAX={0x6, 0x5a, 0x4e21}, @TCA_FLOWER_KEY_ETH_SRC_MASK={0xa, 0x7, [0xff, 0x0, 0xff, 0x0, 0xff]}, @TCA_FLOWER_KEY_ETH_SRC={0xa, 0x6, @remote}, @TCA_FLOWER_KEY_ICMPV4_CODE_MASK, @TCA_FLOWER_KEY_ENC_KEY_ID={0xffffff7e, 0x1a, 0x8001}, @TCA_FLOWER_KEY_UDP_DST={0x6}, @TCA_FLOWER_KEY_FLAGS={0x8, 0x2f, 0x4}]}}, @filter_kind_options=@f_flower={{0xfffffffffffffe07}, {0xc, 0x2, [@TCA_FLOWER_KEY_MPLS_TC={0x5, 0x45, 0x2}]}}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20041090}, 0x840)

19m43.633920884s ago: executing program 33 (id=392):
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000000)='./file0\x00')
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x4)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)='gadgetfs\x00', 0x10, 0x0)

19m43.434732722s ago: executing program 34 (id=395):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x1})

18m21.762992562s ago: executing program 35 (id=701):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc", 0x19}], 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r0, &(0x7f0000002380)=[{{&(0x7f0000000480)=@abs={0x0, 0x0, 0x4e21}, 0x6e, 0x0}}, {{&(0x7f0000000740)=@abs={0x0, 0x0, 0x4e21}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x2400c000}}], 0x2, 0x0)

17m7.140177924s ago: executing program 36 (id=933):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)={0x4, 0x0, [{0xb000, 0x45, &(0x7f00000002c0)=""/69}, {0x26000, 0xca, &(0x7f00000003c0)=""/202}, {0xeeee0000, 0x7, &(0x7f0000000140)=""/7}, {0x0, 0x0, 0x0}]})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000500))

12m27.924755813s ago: executing program 37 (id=2150):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_SREGS2(r2, 0x8140aecc, &(0x7f0000000140))

12m22.441341982s ago: executing program 38 (id=2164):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="70000000ffff00004000002f90780000655800189078040000000000000086dd"], 0xfdef)

12m1.920567541s ago: executing program 39 (id=2226):
r0 = open(&(0x7f0000000200)='./file0\x00', 0x108843, 0x98)
fcntl$setlease(r0, 0x400, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x80203, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x4000, 0x20)
fcntl$setlease(r0, 0x400, 0x0)

9m41.087339116s ago: executing program 40 (id=2783):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000400)={0x1f, @none}, 0x8)
listen(r0, 0xc)
io_setup(0x482, &(0x7f0000000600)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x7, r0, 0x0}])

9m6.295238542s ago: executing program 41 (id=2911):
pipe2(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84000)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(r2, &(0x7f00000022c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r1, &(0x7f0000000740)={0x10, 0xffffffffffffffda, r3}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x10, 0x7)

8m57.175511692s ago: executing program 42 (id=2938):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0xa04804, &(0x7f0000001040)={[{@umask}, {@lastblock={'lastblock', 0x3d, 0xa}}, {@unhide}, {@adinicb}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@dmode={'dmode', 0x3d, 0x3}}, {@rootdir}, {@gid_ignore}, {@shortad}, {@gid_forget}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {@gid_forget}, {@anchor={'anchor', 0x3d, 0x9}}, {@anchor={'anchor', 0x3d, 0x2}}]}, 0x1, 0xc4d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=")
r0 = open(&(0x7f0000000200)='./file1\x00', 0x4a07e, 0xdc)
write$UHID_CREATE2(r0, &(0x7f00000002c0)=ANY=[], 0x196)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
ftruncate(r1, 0x100)

8m41.071662382s ago: executing program 43 (id=2984):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000002c0)="88", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000d40)="c4", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000440)='N', 0x1}], 0x1}}], 0x3, 0x10040000)
shutdown(r0, 0x2)

6m42.298137819s ago: executing program 9 (id=3438):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'macsec0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000080)="a99c383d33c9c607b1b9d49688a883", 0xf, 0x0, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14)
recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x10022, 0x0)

6m41.464383318s ago: executing program 9 (id=3443):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
pipe2(&(0x7f0000000000)={<r1=>0x0, <r2=>0x0}, 0x0)
write$binfmt_aout(r0, &(0x7f0000000380)=ANY=[], 0x20)
splice(r0, &(0x7f0000000040)=0x10, r2, 0x0, 0x807, 0x0)
vmsplice(r1, &(0x7f0000000080)=[{&(0x7f0000000140)="04", 0x1}], 0x1, 0x7)

6m40.841983103s ago: executing program 9 (id=3447):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x3, 0x1}, 0x10)
sendmsg$tipc(r1, &(0x7f00000008c0)={&(0x7f0000000600)=@name, 0x10, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x80)

6m40.148291985s ago: executing program 9 (id=3451):
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x842, &(0x7f0000000680)=ANY=[@ANYBLOB="696f636861727365743d6370313235302c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c74696d655f6f66667365743d3078303030303030303030303030303031652c756d61736b3d30303030303030303030303031353736313035323131332c756d61736b3d30303030303030303030303030303030303030303137342c646d61736b3d3030303030303030303030303030363031302c666d61736b3d30303030303030303030303030303030303030303030302c616c6c6f775f7574696d653d30303030303030303030303030303030303030303036342c7379735f747a2c000000000000b84974a4647e1629f375432f41042ec4fcf5706a510d085e109807ea9c36edc97802f8ae6bce00f4d453d0e704a56fb7ed35ddb60cb64fd4892d76f4550ec3150e2e4f0a2157381ba1864880d601b8c4ac1e8eb0c8bcb450e2fe2ce4176031562a639026158eef77926324e9d49a4698108ae3f39e3897202e060cd9d4bfa3750011278c673394c9a14fe5b25831d4585bdad875df96c940bc29656b13c299bd71da385449d953d5187674f888f02f437a5459690fbee7b13a3335f9291121821d0f95336d73ffb9314d86bb288b1939306532ec4f783f5d8016f11fd8c46bce04d9eb3c9148f0dc5acac38bfea6f010c36ead47f6e74a000000000000000000", @ANYRESOCT], 0x1, 0x1531, &(0x7f0000001f40)="$eJzs3QuYTlXbOPD7XmvtMSQ9TXIY1lr35kkOyyRJDklySJIkSXJKSJrklYTEkFPSkITkMCSHISSHiUnjfD4fEpImTZKE5JSs/6X41Fvv/33f7+3Ld31z/65rX9b97H2vvfZzP8+z195mnvmmy9CajWtVa0hE8B/BX/5JAoBYABgIANcAQAAA5eLKxV1Yn1Ni0n+2E/bneij1So+AXUlc/+yN65+9cf2zN65/9sb1z964/tkb1z974/ozlp1tnl7wWl6y78L3/7MzPv//H5JVeuwXa0tf3xUg5l/Y2gPXP9vj+v8fgZfOv/8l+FfSuP7ZG9c/u4q90gNg/wvw+z87yPEP13D9szeuP2PZ2ZW+/3ylF4hk7+fgSr/+GGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlD6f9ZQoALrWv9LgYY4wxxhhjjDH25/E5fhurKzUQxhhjjDHGGGOM/Q9CECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+d/KfwF6wIvQE3pBEvSGPvAS9IV+0B8GwEB4GQbBKzAYXoVkGAJD4TUYBq/DcHgDRsBIGAVvwmh4C8bAWBgH4yEFJsBEeBsmwTswGabAVJgGqTAdZsC7MBNmwWx4D+bA+zAX5sF8WABp8AEshEWQDh/CYvgIMmAJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbATvgYdsEnsBv2wF74FPbBZ/9m/qm/y++KgIACBSpUGIMxGIuxmAtzYW7MjXkwD0YwgnEYh3kxL+bDfFgAC2A8xmNhLIwGDRISFsEiGMUoFsNiWByLY0ksiQ4dJmAClsGbsSyWxXJYDstjeayAFbEiVsbKWAWrYFWsitWwGlbH6lgTa+LdeDf2xjpYB+tiXayH9S7dnsKG2BAbYSNsjI2xCTbBptgUm2NzbIktsRW2wtbYGttiW2yH7bA9tsdETMQO2AE7YkfshJ2wM3bGLtgFu2I37Jb1Qg7AF/FF7IXVRW/sg32wLybn6I8DcAC+jIPwFXwFX8VkHIJD8TV8DV/H4XgSR+BIHIWjsIp4C8fgWCQxHlMwBSfiRJyEk3AyTsEpOA1TcTrOwBk4E2fhLHwP5+D7+D7Ow3m4ANMwDRfiIkzHdFyMpzADl+BSXIbLcQUux1W4GlfhWlyHa3EDbsBNuAm34BbchttwB+7Aj1EB4Ce4B/dgMu7Dfbgf92MmZuIBPIBZmIUH8SAewkN4GA/jETyCR/EYHsdjeAJP4Ek8hafxNJ7Fs3gOn4v/qtHHJdYkg7hACSViRIyIFbEil8glcovcIo/IIyIiIuJEnMgr8op8Ip8oIAqIeBEvCovCwggjSIQxACCiIiqKiWKiuCguSoqSwgknEkSCKCPKiLKirCgnbhXlxW2igqgo2rjKorKoItq6quJOUU1UE9VFDVFT1BK1RG1RW9QRdURdUVfUE/VEffGAaCB6Y398SFyoTGMxBJuIodhUNBPy4idYKzEcW4s2oq14QozEEdhetHKJ4mnRQYzBjuJvYiw+KzqL8dhFPC+6im6iu3hB9BCtXU/RS0zG3qKPmIZ9RT/RXwwQM7GGeA/n5KwpXhXJYogYKl4TC/B1MVy8IUaIkWKUeFOMFm+JMWKsGCfGixQxQUwUb4tJ4h0xWUwRU8U0kSqmixniXTFTzBKzxXtijnhfzBXzxHyxQKSJD8RCsUikiw/FYvGRyBBLxFKxTCwXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU1sFzvETvGx2CU+EbvFHrFXfCr2ic/EfvG5yBRfiAPiS5ElvhIHxdfikPhGHBbfiiPiO3FUHBPHxffihPhBnBSnxGlxRpwVP4pz4idxXngBEqWQUioZyBiZQ8bKnDKXvErmlsHFZ/daGSevk3nl9TKfzC8LyIIyXhaShaWWRlpJMpRFZFEZlTfIYvJGWVyWkCVlKelkaZkgb5Jl5M2yrLxFlpO3yvLyNllBVpSVZGV5u6wi75CQ+cs+qssasqasJe+WSXCPrCPvlXXlfbKevF/Wlw/IBvJB2VA+JBvJh2Vj+YhsIh+VTWUz2Vy2kC3lY7KVfFy2lm1kW/mEbCeflO3lUzJRPi07SH/xJfKs7Cyfk13k87Kr7Ca7y5/keellT9lLQm+QfeRLsq/sJ/vLAXKgfFkOkq/IwfJVmSyHyKHyNTlMvi6HyzfkCDlSjpJvytHyLTlGjpXj5HiZIifIifJtOUm+IyfLKXKqnCZT5XTZ/2JPs6X8p/lv/0H+4J/3vklullvkVrlNbpc75E75sdwld8ndcrfcK/fKfXKf3C/3y0yZKQ/IAzJLZsmD8qA8JA/Jw/KwPCKPyKPymDwjv5cn5A/ypDwlT8kz8qw8K89dfA5AoRJKKqUCFaNyqFiVU+VSV6nc6mqVR12jIupaFaeuU3nV9Sqfyq8KqIIqXhVShZVWRllFKlRFVFEVVTfgxReMKqlKKadKqwR107+Tr4qpG1VxVeI3+ZfGl/QPxtdStVStVCvVWrVWbVVb1U61U+1Ve5WoElUH1UF1VB1VJ9VJdVadVRfVRXVVXVV31V31UD1UT9VTJakk1Ue9pPqqfqq/GqAGqpfVIDVIDVaDVbJKVkPVUDVMDVPD1XA1Qo1Qo9QoNVqNVmPUGDVOjVMpKkVNVBPVJDVJTVaT1VQ1VaWqVDVDzVAz1Uw1W81Wc9QcNVfNVfPVfJWm0tRCtVClq3S1WC1WGWqJWqKWqWVqhVqhVqlVao1ao9apdWqD2qAy1Ga1WW1VW9V2tV3tVDvVLrVL7Va71V61V+1T+9R+tV9lqkx1QB1QWSpLHVQH1SF1SB1Wh9URdUQdVUfVcXVcnVAn1El1Up1Wp9VZdVadU+fUeXX+wrQvEIEIVKCCmCAmiA1ig1xBriB3kDvIE+QJIkEkiAvigrzB9UG+IH9QICgYxAeFgsKBDkxgA3Gx6NHghqBYcGNQPCgRlAxKBS4oHSQENwVlgpuDssEtQbng1qB8cFtQIagYVAoqB7cHVYI7gqrBnUG14K6gelAjqBnUCu4Oagf3BHWCe4O6wX1BveD+oH7wQNAgeDBoGDwUNAoeDhoHjwRNgkeDpkGzoHnQImj5p/bv/cn8j7ueupdO0r11H/2S7qv76f56gB6oX9aD9Ct6sH5VJ+sheqh+TQ/Tr+vh+g09Qo/Uo/SberR+S4/RY/U4PV6n6Al6on5bT9Lv6Ml6ip6qp+lUPV3P0O/qmXqWnq3f03P0+3qunqfn6wU6TX+gF+pFOl1/qBfrj3SGXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoXfqj/Uu/YnerffovfpTvU9/pvfrz3Wm/kIf0F/qLP2VPqi/1of0N/qw/lYf0d/po/qYPq6/1yf0D/qkPqVP6zP6rP5Rn9M/6fPaX5jcXzi9G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emr8lr8pl8poApYOJNvClsCpsLyJApYoqYqImaYqaYKW6Km5KmpHHGmQSTYMqYMqasKWvKmXKmvClvKpgKppKpZG43t5s7zB3mTnOnucvcZWqYGqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkGpvGpolpYpqapqa5aW5ampamlWllWpvWpq1pa9qZdqa9aW8STaLpYDqYjqaj6WQ6mc6ms+liupiupqvpbrqbHqaH6Wl6miSTZPqYPqav6Wv6m/5moBloBplBZrAZbJJNshlqhpphZpgZboabEWakGXVhomreMmPMWDPOjDcpJsVMNBPNJDPJTDaTzVQz1aSaVDPDzDAzzUwz28w2c8wcM9fMNfPNfJNm0sxCs9Ckm3Sz2Cw2GSbDLDVLzXKz3Kw0K81qs9qsNWvNelhvNpqNZrPZbLaarWa72W52mp1ml9lldpvdZq/Za/aZfWa/2W8yTaY5YA6YLJNlDpqD5pA5ZA6bw+aIOWKOmqPmuDluTpgT5qQ5aU6b0+asyX/xfOlNrM1pc9mrbG57tc1jr7F/HxewBW28LWQLW23z2fy/iY21trgtYUvaUtbZ0jbB3vS7uIKtaCvZyvZ2W8XeYav+Lq5t77F17L22rr3P1rJ3/yauZ++39e0jtgEigG1mG9kWtrF9xDaxj9qmtpltblvYdvZJ294+ZRPt07aDfeZ38UK7yK62a+xau87utnvsaXvGHrLf2LP2R9vT9rID7ct2kH3FDrav2mQ75HfxKPumHW3fsmPsWDvOjv9dPNVOs6l2up1h37Uz7azfxWn2AzvHptu5dp6dbxf8HF8YU7r90C62H9kMG8BSu8wutyvsSrvqv8a6zG6wG+0mu8t+YrfabXa73WF3XpoI2z12r/3U7rOf2YP2a5tpv7AH7GGbZb/6Ob5wfIftt/aI/c4etcfscfu9PWF/uPRf/j8f+/f2J3veeguEBCRJUUAxlINiKSfloqsoN11NeegaitC1FEfXUV66nvJRfipABSmeClFh0mTIElFIRagoRekGujS8klSKHJWmBLqJytDNVJZuoXJ0K5Wn26gCVaRKVJlupyp0B1WlO6ka3UXVqQbVpFp0N9Wme6gO3Ut16T6qR/dTfXqAGtCD1JAeokb0MDWmR6gJPUpNqRk1pxbUkh6jVvQ4taY21JaeoHb0JLWnpyiRnqYO9Ax1pL9RJ3qWOtNz1IWep67UjbrTC9SDXqSe1IuSqDf1oZeoL/Wj/jSABtLLNIheocH0KiXTEBpKr9Ewep2G0xs0gkbSKHqTRtNbNIbG0jgaTyk0gSbS2zSJ3qHJNIWm0jRKpek0g96lmTSLZtN7NIfep7k0j+bTAkqjD2ghLaJ0+pAW00eUQUtoKS2j5bSCVtIqWk1raC2to/W0gTbSJtpMW2grbaPttIN20se0iz6h3bSH9tKntI8+o/30OWXSF3SAvqQs+ooO0td0iL6hw/St70Xf0VE6RsfpezpBP9BJOkWn6QydpR/pHP1E58kThBiKUIYqDMKYMEcYG+YMc4VXhbnDq8M84TVhJLw2jAuvC/OG14f5wvxhgbBgGB8WCguHOjShDSkMwyJh0TAa3hAWC28Mi4clwpJhqdCFpcOE8KawTHhzWDa8JSwX3hqWD28LK4QVw0fuqxzeHlYJ7wirhneG1cK7wuphjbBmWOvqu8Pa4T1hnfDesG54X1g2vD+sHz4QNggfDBuGD4WNwofDxuEjYZPw0bBp2CxsHrYIW4aPha3Cx8PWYZuwbfhE2C58MmwfPhUmhk+HHcJnfl5//6J/vD4p7B32CV8KXwq9v1fOjy6IpkU/iC6MLoqmRz+MLo5+FM2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4ql9td7fK4a1zEXevi3HUur7ve5XP5XQFX0MW7Qq6w084468iFrogr6qLuBlfM3eiKuxKupCvlnCvtElwL19K1dK3c4661a+PauifcE+5J96R7yj3lnnYd3DOuo/ub6+SedZ3dc+4597zr6rq57u4F18NNyPPLezLJ9XF9XF/X1/V3/d1AN9ANcoPcYDfYJbtkN9QNdcPcMDfcDXcj3Ag3yo1yo91oN8aNcePcOJfiUtxEN9FNcpPcZDfZTXVTXapLdTPcDDfTzXRVZv2yl7lurpvv5rs0l+YWugtzxnS32C12GS7DLXVL3XK33K10K91qt9qtdWvderfebXQb3Wa32W11W912t93tdDvdLrfL7fbX/NKp2+f2u/0u02W6A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcSmRCZGHk7MinyTmRyZEpkamRaJDUyPTIj8m5kZmRWZHbkvcicyPuRuZF5kfmRBZG0yAeRhZFFkfTIh5HFkY8iGZElkaWRZZHlkRUR7wttDX0RX9RH/Q2+mL/RF/clfElfyjtf2if4m3wZf7Mv62/x5fytvry/zVfwFX0l/6hv6pv55r6Fb+kf86384761b+Pb+id8O/+kb++f8on+ad/BP+M7+r/5Tv5Z39k/57v4531X38139y/4Hv5F39P38km+t+/jX/J9fT/f3w/wA/3LfpB/xQ/2r/pkP8QP9a/5Yf51P9y/4Uf4kX5UzJt+9KVLZBjvU/wEP9G/7Sf5d/xkP8VP9dN8qp/uZ/h3/Uw/y8/27/k5/n0/18/z8/0Cn+Y/8Av9Ip/uP/SL/Uc+wy+5dFPZr/Sr/Gq/xq/16/x6v8Fv9Jv8Zr/Fb/Xb/Ha/w+/0H/td/hO/2+/xe/2nfp//zO/3n/tM/4U/4L/0Wf4rf9B/7Q/5b/xh/60/4r/zR/0xf9x/70/4H/xJf8qf9mf8Wf+jP+d/8uf5d9YYY4wxxv4lEy43xW/X/HI7v/cf5IhfbdwHAK7eVjDr1+svzCjX5/ul3U/Et4sAwNO9ujx0aalePSkp6eK2GRKCovMAIHI5PwYux0ugLTwJidAGyvzh+PuJbmfpn/QfvRUg169yYuFyfLn/z0//0Vcf9BOPPTFqYfnwdNz/p/95AMWLXs7JCZfjJdD25/srbaDsPxh//lb/ZPw5v0gBaP2rnNxwOb48/gR4HJ6BxN9syRhjjDHGGGOM/aKfqNTp0vXnpZ/4/KPr8/hffTFADrgc/7Prc8YYY4wxxhhjjF15z3br/tRjiYltOv37jar/rax/udEE/qd65sYfNrwHuPSIAoD/sEOACw35Vx7Flr9kX8kX3zp/v2r5GR/A/45S/hmNK/zBxBhjjDHGGPvTXZ70//Zx/jsAjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYX+ev+DqxK32MjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2JX2/wIAAP//6WoMbA==")
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000080)='./file0/../file0\x00')
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000180)='./file0/../file0\x00')

6m39.104823367s ago: executing program 9 (id=3457):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f000001a200)={0xb4, r1, 0x5, 0x0, 0xfffffffe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {{{}, {0x5}, @device_b}, 0x0, @random=0x6, 0x2000, @void, @void, @void, @val={0x4, 0x6, {0x7, 0x3, 0xfff, 0xf32}}, @void, @void, @void, @void, @void, @void, @void, @void, @void}}, @NL80211_ATTR_PROBE_RESP={0x4a, 0x91, "0c3e1b49f1e6df8db238c66fee56c2c5bdd41924d2a883b38c0d31d760d633ce0988866b77f9d15b6a1c6a76647ac9ad12b2899969cbf1225656b094e37635766bf3f97d579d"}, @NL80211_ATTR_IE_ASSOC_RESP={0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0xb4}}, 0x0)

6m37.764707419s ago: executing program 9 (id=3461):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x0, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x8401)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x2000, 0x103)

6m35.564264985s ago: executing program 44 (id=3461):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x0, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x8401)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x2000, 0x103)

5m59.505194607s ago: executing program 8 (id=3608):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x46, &(0x7f0000000080)={@multicast, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0xff, @empty, @local, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}}}}}}}}, 0x0)

5m58.570190592s ago: executing program 8 (id=3612):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xe0042, 0xfd)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
setxattr(&(0x7f0000000000)='./file0/file1\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', 0x0, 0x0, 0x2)

5m57.479422214s ago: executing program 8 (id=3617):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000b80)={0x44, &(0x7f0000000900)=ANY=[@ANYBLOB="0015b3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x3800000000000000)
read$char_usb(r1, &(0x7f0000000300)=""/219, 0xdb)

5m54.138268716s ago: executing program 8 (id=3630):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000001c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@debug}, {@resgid}]}, 0x1, 0x5fd, &(0x7f00000006c0)="$eJzs3c9vFFUcAPDv7LalpWALMSoepIkxkCgtLWCI8QBXYxr8ES9erLQgoUDT1mjRhJLgxcR4McbEkwfxv1AiV0960YMXT4aEqOFo4prZ7vTnbH8s7Q4wn0+y7My8ebw3LN++t6/vzQRQWgPpH5WIAxExlUT0JfOLaR3RSBxYOO/ePx+fTV9J1Gpv/JVE0jiWnZ803nsbmbsj4ucfk9hfXVvuzNzVi2OTkxPTjf2h2UtTQzNzV49cuDR2fuL8xOWRF0dOnjh+4uTw0Zau69raQ2l1Puj7dPTtb7/+Nxn+7vfRJE7FK40Tl1/HdhmIgfq/SbI2qffkdhdWkGrj/8nyjzjpKLBCbEn2+XVGxJPRF9VY+vD64pPXCq0csKNqSUQNKKlE/ENJZf2A7Lv96u/BlUJ6JUA73D29MACwNv47FsYGo7s+NrD7XhLLh3WSiGhtZG6lPRHx0+3RG+duj96Y3rsz43BAvvnrEfHUsvjvylKSevz3R3f01+O/siL+037BmcZ7evz1FstfPVQs/qF9FuK/O6f9X4r/aBL/7yyL/3dbLH9gafO9nhXx39PqJQEAAAAAAEBp3TodES/kzf+pLM7/iZz5P70RcWobyh9Ytb/29/+VO9tQDJDj7umIl3Pn/1aiujD7t7/a+D3/3vp8gM7k3IXJiaMR8VhEHI7OXen+8DplHPls/1fN0gYa8/+yV1p++r50RuVOx66VecbHZsfu97qBiLvXI57Onf+bLLb/SU77n/48mNpkGfufu3mmWdrG8Q/slNo3EYdy2/+lu1Yk69+fY6jeHxjKegVrPfPR5983K7/V+HeLCbh/afu/e/3470+W369nZutlHJvrqDVLa7X/35W8Wb/lTLZc4cOx2dnp4Yie5NVqenTF8ZGt1xkeRVk8ZPGSxv/hZ9cf/8vr//dExPyqvzv5e+Wa4swT//X+0aw++v9QnDT+x7fU/jfdSOYjcpNGbvb/0Kz8zbX/x+tt/eHGEeN/sODLLEy7Vh7PCdCOvKR21xcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgWViNgTSWVwcbtSGRyM6I2Ix2N3ZfLKzOzz5668f3k8Tas//7+SPem3b2E/yZ7/379sf2TV/rGI2BcRX1R76vuDZ69Mjhd98QAAAAAAAAAAAAAAAAAAAPCA6G2y/j/1Z7Xo2gE7rqPoCgCFyYn/X4qoB9B+2n8oL/EP5SX+obzEP5SX+IfyEv9QXuIfykv8AwAAAADAI2XfwVu/JREx/1JP/ZXqaqR1FlozYKdViq4AUBi3+IHyMvUHyst3fCDZIL27aaaNcjbLnJo6u3FmAAAAAAAAAAAAACBz6ID1/1BW1v9DeVn/D+WVrf8/WHA9gPZr+Tt+0zW9wMNovZX8zcN9E+v/AQAAAAAAAAAAAIBtMTN39eLY5OTEdPs2fm089Cv3nJ6IaHN9so23iii02I1arXat/lE8IPV5yDeyqfCbz9WdHwU7s5Gt9dtcroJ+IAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGv8HwAA//+xpBxA")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = open$dir(&(0x7f0000000200)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000400)=@v1={0x0, @adiantum, 0x2, @desc1})
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

5m52.371456799s ago: executing program 8 (id=3637):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x64, 0x10, 0x437, 0x3, 0x3, {0x0, 0x0, 0x0, 0x0, 0x51b0b}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x34, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8}, @IFLA_GRE_LOCAL={0x14, 0x6, @remote}, @IFLA_GRE_REMOTE={0x14, 0x7, @private0}]}}}]}, 0x64}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="6c0000001000370403000000ffffffff00000000", @ANYRES32=r1, @ANYBLOB="0b1b0500000000004c0012800b00010069703667726500003c00028008000100", @ANYRES32=r1], 0x6c}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)

5m51.248351091s ago: executing program 8 (id=3643):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000010961b080000000000000109022400010000000109040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f0000000cc0)=ANY=[@ANYBLOB="000464"], 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$TUNSETOWNER(0xffffffffffffffff, 0x400454cc, 0x0)

5m49.090541483s ago: executing program 45 (id=3643):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000010961b080000000000000109022400010000000109040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f0000000cc0)=ANY=[@ANYBLOB="000464"], 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$TUNSETOWNER(0xffffffffffffffff, 0x400454cc, 0x0)

3m46.087409672s ago: executing program 0 (id=4178):
r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0xc00, 0x400, 0x0, 0x0, 0x0}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
r4 = eventfd(0x7db)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000000)=r4, 0x1)
syz_io_uring_submit(r1, r2, r3, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r0, 0x1, 0xeed, 0x1, 0x0, 0x0)

3m44.712413735s ago: executing program 0 (id=4183):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0xc080)
sendmsg$NL80211_CMD_ASSOCIATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x30, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x4}, @NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}]}, 0x30}}, 0xc00)

3m43.922248356s ago: executing program 0 (id=4186):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD64(r0, 0x400454a4, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1, 0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
read$FUSE(r0, &(0x7f0000002440)={0x2020}, 0x2020)

3m43.326668333s ago: executing program 0 (id=4189):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f00000001c0)='./file0\x00')

3m42.637303136s ago: executing program 0 (id=4191):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000016c0)=@newsa={0x138, 0x10, 0x1, 0xfff7fffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@private2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x40}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8801}, 0x0)

3m41.644423273s ago: executing program 0 (id=4196):
r0 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bcf, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0, &(0x7f0000000000))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, 0x0, &(0x7f0000000000))
io_uring_enter(r0, 0x46f3, 0x0, 0x0, 0x0, 0x0)
write(r3, &(0x7f0000000200)='~', 0x1)

3m38.800122435s ago: executing program 46 (id=4196):
r0 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bcf, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0, &(0x7f0000000000))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, 0x0, &(0x7f0000000000))
io_uring_enter(r0, 0x46f3, 0x0, 0x0, 0x0, 0x0)
write(r3, &(0x7f0000000200)='~', 0x1)

3m3.548760837s ago: executing program 6 (id=4306):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000009440)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000009500)={0x0, 0x0, &(0x7f00000094c0)={&(0x7f0000009480)={0x1c, r2, 0x1, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40d1}, 0x0)

3m2.538301206s ago: executing program 6 (id=4311):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$kcm(0x2, 0x5, 0x84)
pselect6(0x40, &(0x7f0000000180)={0x0, 0x0, 0x12, 0x2, 0x6, 0x9, 0x40, 0x8000}, 0x0, &(0x7f0000000240)={0x1f, 0x112, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000004}, 0x0, 0x0)
shutdown(r0, 0x2)
sendmsg(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x20044044)

3m1.154722748s ago: executing program 6 (id=4318):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
ppoll(&(0x7f0000000300)=[{r0, 0x9090}], 0x1, 0x0, 0x0, 0x0)
sendmsg$rds(r0, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

2m59.779651576s ago: executing program 6 (id=4325):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000021c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000300)='.\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x185093, 0x0)
mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

2m58.403234379s ago: executing program 6 (id=4333):
r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000092ecc620ac0500773aeb010203010902240001000020000904c40102fffd0180090502021002020000090582020002"], 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x4, &(0x7f00000000c0)={[{}]})
syz_usb_control_io$uac1(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0003060000000603"]}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f00000001c0)=ANY=[@ANYBLOB="201406"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)

2m57.716253202s ago: executing program 6 (id=4336):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000700)='notify_on_release\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f00000003c0)=0x1ff, 0x12)
mkdirat$cgroup(r0, &(0x7f00000001c0)='syz0\x00', 0x1ff)

2m55.506248885s ago: executing program 47 (id=4336):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000700)='notify_on_release\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f00000003c0)=0x1ff, 0x12)
mkdirat$cgroup(r0, &(0x7f00000001c0)='syz0\x00', 0x1ff)

1m42.911841133s ago: executing program 4 (id=4611):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r1, &(0x7f0000000780), 0x12)
bind$x25(r0, &(0x7f0000000080), 0x12)
close(r0)

1m42.316651391s ago: executing program 4 (id=4612):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0)

1m41.694328191s ago: executing program 4 (id=4614):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000200)={{@local, 0x10000}, 0x0, 0x1})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000040)={0x0, 0x6})

1m41.157884906s ago: executing program 4 (id=4616):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x21008, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000080)='./file0/../file0/file0\x00')
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000180)='./file0/../file0\x00')

1m40.572439496s ago: executing program 4 (id=4619):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='numa_maps\x00')
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2020)

1m39.651944655s ago: executing program 4 (id=4622):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = io_uring_setup(0xaae, &(0x7f0000000080)={0x0, 0xdf4, 0x80, 0xb, 0x2da})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000100)=[0xffffffffffffffff], 0x1)

1m37.161881096s ago: executing program 48 (id=4622):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = io_uring_setup(0xaae, &(0x7f0000000080)={0x0, 0xdf4, 0x80, 0xb, 0x2da})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000100)=[0xffffffffffffffff], 0x1)

10.028622358s ago: executing program 7 (id=4942):
pipe(&(0x7f0000000600)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r2=>0x0)
read$FUSE(r0, &(0x7f0000001740)={0x2020}, 0x2020)
pselect6(0x40, &(0x7f0000000100)={0x7, 0x0, 0x0, 0x8ac2, 0x0, 0x0, 0x0, 0x4}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x5, 0x0, 0x1000000002, 0x0, 0x9, 0x6}, 0x0, 0x0)
io_submit(r2, 0xf000, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)='m', 0xffffff4c}])

8.448678859s ago: executing program 7 (id=4948):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x7c8})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/13, 0xd}, {&(0x7f0000000180)=""/31, 0x1f}], 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

7.831513109s ago: executing program 5 (id=4950):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f00000034c0)={0x2020}, 0xcac)

6.391653272s ago: executing program 5 (id=4955):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448e1, &(0x7f0000000000))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r1, &(0x7f0000000140)="05000000010000", 0x7)

5.502463888s ago: executing program 2 (id=4960):
r0 = socket(0x200000000000011, 0x2, 0xd)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x32, &(0x7f0000000200)={@multicast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x4, 0x4e25, 0x10, 0x0, @opaque="f22ab613c904ad66"}}}}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbbbbbbbbbbbbb080045000024000041020511"], 0x0)

5.298649589s ago: executing program 5 (id=4961):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xe, 0x3, 0x1, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x51}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x170, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x140, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "abcc61b4e508c02286f1bafc7a22c407a52b0e13291c865d493f15736245f220cd4e40006df455836aa3bd3aaa2c9b95578719c46f89e0179832927deecf7465ea95bd97b018b7afaccdcb28bb42d677b73c44e790f0875fb4b795ca95b7dd712d2c5d69945535f92f74a71236749b077cc85e96554beb53c986a216051bd5979a8cfcfe9f98be58ff7944f6cfda8579dbaedceee578bfd1fb554b6e185e9315425ef0a3fc69d17ede93fc7c46357990604b9f12033688caa0b04adecfc926b3f6ca25bcb5432905e3f30ccbf10cf0f2d00858ba2bbd2702b8d4a7a7c744fbaa2fa35b1c586020d600"}, @TCA_GRED_PARMS={0x38, 0x1, {0x7, 0x4, 0x9, 0x20009, 0x6, 0x800004, 0x1, 0xffff7fff, 0x3ff, 0x2, 0x9, 0xc, 0x5, 0x0, 0x3, 0x8}}]}}]}, 0x170}}, 0x20000004)

5.225900158s ago: executing program 1 (id=4962):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000200)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000240)=[@request_death={0x400c630e, 0x0, 0x1000000}, @clear_death], 0x0, 0x0, 0x0})

5.101501411s ago: executing program 3 (id=4963):
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3cd2e7b3d6526bf5}}}, 0x68}}, 0x0)
sendmsg$rds(r0, &(0x7f0000003a80)={&(0x7f0000000100)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10, &(0x7f0000000dc0)=[{&(0x7f0000000200)=""/41, 0x29}], 0x16, 0x0, 0x0, 0x8000}, 0x48004)

4.857226685s ago: executing program 2 (id=4964):
syz_usb_connect$uac3(0x0, 0x80, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x1235, 0x10, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6e, 0x3, 0x1, 0x0, 0x20, 0x40, {0x8, 0xb, 0x2, 0x1, 0x1, 0x21, 0x30, 0xc6}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x4, 0xa, 0xfff}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x6, 0xd, 0xb, {0xa, 0x25, 0x25, 0x401, 0xe, 0x8}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x3df, 0x2, 0xff, 0x0, {0xa, 0x25, 0x25, 0x5, 0x7, 0x8}}}}}}}}]}}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x200244)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r0, 0xc0085504, 0x0)

4.484618945s ago: executing program 1 (id=4965):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000240)={0x16}, 0x8)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7a, &(0x7f0000000340)={r1, @in6={{0xa, 0x3, 0x4, @private2}}}, &(0x7f0000000040)=0x84)

4.430384582s ago: executing program 3 (id=4966):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000051c0)={0x1, 0x1000}, 0x4)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0x73220c8b}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000004040)=[{{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, 0x0}, 0x5}], 0x2, 0x0, 0x0)

4.036560032s ago: executing program 5 (id=4967):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r0, &(0x7f0000000200)={0xa, 0x4e20, 0x4000b, @ipv4={'\x00', '\xff\xff', @empty}, 0x80ad}, 0x1c)
r1 = socket$inet6(0xa, 0x80002, 0x0)
bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e20, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3a}}, 0x80ab}, 0x1c)

3.898393615s ago: executing program 1 (id=4968):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e21, @rand_addr=0x64010102}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={r2, 0x3ff}, &(0x7f00000000c0)=0x8)

3.354547854s ago: executing program 7 (id=4969):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000400), 0x101800, 0x0)
r0 = syz_io_uring_setup(0x239, &(0x7f0000000680)={0x0, 0x405e5, 0x10100, 0x0, 0x2e0}, &(0x7f0000000180)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000000))
syz_io_uring_submit(r1, r2, 0x0, &(0x7f0000000000))
io_uring_enter(r0, 0x663e, 0x0, 0x2, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

3.221371925s ago: executing program 5 (id=4970):
sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)={0x14, 0x0, 0x1, 0x170bd25, 0x25dfdbfc, {0x39}}, 0x14}, 0x1, 0x0, 0x0, 0x448c9}, 0x4004810)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)={0xf0, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_NAT={0xa0, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x7c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}]}, @CTA_EXPECT_NAT={0x3c, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1}, {0x14, 0x4, @private1}}}]}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})

3.004993902s ago: executing program 2 (id=4971):
syz_mount_image$hfsplus(&(0x7f0000000c00), &(0x7f0000000100)='./file1\x00', 0x8, &(0x7f00000003c0)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRES8, @ANYBLOB="0a42f7415a3663f0ccff19a8b6c74a5ca36cde3a0764e4539a0072118a8ca35f4cfd925432ff27a561206de87f8ef8fd024eb3b7293d4f804164aa55affb403bca8af4c0f0fb72f91e3d6b0bb844b31943a9deeeafb1a147ec2703ef0dcb51f0b130653ab2053803328849a0ce1549b84673bd2905fb1371c07486fcc547a816c117c340d1683e87ffde3073bb03c6b1155e6cb645b5e79b6c216befe7790345349e", @ANYRESOCT, @ANYRES8], 0xfb, 0x6b4, &(0x7f00000013c0)="$eJzs3ctvXFcdB/DvHU9sT1pCmiZtQJVqNRIgIhInVlrMhoAQyqKqqrJgbSVOY8VJi+Mit0LE4bnton9AWWSDWCGxYhOpsGADu+6Ql0hIbMqCsGHQvXPHHs+MJ+M28QM+n+jOOeeec88953cf87CiG+D/1pWzaT5IkStnX10ryxv355Y37s/d6uRfayaZSrKelNlGkuJf7Xb7o+RyUmx2U/SlAz5Ymn/j4082/tYpNeulat8YtV2fut163+r17rqZJBN1+hls6+/qZ+6v2Bz55SRn6hT23ZEk7W1+8KenN2t6tIZtPb0nYwSerKLzvjngeHK0vtDLzwHdd97G3o5uPBPdQXYVzR3b9n+CAAAAgMOm+g48+NV325rPP8zDrBXH9nBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKitJ5P14/OLeml08zMpus//n6zXpc4fLC/urvmDzpwAAAAAAAAA4FB78WEeZi3HuuV2Uf3N/6WqcLJ6fSrv5E4Ws5JzWctCVrNaJBeSHO/paHJtYXV1qlvaccus5OKwLVcuPmKg3a5bj2HSAAAAAAAAAPC/5ye5svX3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAiKZKKTpLjXs/p4Gs0k00kmyxXrSdGs8wfb9MjaB3s2DgAAANg/U8nDrOVYt9wucjLJc9VvANN5J7ezmqWsZjmLuVb9LtD51t/YuD+3vHF/7la5DPb7rX/sahhVj+n89jB8z6fLFu0i17NUrTmXq3kry7mWRrVl6XQ9nm6vfeO6V46p+GbtlfFGdq1Oy5m/X6cD7u5qsjvZ5Y8px6uYHelEZCKZrcdWRuOZ7pEZfoR2eXS27SmLuZDG5mBP9u1pcvtktsd8q8vGqP0drdNyPr/YKeb7ohOJ/7Q7FnOx5+x7bnTMky//7jffn63zB2dK45mo03b12ho8J+Z6IvH8OJG4sXz75o3rd84etkgMmK0icWqzfCXfzfdyNjN5PStZyg+zkNUsZibfqXIL9cEvei75HSJ1eVvp9UeNZLI+QzsHa3djeqna9liW8lreyrUs5uXq38VcyCu5lEuZ7znCp0Yf4eqqbwxe9ZX254YO/sxX6kwryS/r9GAo4/pMT1y3zvrZKt7PbFtTR6lo5sQYURpybxyl+cU6U+7jp4+6ke6p/khc6Dlfnh0diV9Vt5U7y7dvrtxYeHu83Z14v86U19HPk5mDcyMpz5cT5cGqSlPbzo6y7tnNuu3xKutObtY1BupO5fdpNrt7Wcr6jlfqZP0ZbrCni1Xd80Pr5qq60z11rSGftwA48I5+9ehk6++tP7c+bP2sdaP16vS3p74+9cJkjvzhyDeasxNfarxQ/DYf5sdb3/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBP7867791cWF5eXOnLtNvtu38ZXjVmpvu8mk+5eX+m+1SoMRpn5q9PlU2HVE2kfXeHqieV+cLTyV7t6+Bm/t1ut+s1xQ5tfv3H/kBNZZ9CVz/nr30gQjciM/34rq+BzL7dkoA9cn711tvn77z73teWbi28ufjm4u35S5fmZ+cvvTw3fX1peXH2fPW636MEnoStN/39HgkAAAAAAAAAAAAwrsf8fwbWh1Xt9xwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAw+3K2TQfpMiF2XOzZXnj/txyuXTzWy2bSRpJih8lxUfJ5XSWHO/prthpPx8szb/x8Scb/2x31P1V7RujthvPer1kJslEJ733uPq7WqcjFaOmUGzOsAzYmW7gYL/9NwAA//8wOw48")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000100)=""/54, 0x36)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40))
rmdir(&(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2.895347301s ago: executing program 3 (id=4972):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000280), 0x4eb36, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000007c0)={0x1, 0x2, 0x1, 0x0, 0x8})
ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000140)=0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

2.496659376s ago: executing program 7 (id=4973):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0xce21, @local}], 0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000140)=0x9, 0x4)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1c}}], 0x10)

2.467604625s ago: executing program 1 (id=4974):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r0, &(0x7f00000003c0)={0x1d, r2}, 0x10)
sendmsg(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)="751edb18dbf46e8f09d97e5bbd402d11fea33f21e2", 0x15}, {&(0x7f00000001c0)="da", 0x1}, {&(0x7f0000000240)="6d5f67af894fc09d550067b675507cd5556770418b1b34525a6becaa1a13b103508a04d5cd215b761cd584cddde2539d4d275745d349805bf16f7bd8010d7104086c0e743d76d4de754ad1714e562adea566098cbd4bb4b351de0ed58f1361f6920b4598be11b9f546e6ba23ba5075072ef9d7362c255f7797866066f2697c324aa5dc055389df4d7725ef8f4e391c9bcbc80b7a9397f3f484ddc09076e854b1ee0569277a48abb91df8c3d57555dd4ed07a395e7c78444c971401bb04a219d661d01158a497c68330c7a8878ad272b2fd9915717c58efd568017a16947f3145cc2d", 0xe2}], 0x3}, 0x4010)

2.080962171s ago: executing program 3 (id=4975):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, &(0x7f0000000e80)=[{{&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}}], 0x1, 0x4000000)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000080)={0x68fa, 0x204, 0xc, 0xef, r2}, 0x10)

1.9632262s ago: executing program 2 (id=4976):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x70bd2c, 0x25dfdbff, {0xa, 0x18, 0x0, 0x0, r1}, [@IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_ADDRESS={0x14, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@ipv6_newaddr={0x34, 0x14, 0x101, 0x70bd26, 0x25dffbf8, {0xa, 0x38, 0x78, 0xff, r1}, [@IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_RT_PRIORITY={0x8, 0x9, 0x9}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004051}, 0x0)

1.905368893s ago: executing program 7 (id=4977):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000180)={0x1d, 0x0, 0x0, {0x0, 0x0, 0x1}, 0x2}, 0x18)
timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000bbdffc))
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

1.554219123s ago: executing program 5 (id=4978):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10000, &(0x7f0000000080)={[{@quota}, {@delalloc}, {@acl}, {@journal_dev={'journal_dev', 0x3d, 0x11}}, {@usrjquota}, {@bsdgroups}]}, 0x1, 0x50a, &(0x7f0000001f40)="$eJzs3M9vVNUeAPDvnXZoC49HH49HQh/vvQLP2JjYQkFh4QYTExeaGHEhy6YdSGUAQ7sQ0siQGFyTuDcujTtN3OrSuPIPwIULE0NClA1gYjLmztw7nc6PzrTW1rafTzJwzp17z7nfuefMnHtP7w1g1xpP/0ki/hYR9yPiQD27coXx+n9PHi3NPn20NBuVavXCz0ltvcdpPpNvty/LTBQiCh8kLQXWLdy8dWWmXC7diEotP7V49d2phZu3np+/OnO5dLl0bfrcuTOnT519cfqFFWVHxHDPoDrUl8b1eOz960ePvHrx3uuzg62FNcfRVb7VL5Weq0b+2XbxTHN5O8D+pnTSHtftTd0Z+jacNcNi2v+XyscvbvUOAZumWq1Wh7q/Xam2utO2BNi2ktjqPQC2Rv5Dn57/5q/6kuJmDD+23MPz9ROgx4+WqrdjcPZJI/7BKGTrFFvOb1OrjJnWZDwi3q78+nH6itWuQ/ywQRUCALve1+ezYWASLeO/QhxuWu/v2RzKaET8IyIORsQ/I+JQRPwrYsW6KyQR1VXqP9S6oFH/F9ksQuHBemPrRzr+eymb28pfWb35KqMDWW5/RD5gLp3MPpOJKA5dmi+XTnUpf0+P+pvHf+krrT8fC2b78WCwZbA5N7M4s75o2z28EzE22Bp/MpgeuHwaJ4mIIxExtoZyR5vS8899erSRaTmt6B1/TbXDlN6GzJ9VP4l4tn78K9GIf2TFJGLSPD9ZaJufnBqOcunkVNoKTnbcyW+/u/tGt/p7xv/lj62bvHL2qwt/PPBMevz3NrX/yOdvl+MfTSKSxnztQkR1YG113P3+w1q54yfa31tv+9+TvFVL5/3rvZnFxRunIvYkr7Uvn17eNs/n66fxT5zo3P8PZtukn8S/IyJtxP+JiP9GDOT7fiwijkdEh9Aavnn5/+90e6/P9v+nSeOf6/j9l2TtoHb8l+fr+0zk5adLBq4cu/90rPPEfRb/gdWP/5laaiJb0vn7L1nxFdHvnm7ARwgAAAB/eYWo/e1/YbKRLhQmJ+vXgA7F3kL5+sLi/yLi2lz9HoHRKBYuzZdL+QW50Sgm+fXP0ab8dEv+dHbd+KOBkVp+cvZ6eW6rg4ddbl+tzydt/T/10xqv8wLb0A66Dw1Yo179//C9TdoRYNP5/Yfdq6n/d3uyRcVfysDO5Pcfdq9O/f92fLbqvQu+M2D7q+rLsKut3v97P28T2L4G481Gunbbc8e7bYGdqPvvvzMD2MF63yQ/tOZ7/5cT1aHObw1HhycGDK+rip6JkQ51bUkiHVltYIHFiOhv5ZH1VJEPAbs/4aGwtgKHov2tgVhtq6TzcxwiotJ1q/RT6bk/lw/32/hLN5Kn9Qdl9ggwfybKRjebz5f7abHPw90l8Vu/zc/5PgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsKP8HgAA//87jdA6")
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000c80)=[{{&(0x7f0000000980)={0xa, 0x4e21, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}, 0xa}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000022c0)='t', 0x1}], 0x1}}], 0x1, 0x40800)
shutdown(r0, 0x1)
getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000002300)=""/4113, &(0x7f00000000c0)=0x1011)

1.552035836s ago: executing program 1 (id=4979):
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x4000, &(0x7f0000000040)={[{@test_dummy_encryption}, {@grpquota}]}, 0x2, 0xbcf, &(0x7f0000002080)="$eJzs3N1rXGUaAPDnnEymaZvdSZdl2e7NZlmWFpadJl1StmXBVireeCHordCQTkrI9IMkUpPmYqL/gKjXgjeCWhQv7HVvFL31xra3ihdCkdgoiGjkzEeSNjNpamd6Yvr7wZvzvuedmed55jBzzhtmJoDH1nD2J404GBFnkohSc38aEcV6byCi1rjdyvLixA/LixNJrK4+920SSUTcWV6caD1W0tzubw4GIuLzJ5P40yub487OL0yPV6uVmeb4yNz5S0dm5xf+M3V+/FzlXOXC6LH/jR0dOzZyfKxrtf745clr3//j6a9rP73789XvXn87iZMx2JzbWEe3DMfw2nOyUSEixrsdLCd9zXo21pkU7nOntMdJAQDQUbrhGu4vUYq+WL94K8XHX+SaHAAAANAVq30RqwAAAMAul9y1/h8I/w8AAACA3ab1OYA7y4sTrZbvJxIerdunImKoUf9KszVmClGrbweiPyL23Uli49dak8bdHtpwRHx16/gHWYsefQ95K7WliPhru+Of1Osfqn+Le3P9aUSMdCH+8D3j31P9J7sQP+/6AXg8XT/VOJFtPv+la9c/0eb8V2hz7vot8j7/ta7/VjZd/63X39fh+u/Zbca48s6blzvNZfX//9pT77daFj/bPlRRD+D2UsTfCu3qT9bqTzrUf2abMUq/XK50msu7/tW3Ig5F+/pbkq1/n+jI5FS1MtL42zbG0mdj73WKn3f92fHf16H+1u8/dTr+l7YZ44XTpz/ctPPWenfr+tNvisnz9V6xueel8bm5mdGIYvLM5v1Ht86ldZvWY2T1H/7n1q//dvVn7wm15vOQrQWWmtts/PI9MZ+4euWjTvm01n95Hv+zHY7/xvo/LWw+/q9uM8a/PnntcKe5jevfrGXxW2thAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhJI2IwkrS81k/Tcjlif0T8Ofal1Yuzc/+evPjihbPZXMRQ9KeTU9XKSESUGuMkG4/W++vjo/eM/xsRByLijdLe+rg8cbF6Nu/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWLM/IgYjScsRkUbESilNy+W8swIAAAC6bujuYTGvPAAAAIDeGco7AQAAAKDn2qz/b+SRBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvWgb9fv5lERO3E3nrLFJtz/blmBvRamncCQG768k4AyE0h7wSA3DzgGt/lAuxCyX3mBzrO7Ol6LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsXIcOXr+ZRETtxN56yxSbc/25Zgb0Wpp3AkBu+raaLDy6PIBHz0scHl/W+EByn/mB9dvU7p7Z07OcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANh5BustScsRUWzuK5cj/hARQ9GfTE5VKyMR8ceIuFHq35ONR9fuPZBb3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTX7PzC9Hi1WpnJOmk0O2t7dNY7SeMZq+2UfHQeslOMHZHGDu3k/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAeZucXpser1crMbN6ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmbnV+YHq9WKzM97ORdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+fk1AAD//6DVB2Y=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0xc801, 0x0, 0x0, 0x0, &(0x7f00000001c0))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f00000004c0)='./bus/file0\x00', 0x2)
renameat2(r0, &(0x7f0000000240)='./bus/file0\x00', r0, &(0x7f00000001c0)='./file0\x00', 0x2)

1.265105116s ago: executing program 3 (id=4980):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2843, 0x1ff)
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000680)='./file1\x00', 0x2000775)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000024c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x2)

1.246294865s ago: executing program 2 (id=4981):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xfff7e002, {0x0, 0x0, 0x0, r2, {0x0, 0x4}, {0xffff, 0xffff}, {0x6, 0xc}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000041}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000840)=@newtfilter={0x5c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x3}, {}, {0x4, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x30, 0x2, [@TCA_U32_CLASSID={0x8}, @TCA_U32_SEL={0x24, 0x5, {0xc, 0x6, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x1, 0x4000001, 0x206, 0x6}]}}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x94}, 0x24040084)

513.169159ms ago: executing program 7 (id=4982):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x8084)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth1_to_team\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001c0001fc28bd7000fcdbdf2507000000", @ANYRES32=r1, @ANYBLOB="8000260b0a0002000180c2"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20040010)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

292.42046ms ago: executing program 2 (id=4983):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000001440)={@val={0x8, 0x800}, @val={0x5, 0x0, 0x6, 0x0, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0x18, 0x66, 0x0, 0xb, 0x89, 0x0, @rand_addr=0x64010102, @broadcast}, "3297e3ba"}}, 0xfdef)

149.703951ms ago: executing program 3 (id=4984):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000240)={[{@fat=@umask={'umask', 0x3d, 0x7}}, {@fat=@usefree}, {@fat=@uid}, {@fat=@uid={'uid', 0x3d, 0xee00}}, {@dots}, {@fat=@check_strict}, {@fat=@nfs}, {@nodots}, {@dots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@fat=@debug}, {@fat=@debug}, {@nodots}, {@nodots}, {@dots}, {@fat=@flush}, {@dots}, {@dots}, {@dots}, {@fat=@showexec}, {@dots}, {@nodots}, {}]}, 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

0s ago: executing program 1 (id=4985):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWSETELEM={0x5c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x30, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2df31ab3}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0x4}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x50}, 0x4000000)

kernel console output (not intermixed with test programs):

1147.331288][T17635] EXT4-fs (loop4): Remounting filesystem read-only
[ 1147.358760][T17635] EXT4-fs warning (device loop4): ext4_rename_delete:3729: inode #2: comm syz.4.3793: Deleting old file: nlink 5, error=-117
[ 1147.700571][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1148.454651][ T5833] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[ 1148.609313][T17666] netlink: 'syz.2.3804': attribute type 2 has an invalid length.
[ 1148.673433][ T5833] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1148.730090][ T5833] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1148.739296][ T5833] usb 1-1: config 1 has no interface number 0
[ 1148.798028][ T5833] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1148.859991][ T5833] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[ 1148.910420][ T5833] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[ 1148.971384][ T5833] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1149.039947][ T5833] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1149.081796][ T5833] usb 1-1: Product: syz
[ 1149.100669][ T5833] usb 1-1: Manufacturer: syz
[ 1149.118455][ T5833] usb 1-1: SerialNumber: syz
[ 1149.171517][T17675] netlink: 'syz.1.3806': attribute type 1 has an invalid length.
[ 1149.181973][T17656] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1149.560983][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1149.709435][T17656] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1150.033061][T17679] loop5: detected capacity change from 0 to 4096
[ 1150.112849][T17679] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1150.160948][ T5833] cdc_ncm 1-1:1.1: bind() failure
[ 1150.176703][T17679] NILFS (loop5): mounting unchecked fs
[ 1150.376024][ T2139] usb 1-1: USB disconnect, device number 17
[ 1150.386872][T17679] NILFS (loop5): recovery complete
[ 1150.444866][T17692] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1150.456884][T15218] udevd[15218]: incorrect nilfs2 checksum on /dev/loop5
[ 1151.329583][T17704] batadv_slave_1: entered promiscuous mode
[ 1151.371013][T17703] batadv_slave_1: left promiscuous mode
[ 1151.961637][T17714] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3820'.
[ 1152.733746][T17726] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3823'.
[ 1154.260296][ T2139] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 1154.470080][ T2139] usb 1-1: Using ep0 maxpacket: 32
[ 1154.499959][ T2139] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 1154.509447][ T2139] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1154.627137][ T2139] usb 1-1: config 0 descriptor??
[ 1154.645525][   T29] audit: type=1326 audit(1776186988.510:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17752 comm="syz.5.3833" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f05f6c code=0x0
[ 1154.734104][ T2139] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 1154.850465][T17759] loop4: detected capacity change from 0 to 128
[ 1155.036130][T17759] syz.4.3835: attempt to access beyond end of device
[ 1155.036130][T17759] loop4: rw=2049, sector=138, nr_sectors = 2 limit=128
[ 1155.124287][T17762] syz.4.3835: attempt to access beyond end of device
[ 1155.124287][T17762] loop4: rw=2049, sector=138, nr_sectors = 2 limit=128
[ 1155.186640][T17762] syz.4.3835: attempt to access beyond end of device
[ 1155.186640][T17762] loop4: rw=2049, sector=138, nr_sectors = 8 limit=128
[ 1155.304370][T17762] syz.4.3835: attempt to access beyond end of device
[ 1155.304370][T17762] loop4: rw=2049, sector=144, nr_sectors = 2 limit=128
[ 1155.324312][T17762] buffer_io_error: 138 callbacks suppressed
[ 1155.324387][T17762] Buffer I/O error on dev loop4, logical block 72, lost async page write
[ 1155.419623][T17764] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3836'.
[ 1155.453060][T17762] syz.4.3835: attempt to access beyond end of device
[ 1155.453060][T17762] loop4: rw=2049, sector=146, nr_sectors = 8 limit=128
[ 1155.590196][T17762] syz.4.3835: attempt to access beyond end of device
[ 1155.590196][T17762] loop4: rw=2049, sector=152, nr_sectors = 2 limit=128
[ 1155.620341][T17762] Buffer I/O error on dev loop4, logical block 76, lost async page write
[ 1155.757144][T17762] syz.4.3835: attempt to access beyond end of device
[ 1155.757144][T17762] loop4: rw=2049, sector=170, nr_sectors = 8 limit=128
[ 1155.823247][ T2139] gspca_sunplus: reg_w_riv err -71
[ 1155.829165][ T2139] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[ 1155.880232][ T2139] usb 1-1: USB disconnect, device number 18
[ 1156.071168][T17772] loop1: detected capacity change from 0 to 64
[ 1156.725942][T17778] loop4: detected capacity change from 0 to 256
[ 1157.084487][T17778] FAT-fs (loop4): Directory bread(block 64) failed
[ 1157.121029][T17778] FAT-fs (loop4): Directory bread(block 65) failed
[ 1157.128261][ T5833] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[ 1157.201356][T17778] FAT-fs (loop4): Directory bread(block 66) failed
[ 1157.224563][T17778] FAT-fs (loop4): Directory bread(block 67) failed
[ 1157.251801][T17778] FAT-fs (loop4): Directory bread(block 68) failed
[ 1157.258543][T17778] FAT-fs (loop4): Directory bread(block 69) failed
[ 1157.301468][T17778] FAT-fs (loop4): Directory bread(block 70) failed
[ 1157.339981][ T5833] usb 3-1: Using ep0 maxpacket: 32
[ 1157.353034][ T5833] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1157.374556][T17778] FAT-fs (loop4): Directory bread(block 71) failed
[ 1157.408628][ T5833] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1157.424540][T17778] FAT-fs (loop4): Directory bread(block 72) failed
[ 1157.453563][T17778] FAT-fs (loop4): Directory bread(block 73) failed
[ 1157.462019][ T5833] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1157.483657][ T5833] usb 3-1: config 1 has no interface number 0
[ 1157.535743][ T5833] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1157.578409][ T5833] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1157.635388][ T5833] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1157.691555][ T5833] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1157.798842][ T5833] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[ 1158.025995][ T5833] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached
[ 1158.220141][ T2139] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[ 1158.420129][ T2139] usb 6-1: Using ep0 maxpacket: 16
[ 1158.463479][ T2139] usb 6-1: config 128 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1158.538000][ T2139] usb 6-1: config 128 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1158.602865][ T2139] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1158.647983][ T2139] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1158.723634][ T5833] usb 3-1: USB disconnect, device number 23
[ 1158.754093][ T5833] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[ 1158.802844][T15218] udevd[15218]: inotify_add_watch(7, /dev/loop1, 10) failed: No such file or directory
[ 1159.311822][ T2139] mcp2221 0003:04D8:00DD.001F: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[ 1159.576750][ T2139] usb 6-1: USB disconnect, device number 34
[ 1159.664024][T17807] loop4: detected capacity change from 0 to 512
[ 1159.752256][T17807] EXT4-fs: Ignoring removed bh option
[ 1159.840520][T17807] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[ 1159.869298][T17807] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 1024: comm syz.4.3849: invalid block
[ 1159.946417][T17807] loop4: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[ 1159.949897][    C0] EXT4-fs (loop4): error count since last fsck: 1
[ 1159.965934][    C0] EXT4-fs (loop4): initial error at time 1776186993: ext4_get_branch:178: inode 13: block 1024
[ 1159.976877][    C0] EXT4-fs (loop4): last error at time 1776186993: ext4_get_branch:178: inode 13: block 1024
[ 1160.044919][T17807] EXT4-fs (loop4): 1 truncate cleaned up
[ 1160.072151][T17807] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1160.235138][T17807] EXT4-fs (loop4): shut down requested (0)
[ 1160.708652][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1162.108762][T17847] syzkaller1: entered promiscuous mode
[ 1162.125817][T17847] syzkaller1: entered allmulticast mode
[ 1162.775454][T17857] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3863'.
[ 1163.016566][T17859] loop4: detected capacity change from 0 to 256
[ 1163.154192][T17859] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x726cdf83, utbl_chksum : 0xe619d30d)
[ 1163.369116][T17868] exFAT-fs (loop4): start_clu is invalid cluster(0xffffffff)
[ 1164.802127][T17888] syzkaller1: entered promiscuous mode
[ 1164.818815][T17888] syzkaller1: entered allmulticast mode
[ 1166.200837][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1166.407642][T17912] loop5: detected capacity change from 0 to 128
[ 1166.705288][T17912] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1166.932481][T17912] ext4 filesystem being mounted at /193/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1167.381038][ T2139] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 1167.556142][ T2139] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1167.594663][ T2139] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1167.678160][ T2139] usb 1-1: config 0 descriptor??
[ 1167.761175][ T2139] cp210x 1-1:0.0: cp210x converter detected
[ 1167.894388][T17932] loop4: detected capacity change from 0 to 2048
[ 1168.067450][T17932] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1168.091776][T14548] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1168.202950][ T2139] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 1168.501943][ T2139] usb 1-1: cp210x converter now attached to ttyUSB0
[ 1168.658184][ T2139] usb 1-1: USB disconnect, device number 19
[ 1168.722418][ T2139] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1168.775615][ T2139] cp210x 1-1:0.0: device disconnected
[ 1168.935075][T17943] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1168.944364][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1169.809378][T17953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1169.861330][T17953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1169.900585][T17953] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1169.946381][T17952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1169.976766][T17952] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1170.387345][T17964] input: syz0 as /devices/virtual/input/input45
[ 1170.739562][T17968] loop4: detected capacity change from 0 to 512
[ 1170.767702][T17968] EXT4-fs: Ignoring removed oldalloc option
[ 1170.991572][T17968] EXT4-fs (loop4): 1 truncate cleaned up
[ 1171.061387][T17968] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1171.256471][T17968] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.3901: invalid indirect mapped block 234881024 (level 0)
[ 1171.344335][T17968] EXT4-fs (loop4): Remounting filesystem read-only
[ 1171.747215][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1173.168206][T18001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3910'.
[ 1173.218134][T18001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3910'.
[ 1173.287515][T18006] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3910'.
[ 1173.360918][T18006] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3910'.
[ 1175.792134][T18045] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3924'.
[ 1178.915345][T18082] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1180.785088][T18119] loop4: detected capacity change from 0 to 256
[ 1181.139364][T18119] FAT-fs (loop4): Directory bread(block 64) failed
[ 1181.190005][T18119] FAT-fs (loop4): Directory bread(block 65) failed
[ 1181.196929][T18119] FAT-fs (loop4): Directory bread(block 66) failed
[ 1181.255314][T18119] FAT-fs (loop4): Directory bread(block 67) failed
[ 1181.290232][T18119] FAT-fs (loop4): Directory bread(block 68) failed
[ 1181.298881][T18119] FAT-fs (loop4): Directory bread(block 69) failed
[ 1181.314822][T18119] FAT-fs (loop4): Directory bread(block 70) failed
[ 1181.322897][T18119] FAT-fs (loop4): Directory bread(block 71) failed
[ 1181.330726][T18119] FAT-fs (loop4): Directory bread(block 72) failed
[ 1181.337439][T18119] FAT-fs (loop4): Directory bread(block 73) failed
[ 1182.517832][T18137] loop5: detected capacity change from 0 to 256
[ 1182.742611][T18137] vfat: Bad value for 'shortname'
[ 1185.914187][T18195] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1186.063624][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1186.070498][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1186.790993][T18207] Bluetooth: MGMT ver 1.23
[ 1186.827029][T18207] Bluetooth: hci2: invalid length 1, exp 2 for type 6
[ 1187.484122][T18216] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1187.535717][T18216] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1187.566698][T18216] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1187.592849][T18219] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1188.504921][T18234] netlink: 'syz.4.3986': attribute type 2 has an invalid length.
[ 1188.579484][T18234] netlink: 'syz.4.3986': attribute type 8 has an invalid length.
[ 1188.660940][T18234] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3986'.
[ 1188.679107][T18237] netlink: 'syz.4.3986': attribute type 2 has an invalid length.
[ 1188.727598][T18237] netlink: 'syz.4.3986': attribute type 8 has an invalid length.
[ 1188.780404][T18237] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3986'.
[ 1189.210540][ T2139] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[ 1189.486991][ T2139] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1189.535074][ T2139] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1189.600488][ T2139] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1189.656223][ T2139] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1189.705738][ T2139] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1189.772990][ T2139] usb 6-1: config 0 descriptor??
[ 1190.476903][ T2139] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1192.483870][ T2139] usb 6-1: USB disconnect, device number 35
[ 1192.523796][T16140] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1192.711415][T16140] usb 5-1: Using ep0 maxpacket: 8
[ 1192.741573][T16140] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1192.777345][T16140] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1192.795166][T16140] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1192.862821][T16140] usb 5-1: config 0 descriptor??
[ 1193.164822][T16140] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1193.290351][  T793] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1193.389462][T16140] usb 5-1: USB disconnect, device number 23
[ 1193.481209][  T793] usb 1-1: Using ep0 maxpacket: 32
[ 1193.520160][T18289] loop5: detected capacity change from 0 to 8
[ 1193.550167][  T793] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1193.610700][  T793] usb 1-1: config 0 has no interface number 0
[ 1193.671812][  T793] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1193.710082][  T793] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1193.718405][  T793] usb 1-1: Product: syz
[ 1193.763492][  T793] usb 1-1: Manufacturer: syz
[ 1193.768328][  T793] usb 1-1: SerialNumber: syz
[ 1193.821280][  T793] usb 1-1: config 0 descriptor??
[ 1194.721437][  T793] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[ 1194.930665][  T793] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1194.988791][  T793] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[ 1195.071401][  T793] usb 1-1: USB disconnect, device number 20
[ 1195.584976][T18315] loop4: detected capacity change from 0 to 512
[ 1195.885922][T18315] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1196.001899][T18315] ext4 filesystem being mounted at /208/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1196.503237][   T29] audit: type=1800 audit(1776187030.380:154): pid=18315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4012" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1196.883360][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1197.586752][T18341] loop4: detected capacity change from 0 to 1024
[ 1197.686128][T18341] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1197.752283][T18341] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1197.830206][T16140] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 1198.011970][T16140] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1198.056774][T16140] usb 1-1: config 0 has no interfaces?
[ 1198.107341][T16140] usb 1-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[ 1198.137194][T16140] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1198.192271][T16140] usb 1-1: Product: syz
[ 1198.208979][T16140] usb 1-1: Manufacturer: syz
[ 1198.271210][T16140] usb 1-1: SerialNumber: syz
[ 1198.293436][T16140] usb 1-1: config 0 descriptor??
[ 1198.446195][ T5878] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:9: bg 0: block 112: padding at end of block bitmap is not set
[ 1198.519153][ T5878] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[ 1198.537054][ T5878] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1198.537054][ T5878] 
[ 1198.580054][ T5878] EXT4-fs (loop4): Total free blocks count 0
[ 1198.618132][ T5878] EXT4-fs (loop4): Free/Dirty block details
[ 1198.647348][ T5878] EXT4-fs (loop4): free_blocks=0
[ 1198.664411][ T5878] EXT4-fs (loop4): dirty_blocks=64
[ 1198.699554][ T5878] EXT4-fs (loop4): Block reservation details
[ 1198.740159][ T5878] EXT4-fs (loop4): i_reserved_data_blocks=4
[ 1198.778747][T14712] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[ 1198.880224][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1198.986933][T16140] usb 1-1: USB disconnect, device number 21
[ 1199.481405][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1200.652093][T18382] loop4: detected capacity change from 0 to 512
[ 1200.961963][T18382] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1201.745113][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1201.933214][T18403] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4034'.
[ 1202.990322][T18421] trusted_key: syz.4.4041 sent an empty control message without MSG_MORE.
[ 1203.972922][T16140] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[ 1204.215587][T16140] usb 6-1: Using ep0 maxpacket: 32
[ 1204.252242][T16140] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[ 1204.285905][T16140] usb 6-1: config 0 has no interface number 0
[ 1204.347748][T16140] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1204.393067][T16140] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1204.412744][T16140] usb 6-1: Product: syz
[ 1204.429542][T16140] usb 6-1: Manufacturer: syz
[ 1204.436232][T16140] usb 6-1: SerialNumber: syz
[ 1204.500624][T16140] usb 6-1: config 0 descriptor??
[ 1204.563935][T16140] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1204.959273][T16140] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1205.065193][T16140] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1205.154508][T18433] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1205.310735][T18433] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1205.573356][T18452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4052'.
[ 1205.642986][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1205.648231][  T793] usb 6-1: USB disconnect, device number 36
[ 1205.762981][  T793] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1205.862122][  T793] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1205.948257][  T793] quatech2 6-1:0.51: device disconnected
[ 1206.500367][T16140] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[ 1206.754342][T16140] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[ 1206.776060][T16140] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1206.823210][T16140] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1206.873139][T16140] usb 3-1: config 220 has no interface number 2
[ 1206.921508][T16140] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1206.948870][   T29] audit: type=1326 audit(1776187040.810:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18467 comm="syz.4.4058" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f17f6c code=0x0
[ 1207.031158][T16140] usb 3-1: config 220 interface 0 has no altsetting 0
[ 1207.038156][T16140] usb 3-1: config 220 interface 76 has no altsetting 0
[ 1207.080134][T16140] usb 3-1: config 220 interface 1 has no altsetting 0
[ 1207.127780][T16140] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1207.162189][T16140] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1207.198636][T16140] usb 3-1: Product: syz
[ 1207.214085][T18472] Context (ID=0x0) not attached to queue pair (handle=0x4d5:0x80)
[ 1207.250229][T16140] usb 3-1: Manufacturer: syz
[ 1207.255042][T16140] usb 3-1: SerialNumber: syz
[ 1207.592621][T16140] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1207.634226][T16140] uvcvideo 3-1:220.0: No valid video chain found.
[ 1207.689589][T16140] usb 3-1: selecting invalid altsetting 0
[ 1207.826474][T16140] usb 3-1: selecting invalid altsetting 0
[ 1207.858044][T16140] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[ 1207.960132][T16140] usb 3-1: USB disconnect, device number 24
[ 1208.549931][T16140] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1208.755620][T16140] usb 5-1: Using ep0 maxpacket: 8
[ 1208.781665][T16140] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1208.841677][T16140] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1208.864237][T16140] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1208.932891][T16140] usb 5-1: config 0 descriptor??
[ 1208.960433][ T2139] IPVS: starting estimator thread 0...
[ 1208.960538][T18490] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 1209.060766][T18492] IPVS: using max 240 ests per chain, 12000 per kthread
[ 1209.198096][T16140] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1209.355530][   T29] audit: type=1326 audit(1776187043.230:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18497 comm="syz.0.4068" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6f6c code=0x7ffc0000
[ 1209.491387][   T29] audit: type=1326 audit(1776187043.230:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18497 comm="syz.0.4068" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6f6c code=0x7ffc0000
[ 1209.620401][   T29] audit: type=1326 audit(1776187043.230:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18497 comm="syz.0.4068" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6f6c code=0x7ffc0000
[ 1209.686678][  T793] usb 5-1: USB disconnect, device number 24
[ 1209.740967][   T29] audit: type=1326 audit(1776187043.250:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18497 comm="syz.0.4068" exe="/root/syz-executor" sig=0 arch=40000003 syscall=353 compat=1 ip=0xf7fb6f6c code=0x7ffc0000
[ 1209.870213][   T29] audit: type=1326 audit(1776187043.250:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18497 comm="syz.0.4068" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6f6c code=0x7ffc0000
[ 1209.989350][   T29] audit: type=1326 audit(1776187043.250:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18497 comm="syz.0.4068" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7fb6f6c code=0x7ffc0000
[ 1210.091345][   T29] audit: type=1326 audit(1776187043.270:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18497 comm="syz.0.4068" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6f6c code=0x7ffc0000
[ 1210.263476][   T29] audit: type=1326 audit(1776187043.250:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18497 comm="syz.0.4068" exe="/root/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7fb6f6c code=0x7ffc0000
[ 1212.738621][T18549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4084'.
[ 1214.268319][T18573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4091'.
[ 1214.315037][T18573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4091'.
[ 1214.349518][T18573] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4091'.
[ 1214.373208][T18573] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4091'.
[ 1215.321178][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1215.541184][T16140] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 1215.740174][T16140] usb 1-1: Using ep0 maxpacket: 32
[ 1215.764930][T16140] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1215.795864][T16140] usb 1-1: config 0 has no interface number 0
[ 1215.825551][T16140] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1215.840876][T16140] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1215.853022][T16140] usb 1-1: Product: syz
[ 1215.857512][T16140] usb 1-1: Manufacturer: syz
[ 1215.870043][T16140] usb 1-1: SerialNumber: syz
[ 1215.888931][T16140] usb 1-1: config 0 descriptor??
[ 1216.241228][T18594] loop5: detected capacity change from 0 to 2048
[ 1217.042361][T18594] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1217.065787][T16140] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[ 1217.146418][T16140] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1217.210530][T16140] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1217.248673][T18594] EXT4-fs (loop5): shut down requested (2)
[ 1217.258369][T16140] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[ 1217.339221][T16140] usb 1-1: USB disconnect, device number 22
[ 1217.405458][T15233] udevd[15233]: setting mode of /dev/bus/usb/001/022 to 020664 failed: No such file or directory
[ 1217.448502][T15233] udevd[15233]: setting owner of /dev/bus/usb/001/022 to uid=0, gid=0 failed: No such file or directory
[ 1217.826127][T14548] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1218.916773][T18631] blk_print_req_error: 138 callbacks suppressed
[ 1218.916866][T18631] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1219.040226][T18631] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1219.102495][T18631] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1219.117973][T18631] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1219.150570][T18631] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1219.194334][T18631] Buffer I/O error on dev nbd0, logical block 2, async page read
[ 1219.215073][T18631] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1219.260115][T18631] Buffer I/O error on dev nbd0, logical block 3, async page read
[ 1219.302891][T18631] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1219.320131][T18631] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1219.380482][T18631] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1219.417325][T18631] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1219.454616][T18631] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1219.498301][T18631] Buffer I/O error on dev nbd0, logical block 2, async page read
[ 1219.530507][T18631] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1219.545175][    C1] hrtimer: interrupt took 378270 ns
[ 1219.560156][T18631] Buffer I/O error on dev nbd0, logical block 3, async page read
[ 1219.568286][T18631] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1219.619060][T18631] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1219.648761][T18631] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1219.675246][T18631] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1219.731888][T18631] ldm_validate_partition_table(): Disk read failed.
[ 1219.773332][T18631] Dev nbd0: unable to read RDB block 0
[ 1219.836990][T18631]  nbd0: unable to read partition table
[ 1224.840957][T18718] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4136'.
[ 1224.882661][T18718] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4136'.
[ 1225.957560][T18736] loop4: detected capacity change from 0 to 128
[ 1226.068817][T18736] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1226.160039][T18736] hpfs: filesystem error: improperly stopped
[ 1226.166277][T18736] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1226.257496][T18736] hpfs: You really don't want any checks? You are crazy...
[ 1226.280878][T18736] hpfs: Code page index out of array
[ 1226.320327][T18736] hpfs: code page support is disabled
[ 1226.326117][T18736] hpfs: hpfs_map_4sectors(): unaligned read
[ 1226.352320][T18736] hpfs: hpfs_map_4sectors(): unaligned read
[ 1226.358413][T18736] hpfs: filesystem error: unable to find root dir
[ 1226.957467][T18750] genirq: Flags mismatch irq 2. 00200000 (pcl816) vs. 00200000 (pcl812)
[ 1227.939603][T18760] input: syz1 as /devices/virtual/input/input46
[ 1229.272144][T18778] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1229.311829][T18778] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1229.357118][T18778] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1229.380140][  T793] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1229.447429][T18782] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1229.484687][T18782] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1229.494729][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1229.538514][T18782] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1229.593266][  T793] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1229.602326][T18777] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1229.660098][  T793] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1229.712698][  T793] usb 5-1: config 0 descriptor??
[ 1229.792133][  T793] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1230.124065][T18789] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4159'.
[ 1230.160566][T18789] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4159'.
[ 1230.690381][  T793] gspca_stv06xx: I2C: Read error writing address: -71
[ 1230.736252][  T793] usb 5-1: USB disconnect, device number 25
[ 1231.766118][T18800] loop5: detected capacity change from 0 to 4096
[ 1231.851153][T18800] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[ 1232.045386][ T2139] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 1232.261638][ T2139] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD4, changing to 0x84
[ 1232.332055][ T2139] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 51544, setting to 1024
[ 1232.411712][ T2139] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024
[ 1232.458940][ T2139] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1232.498241][ T2139] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1232.534198][ T2139] usb 5-1: Product: syz
[ 1232.557363][ T2139] usb 5-1: Manufacturer: syz
[ 1232.573438][ T2139] usb 5-1: SerialNumber: syz
[ 1232.638041][ T2139] usb 5-1: config 0 descriptor??
[ 1232.681487][T18811] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1232.956760][T18811] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1233.572325][ T2139] usb 5-1: USB disconnect, device number 26
[ 1233.681285][T18828] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4173'.
[ 1233.798127][T16339] udevd[16339]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1233.823749][T18832] loop5: detected capacity change from 0 to 64
[ 1234.130025][T18835] gre0: entered promiscuous mode
[ 1234.135171][T18835] gre0: entered allmulticast mode
[ 1234.844653][T14548] hfs: request for non-existent node 131072 in B*Tree
[ 1235.310900][T18850] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4180'.
[ 1237.101143][T18873] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4184'.
[ 1237.963871][T18882] loop5: detected capacity change from 0 to 128
[ 1239.087355][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1239.495164][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1239.701520][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1240.451594][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1241.010913][   T13] bridge_slave_1: left allmulticast mode
[ 1241.016970][   T13] bridge_slave_1: left promiscuous mode
[ 1241.062920][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1241.100338][   T13] bridge_slave_0: left allmulticast mode
[ 1241.106359][   T13] bridge_slave_0: left promiscuous mode
[ 1241.131174][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1242.127473][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1242.291741][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1242.356779][   T13] bond0 (unregistering): Released all slaves
[ 1242.965694][T18931] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4205'.
[ 1243.053535][T18931] bond0: Unable to set up delay as MII monitoring is disabled
[ 1243.363356][T18935] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1243.373767][T18935] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1243.382966][T18935] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1243.397411][T18935] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1243.409058][T18935] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1243.724014][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1243.753396][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1243.812896][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1243.840064][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1243.966420][   T13] veth1_macvtap: left promiscuous mode
[ 1243.983740][   T13] veth0_macvtap: left promiscuous mode
[ 1244.010901][   T13] veth1_vlan: left promiscuous mode
[ 1244.018938][   T13] veth0_vlan: left promiscuous mode
[ 1244.440890][T18935] Bluetooth: hci2: command 0x0406 tx timeout
[ 1245.480429][ T5070] Bluetooth: hci0: command tx timeout
[ 1245.616372][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1245.771918][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1246.397117][T16140] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[ 1246.643197][T16140] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1246.710455][T16140] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1246.782263][T16140] usb 6-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00
[ 1246.841779][T16140] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1246.942540][T16140] usb 6-1: config 0 descriptor??
[ 1247.527215][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1247.548215][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1247.566755][ T5070] Bluetooth: hci0: command tx timeout
[ 1247.689213][T16140] razer 0003:1532:010E.0021: unknown main item tag 0x5
[ 1247.832999][   T13] IPVS: stop unused estimator thread 0...
[ 1248.001024][T16140] razer 0003:1532:010E.0021: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.5-1/input0
[ 1248.236539][T16140] usb 6-1: USB disconnect, device number 37
[ 1248.585717][T18991] fido_id[18991]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 1248.910737][T18934] chnl_net:caif_netlink_parms(): no params data found
[ 1249.645919][ T5070] Bluetooth: hci0: command tx timeout
[ 1250.470098][T18934] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1250.501092][T18934] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1250.524399][T18934] bridge_slave_0: entered allmulticast mode
[ 1250.549522][T18934] bridge_slave_0: entered promiscuous mode
[ 1250.634859][T18934] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1250.655050][T18934] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1250.686442][T18934] bridge_slave_1: entered allmulticast mode
[ 1250.720310][T18934] bridge_slave_1: entered promiscuous mode
[ 1251.080952][T18934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1251.156910][T18934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1251.482182][T18934] team0: Port device team_slave_0 added
[ 1251.519496][T18934] team0: Port device team_slave_1 added
[ 1251.730071][ T5070] Bluetooth: hci0: command tx timeout
[ 1252.024742][T18934] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1252.071385][T18934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1252.194423][T18934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1252.223071][T18934] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1252.232358][T18934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1252.268635][T18934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1252.709261][T18934] hsr_slave_0: entered promiscuous mode
[ 1252.744018][T18934] hsr_slave_1: entered promiscuous mode
[ 1252.776051][T18934] debugfs: 'hsr0' already exists in 'hsr'
[ 1252.799944][T18934] Cannot create hsr debugfs directory
[ 1252.873705][T19050] loop5: detected capacity change from 0 to 256
[ 1252.933850][T19050] exfat: Deprecated parameter 'utf8'
[ 1253.135043][T19050] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d)
[ 1254.925779][T19072] loop5: detected capacity change from 0 to 1024
[ 1255.023825][T19072] EXT4-fs: Ignoring removed orlov option
[ 1255.444687][T19072] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1255.911765][T18934] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1256.013674][T18934] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1256.192493][T18934] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1256.305631][T18934] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1256.342987][T14548] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1257.388683][T19112] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4241'.
[ 1257.452560][T19112] bond0: invalid ARP target 0.0.0.0 specified for addition
[ 1257.500382][T19112] bond0: option arp_ip_target: invalid value (0)
[ 1257.994912][T18934] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1258.128423][T18934] 8021q: adding VLAN 0 to HW filter on device team0
[ 1258.283213][ T5878] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1258.291027][ T5878] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1258.396020][ T5878] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1258.403598][ T5878] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1258.768742][T19132] block nbd5: shutting down sockets
[ 1260.794831][T18934] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1261.610205][ T5827] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[ 1261.803160][ T5827] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1261.838104][ T5827] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1261.882423][ T5827] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1261.910275][ T5827] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1261.940152][ T5827] usb 5-1: Product: syz
[ 1261.944528][ T5827] usb 5-1: SerialNumber: syz
[ 1262.219987][ T2139] usb 6-1: new full-speed USB device number 38 using dummy_hcd
[ 1262.446152][ T2139] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1262.516269][ T2139] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1262.570242][ T2139] usb 6-1: New USB device found, idVendor=04b4, idProduct=de64, bcdDevice= 0.00
[ 1262.579532][ T2139] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1262.651615][ T2139] usb 6-1: config 0 descriptor??
[ 1262.841316][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1263.080254][ T5070] Bluetooth: hci3: command 0x0406 tx timeout
[ 1263.094801][ T5827] cdc_ncm 5-1:1.0: bind() failure
[ 1263.134900][T18934] veth0_vlan: entered promiscuous mode
[ 1263.155482][ T2139] cypress 0003:04B4:DE64.0022: unknown main item tag 0x2
[ 1263.235904][ T5827] cdc_ncm 5-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1263.239398][ T2139] cypress 0003:04B4:DE64.0022: hidraw0: USB HID vff.ff Device [HID 04b4:de64] on usb-dummy_hcd.5-1/input0
[ 1263.280303][ T5827] cdc_mbim 5-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1263.296668][T18934] veth1_vlan: entered promiscuous mode
[ 1263.341240][ T5827] usbtest 5-1:1.1: probe with driver usbtest failed with error -71
[ 1263.407523][ T5827] usb 5-1: USB disconnect, device number 27
[ 1263.492029][ T2139] usb 6-1: USB disconnect, device number 38
[ 1263.898857][T18934] veth0_macvtap: entered promiscuous mode
[ 1264.008153][T18934] veth1_macvtap: entered promiscuous mode
[ 1264.184957][T19190] fido_id[19190]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 1264.364852][T18934] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1264.558484][T18934] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1264.658348][ T5878] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1264.700707][   T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1264.750191][   T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1264.759194][   T13] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1265.168937][T18935] Bluetooth: hci3: command 0x0406 tx timeout
[ 1265.418580][T19209] team_slave_0: entered promiscuous mode
[ 1265.424711][T19209] team_slave_1: entered promiscuous mode
[ 1265.480293][T19211] loop5: detected capacity change from 0 to 128
[ 1265.496533][T19209] 8021q: adding VLAN 0 to HW filter on device macvtap1
[ 1265.544998][T19211] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1265.619146][T19209] team0: Device macvtap1 is already an upper device of the team interface
[ 1265.676774][T19211] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1265.690208][T19209] team_slave_0: left promiscuous mode
[ 1265.695834][T19209] team_slave_1: left promiscuous mode
[ 1266.431579][   T12] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1267.612740][T19237] loop5: detected capacity change from 0 to 1024
[ 1267.818327][T19237] hfsplus: failed to load extents file
[ 1268.002004][T19246] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.4274'.
[ 1269.153270][   T29] audit: type=1326 audit(1776187103.030:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19257 comm="syz.4.4278" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f17f6c code=0x0
[ 1269.520103][ T2139] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[ 1269.690287][ T2139] usb 6-1: Using ep0 maxpacket: 8
[ 1269.731318][ T2139] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1269.774530][ T2139] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1269.807015][T19270] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4281'.
[ 1269.838812][ T2139] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1269.868604][ T2139] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1269.930664][ T2139] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1269.990211][ T2139] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1269.999502][ T2139] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.506455][ T2139] usb 6-1: usb_control_msg returned -32
[ 1270.530113][ T2139] usbtmc 6-1:16.0: can't read capabilities
[ 1270.780846][ T2139] usb 6-1: USB disconnect, device number 39
[ 1271.318151][T19289] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1271.371520][T19289] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1271.416732][T19289] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1271.659198][T19296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1271.683732][T19296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1271.703110][T19296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1271.712008][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1271.810020][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1271.819483][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1272.010567][T19300] loop4: detected capacity change from 0 to 16
[ 1272.060978][ T9551] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1272.071754][T19300] erofs (device loop4): mounted with root inode @ nid 36.
[ 1272.094961][ T9551] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1272.106391][T19296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1272.193686][T19300] syz.4.4288: attempt to access beyond end of device
[ 1272.193686][T19300] loop4: rw=524288, sector=36, nr_sectors = 1 limit=16
[ 1272.291496][T19300] syz.4.4288: attempt to access beyond end of device
[ 1272.291496][T19300] loop4: rw=524288, sector=131156, nr_sectors = 1 limit=16
[ 1272.340717][T19300] syz.4.4288: attempt to access beyond end of device
[ 1272.340717][T19300] loop4: rw=524288, sector=36, nr_sectors = 1 limit=16
[ 1272.414832][ T5878] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1272.424170][T19300] syz.4.4288: attempt to access beyond end of device
[ 1272.424170][T19300] loop4: rw=524288, sector=131157, nr_sectors = 1 limit=16
[ 1272.424354][T19300] syz.4.4288: attempt to access beyond end of device
[ 1272.424354][T19300] loop4: rw=524288, sector=41, nr_sectors = 1 limit=16
[ 1272.424682][T19300] syz.4.4288: attempt to access beyond end of device
[ 1272.424682][T19300] loop4: rw=524288, sector=65623, nr_sectors = 1 limit=16
[ 1272.424855][T19300] syz.4.4288: attempt to access beyond end of device
[ 1272.424855][T19300] loop4: rw=524288, sector=46, nr_sectors = 1 limit=16
[ 1272.425096][T19300] syz.4.4288: attempt to access beyond end of device
[ 1272.425096][T19300] loop4: rw=524288, sector=131168, nr_sectors = 1 limit=16
[ 1272.425262][T19300] syz.4.4288: attempt to access beyond end of device
[ 1272.425262][T19300] loop4: rw=524288, sector=86, nr_sectors = 1 limit=16
[ 1272.425501][T19300] syz.4.4288: attempt to access beyond end of device
[ 1272.425501][T19300] loop4: rw=524288, sector=65637, nr_sectors = 1 limit=16
[ 1272.625711][T19304] erofs (device loop4): failed to readdir of logical block 0 of nid 36
[ 1272.645141][T19300] erofs (device loop4): failed to readdir of logical block 0 of nid 36
[ 1272.860015][ T5878] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1273.780261][   T30] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[ 1274.013571][   T30] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 57678, setting to 1024
[ 1274.050169][   T30] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1274.110270][   T30] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1274.205802][   T30] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[ 1274.236516][   T30] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[ 1274.279894][   T30] usb 5-1: Product: syz
[ 1274.284267][   T30] usb 5-1: Manufacturer: syz
[ 1274.289035][   T30] usb 5-1: SerialNumber: syz
[ 1274.311090][ T5825] usb 6-1: new full-speed USB device number 40 using dummy_hcd
[ 1274.405001][T19317] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1274.494103][T19316] loop4: detected capacity change from 0 to 8192
[ 1274.559051][ T5825] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1274.589384][T19316]  loop4: p1 < > p2 < > p3 p4 < >
[ 1274.640590][T19316] loop4: partition table partially beyond EOD, truncated
[ 1274.648828][T19316] loop4: p1 start 67108864 is beyond EOD, truncated
[ 1274.686789][ T5825] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1274.736853][ T5825] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1274.763483][T19316] loop4: p3 start 100859904 is beyond EOD, truncated
[ 1274.790066][ T5825] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1274.814025][   T30] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 28 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1274.843121][ T5825] usb 6-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[ 1274.878424][ T5825] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1274.921629][ T5825] usb 6-1: config 0 descriptor??
[ 1275.076707][   T30] usb 5-1: USB disconnect, device number 28
[ 1275.161696][   T30] usblp0: removed
[ 1275.400136][ T5825] usbhid 6-1:0.0: can't add hid device: -71
[ 1275.423415][ T5825] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1275.521031][ T5825] usb 6-1: USB disconnect, device number 40
[ 1276.043903][ T5825] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[ 1276.234201][ T5825] usb 6-1: Using ep0 maxpacket: 32
[ 1276.279495][ T5825] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1276.359377][ T5825] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1276.394194][ T5825] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1276.487121][ T5825] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1276.540668][ T5825] usb 6-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[ 1276.575863][ T5825] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1276.692133][ T5825] usb 6-1: config 0 descriptor??
[ 1276.692305][T19347] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1277.397829][T15233] udevd[15233]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[ 1277.440921][T15218] udevd[15218]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[ 1277.760119][ T5825] usbhid 6-1:0.0: can't add hid device: -71
[ 1277.766717][ T5825] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1277.870015][ T5825] usb 6-1: USB disconnect, device number 41
[ 1279.552708][T19387] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[ 1279.581344][ T9558] IPVS: starting estimator thread 0...
[ 1279.720336][T19392] IPVS: using max 240 ests per chain, 12000 per kthread
[ 1283.150181][ T5878] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1283.527220][ T5878] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1283.801958][ T5878] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1284.002711][ T5878] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1284.395346][T19456] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1284.936538][ T5878] bridge_slave_1: left allmulticast mode
[ 1284.960340][ T5878] bridge_slave_1: left promiscuous mode
[ 1284.966861][ T5878] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1285.060176][ T5878] bridge_slave_0: left allmulticast mode
[ 1285.066146][ T5878] bridge_slave_0: left promiscuous mode
[ 1285.088321][ T5878] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1286.699616][T18935] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1286.709571][T18935] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1286.727413][T18935] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1286.761453][T18935] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1286.771600][ T5878] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1286.799951][T18935] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1286.949502][ T5878] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1287.047717][ T5878] bond0 (unregistering): Released all slaves
[ 1287.996907][T19503] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1288.779569][T19506] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1288.919978][T18935] Bluetooth: hci0: command tx timeout
[ 1288.996736][ T5878] hsr_slave_0: left promiscuous mode
[ 1289.066150][ T5878] hsr_slave_1: left promiscuous mode
[ 1289.093239][ T5878] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1289.129890][ T5878] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1289.185437][ T5878] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1289.250649][ T5878] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1289.444274][ T5878] veth1_macvtap: left promiscuous mode
[ 1289.460405][ T5878] veth0_macvtap: left promiscuous mode
[ 1289.466397][ T5878] veth1_vlan: left promiscuous mode
[ 1289.490236][ T5878] veth0_vlan: left promiscuous mode
[ 1289.715484][T19518] loop4: detected capacity change from 0 to 256
[ 1289.786881][T19518] exfat: Bad value for 'gid'
[ 1289.820357][T19518] exfat: Bad value for 'gid'
[ 1291.020670][T18935] Bluetooth: hci0: command tx timeout
[ 1291.323825][T19538] overlay: Unexpected value for 'default_permissions'
[ 1293.060321][ T5878] team0 (unregistering): Port device team_slave_1 removed
[ 1293.080456][T18935] Bluetooth: hci0: command tx timeout
[ 1293.130029][   T30] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[ 1293.247789][ T5878] team0 (unregistering): Port device team_slave_0 removed
[ 1293.342111][   T30] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1293.367384][   T30] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1293.399418][   T30] usb 3-1: Product: syz
[ 1293.407105][   T30] usb 3-1: Manufacturer: syz
[ 1293.430128][   T30] usb 3-1: SerialNumber: syz
[ 1293.442900][   T30] usb 3-1: config 0 descriptor??
[ 1293.901930][   T30] usb 3-1: Firmware: major: 12, minor: 178, hardware type: ATUSB (1)
[ 1294.109990][   T30] usb 3-1: failed to fetch extended address, random address set
[ 1294.320938][   T30] usb 3-1: USB disconnect, device number 25
[ 1294.882746][T19483] chnl_net:caif_netlink_parms(): no params data found
[ 1295.160818][T18935] Bluetooth: hci0: command tx timeout
[ 1295.801047][T19563] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1296.318374][T19571] loop4: detected capacity change from 0 to 4096
[ 1296.775577][T19483] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1296.814538][T19483] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1296.842892][T19483] bridge_slave_0: entered allmulticast mode
[ 1296.868207][T19483] bridge_slave_0: entered promiscuous mode
[ 1296.975082][T19483] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1297.050864][T19483] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1297.059639][T19483] bridge_slave_1: entered allmulticast mode
[ 1297.121748][T19483] bridge_slave_1: entered promiscuous mode
[ 1297.506613][T19483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1297.629370][T19483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1297.955262][T19483] team0: Port device team_slave_0 added
[ 1298.055981][T19483] team0: Port device team_slave_1 added
[ 1298.504672][T19483] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1298.529037][T19483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1298.615388][T19483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1298.680432][T19483] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1298.708379][T19483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1298.781393][T19483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1299.283764][T19483] hsr_slave_0: entered promiscuous mode
[ 1299.304315][T19483] hsr_slave_1: entered promiscuous mode
[ 1299.318110][T19613] loop4: detected capacity change from 0 to 1024
[ 1299.343070][T19483] debugfs: 'hsr0' already exists in 'hsr'
[ 1299.379977][T19483] Cannot create hsr debugfs directory
[ 1299.392082][T19613] EXT4-fs: Ignoring removed bh option
[ 1299.501084][T19613] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1300.318129][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1302.460403][   T30] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[ 1302.595114][T19483] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1302.656450][T19483] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1302.662402][   T30] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1302.677993][   T30] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1302.731675][   T30] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1302.762453][T19483] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1302.781245][   T30] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1302.822234][   T30] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1302.870837][T19483] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1302.897573][   T30] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1302.939981][   T30] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1302.949969][   T30] usb 5-1: Product: syz
[ 1302.954336][   T30] usb 5-1: Manufacturer: syz
[ 1303.037790][   T30] cdc_wdm 5-1:1.0: skipping garbage
[ 1303.056525][   T30] cdc_wdm 5-1:1.0: skipping garbage
[ 1303.101456][   T30] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 1303.107666][   T30] cdc_wdm 5-1:1.0: Unknown control protocol
[ 1303.657194][T19670] loop5: detected capacity change from 0 to 2048
[ 1304.006639][T19483] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1304.027401][   T30] usb 5-1: USB disconnect, device number 29
[ 1304.040760][T19670] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1304.128284][T19670] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1304.296636][T19483] 8021q: adding VLAN 0 to HW filter on device team0
[ 1304.443745][ T1132] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1304.451587][ T1132] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1304.566161][  T139] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1304.573785][  T139] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1305.158962][T14548] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1307.164421][T19483] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1308.948797][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1308.955800][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1309.986194][T19483] veth0_vlan: entered promiscuous mode
[ 1310.123825][T19483] veth1_vlan: entered promiscuous mode
[ 1310.592332][T19483] veth0_macvtap: entered promiscuous mode
[ 1310.676640][T19483] veth1_macvtap: entered promiscuous mode
[ 1310.974255][T19483] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1311.048514][T19756] loop5: detected capacity change from 0 to 256
[ 1311.078597][T19483] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1311.230978][   T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.279289][   T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.415191][   T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.446615][   T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1312.284087][ T9558] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1312.457396][ T9558] usb 3-1: Using ep0 maxpacket: 16
[ 1312.475342][ T9558] usb 3-1: config 4 has an invalid interface number: 104 but max is 0
[ 1312.516165][ T9558] usb 3-1: config 4 has no interface number 0
[ 1312.570417][ T9558] usb 3-1: config 4 interface 104 altsetting 0 endpoint 0x1 has an invalid bInterval 190, changing to 11
[ 1312.664055][ T9558] usb 3-1: New USB device found, idVendor=0bda, idProduct=0140, bcdDevice=4b.f8
[ 1312.677606][ T9558] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1312.740021][ T9558] usb 3-1: Product: syz
[ 1312.744409][ T9558] usb 3-1: Manufacturer: syz
[ 1312.749337][ T9558] usb 3-1: SerialNumber: syz
[ 1312.825469][T19777] netlink: 128 bytes leftover after parsing attributes in process `syz.1.4427'.
[ 1312.894896][T19777] netlink: 128 bytes leftover after parsing attributes in process `syz.1.4427'.
[ 1313.859243][ T9558] rtsx_usb 3-1:4.104: probe with driver rtsx_usb failed with error -71
[ 1313.958515][ T9558] usb 3-1: USB disconnect, device number 26
[ 1316.751166][T19838] input: syz1 as /devices/virtual/input/input48
[ 1317.919567][T19850] Bluetooth: MGMT ver 1.23
[ 1317.974543][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1318.024697][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1318.119621][T19853] loop5: detected capacity change from 0 to 1024
[ 1318.155842][T19857] input: syz0 as /devices/virtual/input/input49
[ 1318.326120][ T9551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1318.387937][ T9551] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1318.573598][T19853] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1319.463880][T19874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1319.500782][T14548] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1320.488314][T19886] loop5: detected capacity change from 0 to 512
[ 1320.608107][T19886] EXT4-fs: Ignoring removed oldalloc option
[ 1320.772093][T19886] EXT4-fs error (device loop5): ext4_iget_extra_inode:5042: inode #15: comm syz.5.4450: corrupted in-inode xattr: invalid ea_ino
[ 1320.873039][   T30] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1320.952677][T19886] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1320.959866][    C1] EXT4-fs (loop5): error count since last fsck: 1
[ 1320.976059][    C1] EXT4-fs (loop5): initial error at time 1776187154: ext4_iget_extra_inode:5042: inode 15
[ 1320.986451][    C1] EXT4-fs (loop5): last error at time 1776187154: ext4_iget_extra_inode:5042: inode 15
[ 1321.033553][T19886] EXT4-fs error (device loop5): ext4_orphan_get:1402: comm syz.5.4450: couldn't read orphan inode 15 (err -117)
[ 1321.058781][T19886] loop5: lost filesystem error report for type 5 error -117
[ 1321.063791][T19886] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1321.085229][   T30] usb 3-1: Using ep0 maxpacket: 16
[ 1321.097433][   T30] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1321.135519][   T30] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1321.164996][   T30] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1321.192315][   T30] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1321.257277][   T30] usb 3-1: Product: syz
[ 1321.276472][   T30] usb 3-1: Manufacturer: syz
[ 1321.290819][   T30] usb 3-1: SerialNumber: syz
[ 1321.350671][   T30] usb 3-1: config 0 descriptor??
[ 1321.425409][   T30] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1321.480218][   T30] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[ 1321.905840][T14548] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1322.019422][   T30] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[ 1322.037597][   T30] em28xx 3-1:0.0: Config register raw data: 0x41
[ 1322.237987][   T30] usb 3-1: USB disconnect, device number 27
[ 1322.268147][   T30] em28xx 3-1:0.0: Disconnecting em28xx
[ 1322.321709][   T30] em28xx 3-1:0.0: Freeing device
[ 1322.552491][ T5827] kernel write not supported for file /dsp (pid: 5827 comm: kworker/1:3)
[ 1324.107660][T19924] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4463'.
[ 1324.619331][T19927] netlink: 6 bytes leftover after parsing attributes in process `syz.1.4467'.
[ 1325.283187][T19943] (syz.1.4471,19943,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[ 1327.688777][T19976] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1328.109280][T19980] loop7: detected capacity change from 0 to 1024
[ 1328.153482][T19980] EXT4-fs: Ignoring removed bh option
[ 1328.334251][T19980] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1328.761597][T19483] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1330.343455][T20006] loop4: detected capacity change from 0 to 4096
[ 1330.486983][T20018] loop5: detected capacity change from 0 to 64
[ 1330.493540][T20006] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1330.678769][T20017] loop7: detected capacity change from 0 to 512
[ 1330.790369][T20017] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1330.990022][T20017] EXT4-fs error (device loop7): ext4_orphan_get:1423: comm syz.7.4492: bad orphan inode 131083
[ 1331.021321][T14712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1331.099964][T20017] loop7: lost filesystem error report for type 5 error -117
[ 1331.104754][T20017] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1331.287303][   T29] audit: type=1800 audit(1776187165.160:165): pid=20017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.4492" name="bus" dev="loop7" ino=18 res=0 errno=0
[ 1331.934351][T14548] hfs: node 4:3 still has 1 user(s)!
[ 1332.093143][ T5827] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[ 1332.290988][ T5827] usb 5-1: Using ep0 maxpacket: 16
[ 1332.330434][ T5827] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1332.338679][ T5827] usb 5-1: config 0 has no interface number 0
[ 1332.381043][ T5827] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1332.434678][ T5827] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1332.456886][T19483] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1332.491111][ T5827] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1332.556726][ T5827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1332.618233][ T5827] usb 5-1: config 0 descriptor??
[ 1332.891415][ T9558] libceph: connect (1)[c::]:6789 error -101
[ 1332.899048][ T9558] libceph: mon0 (1)[c::]:6789 connect error
[ 1333.001178][T20042] ceph: No mds server is up or the cluster is laggy
[ 1333.161028][ T9558] libceph: connect (1)[c::]:6789 error -101
[ 1333.167589][ T9558] libceph: mon0 (1)[c::]:6789 connect error
[ 1333.461925][T20052] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1333.497531][ T5827] uclogic 0003:28BD:0071.0023: pen parameters not found
[ 1333.529545][ T5827] uclogic 0003:28BD:0071.0023: interface is invalid, ignoring
[ 1333.614484][ T5827] usb 5-1: USB disconnect, device number 30
[ 1334.400209][ T5827] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1334.635723][ T5827] usb 3-1: config 0 has an invalid interface number: 255 but max is 0
[ 1334.681793][ T5827] usb 3-1: config 0 has no interface number 0
[ 1334.688102][ T5827] usb 3-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[ 1334.762436][ T5827] usb 3-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1334.841654][ T5827] usb 3-1: config 0 interface 255 has no altsetting 0
[ 1334.848810][ T5827] usb 3-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[ 1334.899427][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1334.954752][ T5827] usb 3-1: config 0 descriptor??
[ 1334.989041][ T5827] ums-realtek 3-1:0.255: USB Mass Storage device detected
[ 1335.257367][ T5827] usb 3-1: USB disconnect, device number 28
[ 1335.271005][T20070] loop7: detected capacity change from 0 to 4096
[ 1335.370709][T20080] loop4: detected capacity change from 0 to 64
[ 1335.530844][T20070] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1336.081508][T14712] hfs: node 4:3 still has 1 user(s)!
[ 1336.160911][T19483] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1336.643208][T20096] vivid-003: disconnect
[ 1336.671594][T20092] vivid-003: reconnect
[ 1337.653789][T20108] loop4: detected capacity change from 0 to 256
[ 1340.111609][ T5827] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1340.309544][ T5827] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1340.344431][ T5827] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1340.379915][ T5827] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1340.423902][ T5827] usb 3-1: New USB device found, idVendor=056a, idProduct=0010, bcdDevice= 0.00
[ 1340.478264][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1340.515441][ T5827] usb 3-1: config 0 descriptor??
[ 1341.055210][ T5827] wacom 0003:056A:0010.0024: Unknown device_type for 'HID 056a:0010'. Assuming pen.
[ 1341.127916][ T5827] wacom 0003:056A:0010.0024: hidraw0: USB HID v0.00 Device [HID 056a:0010] on usb-dummy_hcd.2-1/input0
[ 1341.174360][ T5827] input: Wacom Graphire Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0010.0024/input/input50
[ 1341.214672][T20140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1341.261866][T20140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1341.443755][   T30] usb 3-1: USB disconnect, device number 29
[ 1342.055960][T20158] fido_id[20158]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[ 1343.809326][T20190] loop4: detected capacity change from 0 to 256
[ 1343.853119][T20190] exfat: Deprecated parameter 'utf8'
[ 1343.853230][T20190] exfat: Deprecated parameter 'utf8'
[ 1343.853629][T20190] exfat: Deprecated parameter 'utf8'
[ 1343.972567][T20190] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[ 1345.532956][ T9558] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[ 1345.712009][ T9558] usb 6-1: Using ep0 maxpacket: 32
[ 1345.761427][ T9558] usb 6-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1345.780301][ T9558] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1345.955698][ T9558] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1347.082273][ T9558] gspca_nw80x: reg_w err -71
[ 1347.087267][ T9558] nw80x 6-1:3.0: probe with driver nw80x failed with error -71
[ 1347.197441][ T9558] usb 6-1: USB disconnect, device number 42
[ 1349.310740][T20263] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input53
[ 1351.124794][ T9558] libceph: connect (1)[c::]:6789 error -101
[ 1351.186676][ T9558] libceph: mon0 (1)[c::]:6789 connect error
[ 1351.195949][T20295] loop5: detected capacity change from 0 to 2048
[ 1351.250113][T20297] ceph: No mds server is up or the cluster is laggy
[ 1351.447608][T20295] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1351.551304][T20295] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1352.499060][T14548] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1353.457763][  T139] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1353.540037][   T29] audit: type=1326 audit(1776187187.400:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.4.4590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17f6c code=0x7ffc0000
[ 1353.540258][   T29] audit: type=1326 audit(1776187187.410:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.4.4590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17f6c code=0x7ffc0000
[ 1353.555045][   T29] audit: type=1326 audit(1776187187.430:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.4.4590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f17f6c code=0x7ffc0000
[ 1353.555260][   T29] audit: type=1326 audit(1776187187.430:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.4.4590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7f17f6c code=0x7ffc0000
[ 1354.629008][   T30] libceph: connect (1)[c::]:6789 error -101
[ 1354.664333][T20345] ceph: No mds server is up or the cluster is laggy
[ 1354.665214][T20351] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4593'.
[ 1354.692863][   T30] libceph: mon0 (1)[c::]:6789 connect error
[ 1355.320971][T20360] tipc: Started in network mode
[ 1355.337031][T20360] tipc: Node identity ac14142f, cluster identity 4711
[ 1355.351139][T20360] tipc: New replicast peer: 0.0.0.0
[ 1355.358447][T20360] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1355.393881][T20364] tipc: New replicast peer: fc01:0000:0000:0000:0000:0000:0000:0001
[ 1355.492241][ T5070] Bluetooth: hci5: command 0x1003 tx timeout
[ 1355.499164][T18935] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1356.073693][T20373] loop7: detected capacity change from 0 to 512
[ 1356.331046][T20373] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1356.472444][ T9558] tipc: Node number set to 2886997039
[ 1356.611937][T20373] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1357.097930][T19483] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1358.010034][T16140] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1358.170062][T16140] usb 3-1: Using ep0 maxpacket: 32
[ 1358.187248][T16140] usb 3-1: config 0 has an invalid interface number: 146 but max is 0
[ 1358.187383][T16140] usb 3-1: config 0 has no interface number 0
[ 1358.187498][T16140] usb 3-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1358.187628][T16140] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[ 1358.187767][T16140] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[ 1358.187918][T16140] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[ 1358.188057][T16140] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[ 1358.188197][T16140] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1358.188322][T16140] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1358.188460][T16140] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 25446, setting to 1024
[ 1358.188612][T16140] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1358.188745][T16140] usb 3-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[ 1358.197386][T16140] usb 3-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[ 1358.197534][T16140] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1358.197663][T16140] usb 3-1: Product: syz
[ 1358.197757][T16140] usb 3-1: Manufacturer: syz
[ 1358.197854][T16140] usb 3-1: SerialNumber: syz
[ 1358.223933][T16140] usb 3-1: config 0 descriptor??
[ 1358.250675][T20398] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1358.251753][T20398] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1358.278349][T16140] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[ 1358.278441][T16140] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[ 1358.301233][T16140] scsi host1: microtekX6
[ 1358.481642][   T30] usb 3-1: USB disconnect, device number 30
[ 1359.360008][   T30] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[ 1359.610287][   T30] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1359.650004][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1359.705095][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1359.768794][   T30] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1359.808343][   T30] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1359.841442][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1359.907165][   T30] usb 6-1: config 0 descriptor??
[ 1359.961164][T20413] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1360.570299][ T5827] usb 3-1: new full-speed USB device number 31 using dummy_hcd
[ 1360.688571][   T30] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1360.804587][T20429] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1360.865119][   T30] usb 6-1: USB disconnect, device number 43
[ 1360.883943][T20429] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1361.047415][ T5827] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1361.101980][ T5827] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1361.130132][ T5827] usb 3-1: can't read configurations, error -71
[ 1361.190165][ T1132] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1361.378227][ T1132] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1361.596873][T20433] fido_id[20433]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 1361.669505][ T1132] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1361.877734][ T1132] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1362.442650][ T1132] bridge_slave_1: left allmulticast mode
[ 1362.448505][ T1132] bridge_slave_1: left promiscuous mode
[ 1362.466700][ T1132] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1362.491528][ T1132] bridge_slave_0: left allmulticast mode
[ 1362.497374][ T1132] bridge_slave_0: left promiscuous mode
[ 1362.509889][ T1132] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1363.282509][ T1132] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1363.341393][ T1132] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1363.377563][ T1132] bond0 (unregistering): Released all slaves
[ 1363.543737][ T1132] tipc: Disabling bearer <udp:syz2>
[ 1363.570660][ T1132] tipc: Left network mode
[ 1364.321184][ T5827] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[ 1364.352605][ T1132] hsr_slave_0: left promiscuous mode
[ 1364.390354][ T1132] hsr_slave_1: left promiscuous mode
[ 1364.398229][ T1132] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1364.420271][ T1132] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1364.447888][ T1132] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1364.480485][ T1132] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1364.519423][ T1132] veth1_macvtap: left promiscuous mode
[ 1364.540198][ T5827] usb 6-1: Using ep0 maxpacket: 16
[ 1364.550349][ T1132] veth0_macvtap: left promiscuous mode
[ 1364.562618][ T5827] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1364.594540][ T5827] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1364.650040][ T5827] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1364.674343][ T5827] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1364.712432][ T5827] usb 6-1: config 0 descriptor??
[ 1364.856907][ T5070] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1364.872079][ T5070] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1364.895570][ T5070] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1364.910192][ T5070] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1364.926951][ T5070] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1365.336295][ T5827] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0026/input/input54
[ 1365.387271][ T5827] microsoft 0003:045E:07DA.0026: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[ 1365.808574][ T1132] team0 (unregistering): Port device team_slave_1 removed
[ 1365.826761][ T5827] usb 6-1: USB disconnect, device number 44
[ 1365.911974][ T1132] team0 (unregistering): Port device team_slave_0 removed
[ 1365.943033][T20461] fido_id[20461]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 1366.761708][T20465] loop7: detected capacity change from 0 to 64
[ 1366.940853][ T9558] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1367.000331][ T5070] Bluetooth: hci1: command tx timeout
[ 1367.142310][ T9558] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1367.142463][ T9558] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1367.187088][ T9558] usb 3-1: config 0 descriptor??
[ 1367.234469][ T9558] cp210x 3-1:0.0: cp210x converter detected
[ 1367.327212][ T1132] IPVS: stop unused estimator thread 0...
[ 1367.689390][ T9558] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 1367.935899][ T9558] usb 3-1: cp210x converter now attached to ttyUSB0
[ 1368.130698][ T5827] usb 3-1: USB disconnect, device number 33
[ 1368.164385][ T5827] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1368.210808][ T5827] cp210x 3-1:0.0: device disconnected
[ 1368.391482][T20474] loop7: detected capacity change from 0 to 4096
[ 1368.498674][T20457] chnl_net:caif_netlink_parms(): no params data found
[ 1368.611356][T20474] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[ 1368.741255][T20474] ntfs3(loop7): Failed to load $Extend (-22).
[ 1368.741364][T20474] ntfs3(loop7): Failed to initialize $Extend.
[ 1369.085301][ T5070] Bluetooth: hci1: command tx timeout
[ 1369.857295][T20490] loop7: detected capacity change from 0 to 512
[ 1369.941059][T20490] EXT4-fs error (device loop7): ext4_orphan_get:1397: inode #15: comm syz.7.4634: inode has both inline data and extents flags
[ 1369.986138][T20490] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1369.989798][    C0] EXT4-fs (loop7): error count since last fsck: 1
[ 1370.006096][    C0] EXT4-fs (loop7): initial error at time 1776187203: ext4_orphan_get:1397: inode 15
[ 1370.016130][    C0] EXT4-fs (loop7): last error at time 1776187203: ext4_orphan_get:1397: inode 15
[ 1370.054836][T20490] EXT4-fs error (device loop7): ext4_orphan_get:1402: comm syz.7.4634: couldn't read orphan inode 15 (err -117)
[ 1370.134705][T20490] loop7: lost filesystem error report for type 5 error -117
[ 1370.154268][T20490] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1370.386043][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1370.393678][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1370.394009][T20457] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1370.416512][T20457] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1370.440524][T20457] bridge_slave_0: entered allmulticast mode
[ 1370.474561][T20457] bridge_slave_0: entered promiscuous mode
[ 1370.535512][T20457] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1370.584487][T20457] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1370.600786][T20457] bridge_slave_1: entered allmulticast mode
[ 1370.628122][T20457] bridge_slave_1: entered promiscuous mode
[ 1370.668264][T19483] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1370.962041][T20457] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1371.021709][T20457] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1371.162796][ T5070] Bluetooth: hci1: command tx timeout
[ 1371.225407][T20457] team0: Port device team_slave_0 added
[ 1371.278701][T20498] loop7: detected capacity change from 0 to 2048
[ 1371.288936][T20457] team0: Port device team_slave_1 added
[ 1371.343113][T20498] NILFS (loop7): invalid segment: Checksum error in segment payload
[ 1371.382997][T20498] NILFS (loop7): trying rollback from an earlier position
[ 1371.466046][T20498] NILFS (loop7): recovery complete
[ 1371.492519][T20500] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1371.580529][T20457] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1371.592260][T20457] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1371.710117][T20457] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1371.785528][T20457] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1371.806447][T20457] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1371.878428][T20457] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1372.296030][T20457] hsr_slave_0: entered promiscuous mode
[ 1372.364117][T20457] hsr_slave_1: entered promiscuous mode
[ 1372.391450][T20457] debugfs: 'hsr0' already exists in 'hsr'
[ 1372.397361][T20457] Cannot create hsr debugfs directory
[ 1372.798799][T20512] loop7: detected capacity change from 0 to 2048
[ 1372.993154][T20512] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1373.240077][ T5070] Bluetooth: hci1: command tx timeout
[ 1373.400567][T20516] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[ 1373.518853][T19483] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1374.935042][T20534] loop5: detected capacity change from 0 to 256
[ 1374.966169][T20457] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1375.052939][T20457] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1375.171865][T20457] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1375.191051][T20534] exFAT-fs (loop5): failed to test first cluster bit of root dir(5)
[ 1375.256746][T20457] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1376.511840][T20457] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1376.670890][T20457] 8021q: adding VLAN 0 to HW filter on device team0
[ 1376.781378][  T136] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1376.788938][  T136] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1376.936843][  T139] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1376.944447][  T139] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1377.060944][T20554] netlink: 72 bytes leftover after parsing attributes in process `syz.5.4659'.
[ 1378.290477][ T2139] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1378.512062][ T2139] usb 3-1: Using ep0 maxpacket: 16
[ 1378.539955][ T2139] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[ 1378.580758][ T2139] usb 3-1: config 0 has no interface number 0
[ 1378.587099][ T2139] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[ 1378.656118][ T2139] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[ 1378.732839][ T2139] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1378.760748][ T2139] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1378.800345][ T2139] usb 3-1: Product: syz
[ 1378.838523][ T2139] usb 3-1: Manufacturer: syz
[ 1378.866385][ T2139] usb 3-1: SerialNumber: syz
[ 1378.916497][ T2139] usb 3-1: config 0 descriptor??
[ 1378.936336][T20566] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1378.990996][T20566] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1379.253428][T20566] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1379.291392][T20566] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1379.667586][T20457] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1379.958960][ T2139] asix 3-1:0.251 (unnamed net_device) (uninitialized): invalid PHY address: 83
[ 1380.226569][ T5827] usb 3-1: USB disconnect, device number 34
[ 1380.286417][T20457] veth0_vlan: entered promiscuous mode
[ 1380.428099][T20457] veth1_vlan: entered promiscuous mode
[ 1380.817786][T20457] veth0_macvtap: entered promiscuous mode
[ 1380.947620][T20457] veth1_macvtap: entered promiscuous mode
[ 1381.182411][T20457] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1381.356131][T20457] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1381.511162][  T793] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[ 1381.517002][ T1132] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.555059][ T1132] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.638075][ T1132] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.658338][ T1132] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.709949][  T793] usb 6-1: Using ep0 maxpacket: 32
[ 1381.782073][  T793] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1381.801808][  T793] usb 6-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1381.886842][  T793] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1381.916375][  T793] usb 6-1: New USB device found, idVendor=1532, idProduct=011d, bcdDevice= 0.00
[ 1381.980178][  T793] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1382.004554][  T793] usb 6-1: config 0 descriptor??
[ 1382.651948][  T793] hid-rmi 0003:1532:011D.0027: unknown main item tag 0x0
[ 1382.690188][  T793] hid-rmi 0003:1532:011D.0027: unknown main item tag 0x0
[ 1382.719139][  T793] hid-rmi 0003:1532:011D.0027: unknown main item tag 0x0
[ 1382.754683][  T793] hid-rmi 0003:1532:011D.0027: unknown main item tag 0x0
[ 1382.783001][  T793] hid-rmi 0003:1532:011D.0027: unknown main item tag 0x0
[ 1382.813013][  T793] hid-rmi 0003:1532:011D.0027: unknown main item tag 0x0
[ 1382.841309][  T793] hid-rmi 0003:1532:011D.0027: unknown main item tag 0x0
[ 1382.880704][  T793] hid-rmi 0003:1532:011D.0027: unknown main item tag 0x0
[ 1382.922983][  T793] hid-rmi 0003:1532:011D.0027: unknown main item tag 0x0
[ 1382.947194][  T793] hid-rmi 0003:1532:011D.0027: unknown main item tag 0x0
[ 1383.022486][  T793] hid-rmi 0003:1532:011D.0027: hidraw0: USB HID v0.0d Device [HID 1532:011d] on usb-dummy_hcd.5-1/input0
[ 1383.128956][  T793] usb 6-1: USB disconnect, device number 45
[ 1383.763902][T20621] fido_id[20621]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 1385.351802][T20651] loop7: detected capacity change from 0 to 7
[ 1385.813196][    C1] blk_print_req_error: 54 callbacks suppressed
[ 1385.813282][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1385.819604][T20651] Dev loop7: unable to read RDB block 7
[ 1385.829575][    C1] buffer_io_error: 54 callbacks suppressed
[ 1385.829756][    C1] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1385.907154][T20651]  loop7: unable to read partition table
[ 1385.926325][T20651] loop7: partition table beyond EOD, truncated
[ 1385.966196][T20651] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[ 1386.545923][ T5131] Dev loop7: unable to read RDB block 7
[ 1386.576204][T20665] loop5: detected capacity change from 0 to 128
[ 1386.583504][ T5131]  loop7: unable to read partition table
[ 1386.590830][ T5131] loop7: partition table beyond EOD, truncated
[ 1387.894625][T20681] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4690'.
[ 1387.990465][T20681] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4690'.
[ 1388.399534][ T5878] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1388.450272][ T5878] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1388.534196][T20689] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1388.856088][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1388.885518][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1389.185640][   T29] audit: type=1326 audit(1776187223.060:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20695 comm="syz.7.4695" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff8f6c code=0x0
[ 1389.291155][T20700] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4695'.
[ 1389.340171][T20700] netlink: 'syz.7.4695': attribute type 9 has an invalid length.
[ 1389.390078][T20700] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4695'.
[ 1389.642497][ T5070] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 1389.653020][ T5070] CPU: 1 UID: 0 PID: 5070 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1389.653192][ T5070] Tainted: [L]=SOFTLOCKUP
[ 1389.653248][ T5070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1389.653376][ T5070] Workqueue: hci1 hci_rx_work
[ 1389.653539][ T5070] Call Trace:
[ 1389.653597][ T5070]  <TASK>
[ 1389.653648][ T5070]  __dump_stack+0x26/0x30
[ 1389.653806][ T5070]  dump_stack_lvl+0x14c/0x1c0
[ 1389.653956][ T5070]  dump_stack+0x1e/0x25
[ 1389.654098][ T5070]  sysfs_create_dir_ns+0x46c/0x540
[ 1389.654264][ T5070]  kobject_add_internal+0x1084/0x19b0
[ 1389.654566][ T5070]  kobject_add+0x2c1/0x410
[ 1389.654763][ T5070]  ? kmsan_get_metadata+0xf1/0x160
[ 1389.654898][ T5070]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1389.655042][ T5070]  device_add+0xa70/0x1c00
[ 1389.655204][ T5070]  hci_conn_add_sysfs+0x159/0x2e0
[ 1389.655339][ T5070]  le_conn_complete_evt+0x1de4/0x2340
[ 1389.655543][ T5070]  hci_le_conn_complete_evt+0x157/0x260
[ 1389.655736][ T5070]  hci_le_meta_evt+0x6eb/0x960
[ 1389.655893][ T5070]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1389.656076][ T5070]  hci_event_packet+0xb8c/0x1820
[ 1389.656217][ T5070]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1389.656413][ T5070]  hci_rx_work+0x8c3/0xfc0
[ 1389.656558][ T5070]  ? kmsan_get_metadata+0xf1/0x160
[ 1389.656700][ T5070]  ? __pfx_hci_rx_work+0x10/0x10
[ 1389.656852][ T5070]  process_scheduled_works+0xb82/0x1e80
[ 1389.657054][ T5070]  worker_thread+0xee4/0x1590
[ 1389.657243][ T5070]  kthread+0x53f/0x600
[ 1389.657419][ T5070]  ? __pfx_worker_thread+0x10/0x10
[ 1389.657588][ T5070]  ? __pfx_kthread+0x10/0x10
[ 1389.657751][ T5070]  ret_from_fork+0x20f/0x8d0
[ 1389.657894][ T5070]  ? __switch_to+0x51c/0x750
[ 1389.658065][ T5070]  ? __pfx_kthread+0x10/0x10
[ 1389.658222][ T5070]  ret_from_fork_asm+0x1a/0x30
[ 1389.658422][ T5070]  </TASK>
[ 1389.658530][ T5070] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1389.863263][ T5070] Bluetooth: hci1: failed to register connection device
[ 1392.000822][T20725] tmpfs: Too small a size for current use
[ 1393.768976][T20743] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4706'.
[ 1394.091555][T20745] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4707'.
[ 1394.183207][T20746] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4707'.
[ 1394.300302][T20746] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4707'.
[ 1395.311853][ T9558] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1395.504153][ T9558] usb 4-1: Using ep0 maxpacket: 8
[ 1395.545589][ T9558] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[ 1395.579259][ T9558] usb 4-1: config 179 has no interface number 0
[ 1395.592896][ T9558] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1395.628732][ T9558] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1395.677361][ T9558] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1395.710133][ T9558] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1395.730746][T20769] loop5: detected capacity change from 0 to 512
[ 1395.760175][ T9558] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1395.823596][ T9558] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1395.859887][ T9558] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1395.951199][T20760] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1396.412901][ T9558] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input55
[ 1396.706834][T20760] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1396.800651][T20760] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1397.237114][ T9558] usb 4-1: USB disconnect, device number 7
[ 1397.243338][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1397.243544][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1398.343504][ T9558] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1398.408367][T20797] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4724'.
[ 1398.550555][ T9558] usb 3-1: Using ep0 maxpacket: 8
[ 1398.582580][ T9558] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1398.628320][ T9558] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1398.656890][ T9558] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1398.710371][ T9558] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1398.740825][ T9558] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1398.808405][ T9558] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1398.910251][ T9558] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1399.227321][ T9558] usb 3-1: usb_control_msg returned -32
[ 1399.244516][ T9558] usbtmc 3-1:16.0: can't read capabilities
[ 1399.325702][T20804] loop3: detected capacity change from 0 to 1024
[ 1399.409223][T20804] EXT4-fs: inline encryption not supported
[ 1399.473828][T20804] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1399.683863][T20804] EXT4-fs error (device loop3): ext4_map_blocks:791: inode #3: block 2: comm syz.3.4727: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1399.766088][T20804] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 1399.770962][T20804] EXT4-fs (loop3): Remounting filesystem read-only
[ 1399.780417][    C0] EXT4-fs (loop3): error count since last fsck: 1
[ 1399.780516][    C0] EXT4-fs (loop3): initial error at time 1776187233: ext4_map_blocks:791: inode 3: block 2
[ 1399.780721][    C0] EXT4-fs (loop3): last error at time 1776187233: ext4_map_blocks:791: inode 3: block 2
[ 1399.885346][T20804] Quota error (device loop3): qtree_write_dquot: dquota write failed
[ 1399.919340][T20804] Quota error (device loop3): v2_write_file_info: Can't write info structure
[ 1399.994017][T20804] EXT4-fs (loop3): 1 orphan inode deleted
[ 1400.072001][T20804] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1400.457621][T20823] loop7: detected capacity change from 0 to 1024
[ 1400.504432][T20823] EXT4-fs: Ignoring removed bh option
[ 1400.578157][T20457] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1400.676990][T20823] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1401.282299][  T793] usb 3-1: USB disconnect, device number 35
[ 1401.421649][T19483] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1402.615309][T20851] syzkaller1: entered promiscuous mode
[ 1402.670240][T20851] syzkaller1: entered allmulticast mode
[ 1404.963068][T20882] loop7: detected capacity change from 0 to 512
[ 1404.986579][T20882] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1405.050669][T20882] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[ 1405.092734][T20882] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e028, mo2=0002]
[ 1405.159192][T20882] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 1405.272587][T20882] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.4748: bg 0: block 361: padding at end of block bitmap is not set
[ 1405.335706][T20882] loop7: lost filesystem error report for type 5 error -117
[ 1405.339827][    C1] EXT4-fs (loop7): error count since last fsck: 1
[ 1405.354130][    C1] EXT4-fs (loop7): initial error at time 1776187239: ext4_validate_block_bitmap:441
[ 1405.363941][    C1] EXT4-fs (loop7): last error at time 1776187239: ext4_validate_block_bitmap:441
[ 1405.389978][T20882] EXT4-fs (loop7): Remounting filesystem read-only
[ 1405.423648][T20882] EXT4-fs (loop7): 1 truncate cleaned up
[ 1405.455788][T20882] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[ 1405.550662][T20882] EXT4-fs warning (device loop7): dx_probe:861: inode #2: comm syz.7.4748: dx entry: limit 0 != root limit 125
[ 1405.601066][T20882] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.4748: Corrupt directory, running e2fsck is recommended
[ 1405.995367][T19483] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[ 1407.003489][T20909] loop5: detected capacity change from 0 to 2048
[ 1407.140795][   T29] audit: type=1326 audit(1776187241.010:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20916 comm="syz.2.4760" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f62f6c code=0x0
[ 1407.266402][T20920] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4760'.
[ 1407.320902][T20920] netlink: 'syz.2.4760': attribute type 9 has an invalid length.
[ 1407.360171][T20909] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1407.400455][T20920] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4760'.
[ 1407.696822][T20917] loop3: detected capacity change from 0 to 4096
[ 1408.484209][   T29] audit: type=1800 audit(1776187242.360:172): pid=20917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4759" name="file1" dev="loop3" ino=0 res=0 errno=0
[ 1408.618442][   T29] audit: type=1800 audit(1776187242.400:173): pid=20917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4759" name="file1" dev="loop3" ino=0 res=0 errno=0
[ 1409.775260][   T13] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1410.063297][T20944] loop5: detected capacity change from 0 to 2048
[ 1410.297873][T20944] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1410.392037][T20944] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[ 1410.413716][T20958] loop3: detected capacity change from 0 to 512
[ 1410.584577][T20944] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1410.823223][T20958] EXT4-fs error (device loop3): ext4_do_update_inode:5604: inode #16: comm syz.3.4771: corrupted inode contents
[ 1410.883073][T20958] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[ 1410.884252][T20958] EXT4-fs error (device loop3): ext4_dirty_inode:6497: inode #16: comm syz.3.4771: mark_inode_dirty error
[ 1410.893799][    C1] EXT4-fs (loop3): error count since last fsck: 1
[ 1410.893891][    C1] EXT4-fs (loop3): initial error at time 1776187244: ext4_do_update_inode:5604: inode 16
[ 1410.894050][    C1] EXT4-fs (loop3): last error at time 1776187244: ext4_do_update_inode:5604: inode 16
[ 1411.009996][T20958] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[ 1411.011267][T20958] EXT4-fs error (device loop3): ext4_do_update_inode:5604: inode #16: comm syz.3.4771: corrupted inode contents
[ 1411.098976][T20958] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[ 1411.100788][T20958] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #16: comm syz.3.4771: mark_inode_dirty error
[ 1411.170689][T20958] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[ 1411.180269][T20958] EXT4-fs error (device loop3): ext4_do_update_inode:5604: inode #16: comm syz.3.4771: corrupted inode contents
[ 1411.240102][T20958] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[ 1411.248941][T20958] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[ 1411.326684][T20958] loop3: lost filesystem error report for type 5 error -117
[ 1411.338075][T20958] EXT4-fs error (device loop3): ext4_do_update_inode:5604: inode #16: comm syz.3.4771: corrupted inode contents
[ 1411.443201][T20958] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[ 1411.444387][T20958] EXT4-fs error (device loop3): ext4_truncate:4604: inode #16: comm syz.3.4771: mark_inode_dirty error
[ 1411.505669][T20958] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[ 1411.544593][T20958] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[ 1411.638615][T20958] loop3: lost filesystem error report for type 5 error -117
[ 1411.644847][T20958] EXT4-fs (loop3): 1 truncate cleaned up
[ 1411.675958][  T139] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1411.742634][  T139] EXT4-fs error (device loop3): ext4_release_dquot:7064: comm kworker/u8:6: Failed to release dquot type 1
[ 1411.790116][T20958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1411.803254][T18935] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1411.810929][  T139] loop3: lost filesystem error report for type 5 error -117
[ 1411.832335][T20958] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1412.095822][   T29] audit: type=1800 audit(1776187245.970:174): pid=20958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4771" name="file2" dev="loop3" ino=16 res=0 errno=0
[ 1412.134522][T20958] EXT4-fs (loop3): shut down requested (2)
[ 1412.471126][T20457] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1412.495817][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1412.560715][   T12] Quota error (device loop3): write_blk: dquota write failed
[ 1412.580030][   T12] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[ 1412.619513][T20983] loop7: detected capacity change from 0 to 16
[ 1412.626910][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1412.673655][T20983] erofs (device loop7): mounted with root inode @ nid 36.
[ 1412.699984][   T12] Quota error (device loop3): write_blk: dquota write failed
[ 1412.745259][   T12] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[ 1412.808970][   T12] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[ 1412.859866][   T12] Quota error (device loop3): v2_write_file_info: Can't write info structure
[ 1412.912266][   T12] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1414.730105][  T793] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1414.890128][  T793] usb 4-1: Using ep0 maxpacket: 32
[ 1414.905977][  T793] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[ 1414.928181][  T793] usb 4-1: config 0 has no interface number 0
[ 1414.955160][  T793] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1415.003825][  T793] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1415.041555][  T793] usb 4-1: Product: syz
[ 1415.055272][  T793] usb 4-1: Manufacturer: syz
[ 1415.078809][  T793] usb 4-1: SerialNumber: syz
[ 1415.126642][  T793] usb 4-1: config 0 descriptor??
[ 1415.190144][  T793] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1415.413113][  T793] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1415.494928][  T793] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1415.857048][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1415.867806][  T793] usb 4-1: USB disconnect, device number 8
[ 1416.111473][  T793] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1416.211495][  T793] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1416.254213][  T793] quatech2 4-1:0.51: device disconnected
[ 1417.715678][T21043] loop7: detected capacity change from 0 to 512
[ 1417.917476][T21043] EXT4-fs (loop7): couldn't mount as ext2 due to feature incompatibilities
[ 1418.047381][T21036] loop3: detected capacity change from 0 to 8192
[ 1421.239567][T21082] dummy0: entered promiscuous mode
[ 1421.290607][T21082] dummy0: left promiscuous mode
[ 1422.581481][T21098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4816'.
[ 1422.671807][T21098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4816'.
[ 1424.633998][T21114] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4822'.
[ 1424.690889][T21115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4822'.
[ 1424.748771][T21114] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4822'.
[ 1425.043744][T21118] input: syz0 as /devices/virtual/input/input57
[ 1426.195940][T21136] loop3: detected capacity change from 0 to 8
[ 1426.989111][T21143] 9pnet: p9_errstr2errno: server reported unknown error 0x000
[ 1427.124587][T21147] batadv_slave_0: entered promiscuous mode
[ 1427.181802][T21145] batadv_slave_0: left promiscuous mode
[ 1427.263570][T21152] loop3: detected capacity change from 0 to 512
[ 1427.339372][T21152] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1427.394770][T21152] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1427.430283][T21152] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1427.576913][T21152] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4222: comm syz.3.4835: Allocating blocks 41-42 which overlap fs metadata
[ 1427.728267][T21152] loop3: lost filesystem error report for type 5 error -117
[ 1427.729775][    C0] EXT4-fs (loop3): error count since last fsck: 1
[ 1427.743830][    C0] EXT4-fs (loop3): initial error at time 1776187261: ext4_mb_mark_diskspace_used:4222
[ 1427.753845][    C0] EXT4-fs (loop3): last error at time 1776187261: ext4_mb_mark_diskspace_used:4222
[ 1427.782606][T21152] EXT4-fs (loop3): Remounting filesystem read-only
[ 1427.800037][T21152] Quota error (device loop3): write_blk: dquota write failed
[ 1427.810831][T21152] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5
[ 1427.840566][T21152] Quota error (device loop3): write_blk: dquota write failed
[ 1427.848678][T21152] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1427.945193][T21152] EXT4-fs (loop3): 1 truncate cleaned up
[ 1427.971504][T21152] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1428.543153][T20457] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1429.954185][T21189] loop5: detected capacity change from 0 to 1024
[ 1430.202387][T21189] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1431.272613][T14548] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1431.325391][T21216] loop4: detected capacity change from 0 to 1
[ 1431.410725][T15218] Buffer I/O error on dev loop4, logical block 0, async page read
[ 1431.456552][T15218] Buffer I/O error on dev loop4, logical block 0, async page read
[ 1431.502587][T15218] Buffer I/O error on dev loop4, logical block 0, async page read
[ 1431.562526][T15218] Buffer I/O error on dev loop4, logical block 0, async page read
[ 1431.596713][T15218] Buffer I/O error on dev loop4, logical block 0, async page read
[ 1431.690322][T15218] Buffer I/O error on dev loop4, logical block 0, async page read
[ 1431.732686][T15218] Buffer I/O error on dev loop4, logical block 0, async page read
[ 1431.790661][T15218] Buffer I/O error on dev loop4, logical block 0, async page read
[ 1431.832499][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1431.854420][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1431.920848][T15218] Buffer I/O error on dev loop4, logical block 0, async page read
[ 1431.999830][T15218] Buffer I/O error on dev loop4, logical block 0, async page read
[ 1433.281288][T21238] loop5: detected capacity change from 0 to 1024
[ 1433.369105][T21238] EXT4-fs: Ignoring removed orlov option
[ 1433.629567][T21238] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1434.114349][   T12] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1434.535419][T14548] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1434.976068][T21263] af_packet: tpacket_rcv: packet too big, clamped from 3698 to 4294967272. macoff=96
[ 1436.127423][T18935] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1439.260196][T13472] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1439.415596][T21325] loop5: detected capacity change from 0 to 256
[ 1439.490360][T13472] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1439.545252][T13472] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1439.600121][T13472] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1439.659950][T13472] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1439.669248][T13472] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1439.753998][T13472] usb 4-1: config 0 descriptor??
[ 1439.995846][T21325] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x23633d53, utbl_chksum : 0xe619d30d)
[ 1440.331814][T13472] plantronics 0003:047F:FFFF.0028: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1442.384228][ T5825] usb 4-1: USB disconnect, device number 9
[ 1443.052539][T21367] loop5: detected capacity change from 0 to 512
[ 1443.190272][ T5827] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1443.399950][ T5827] usb 4-1: Using ep0 maxpacket: 32
[ 1443.418477][ T5827] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1443.431602][ T5827] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1443.467053][T21367] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1443.481064][ T5827] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1443.491538][ T5827] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[ 1443.501895][T21367] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1443.512951][ T5827] usb 4-1: Product: syz
[ 1443.517293][ T5827] usb 4-1: Manufacturer: syz
[ 1443.537784][ T5827] hub 4-1:4.0: USB hub found
[ 1443.820513][ T5827] hub 4-1:4.0: config failed, hub has too many ports! (err -19)
[ 1444.210708][ T5827] usb 4-1: USB disconnect, device number 10
[ 1444.469583][T14548] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1446.721333][T21420] netlink: 56 bytes leftover after parsing attributes in process `syz.7.4919'.
[ 1451.567740][T21487] loop3: detected capacity change from 0 to 4096
[ 1452.301755][T21496] [U] 
[ 1452.601666][T21487] ntfs3(loop3): ino=21, "file1" failed to extend initialized size to 8000.
[ 1452.851633][T21516] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4949'.
[ 1454.962181][T21539] Bluetooth: hci0: Opcode 0x080f failed: -112
[ 1456.310049][ T5825] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1456.748095][T21560] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1456.821977][T21560] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1456.918484][ T5825] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1456.926784][T18935] Bluetooth: hci0: command 0x080f tx timeout
[ 1456.942152][ T5070] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1456.952105][ T5825] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1457.000077][ T5825] usb 3-1: can't read configurations, error -71
[ 1459.000386][ T5070] Bluetooth: hci0: command 0x080f tx timeout
[ 1459.231586][T21601] loop7: detected capacity change from 0 to 512
[ 1459.531696][T21601] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1459.620846][T21601] ext4 filesystem being mounted at /98/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1459.920559][T21611] loop5: detected capacity change from 0 to 512
[ 1460.116224][T21611] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1460.185345][T19483] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1460.255946][T21611] EXT4-fs error (device loop5): ext4_orphan_get:1397: inode #15: comm syz.5.4978: iget: bad i_size value: 38620345925642
[ 1460.452437][T21611] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1460.459814][    C1] EXT4-fs (loop5): error count since last fsck: 1
[ 1460.475979][    C1] EXT4-fs (loop5): initial error at time 1776187294: ext4_orphan_get:1397: inode 15
[ 1460.485755][    C1] EXT4-fs (loop5): last error at time 1776187294: ext4_orphan_get:1397: inode 15
[ 1460.542077][T21611] EXT4-fs error (device loop5): ext4_orphan_get:1402: comm syz.5.4978: couldn't read orphan inode 15 (err -117)
[ 1460.631731][T21611] loop5: lost filesystem error report for type 5 error -117
[ 1460.639259][T21611] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1460.933339][T21626] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4982'.
[ 1460.974539][T21626] veth1_to_team: entered promiscuous mode
[ 1461.004013][T21629] loop3: detected capacity change from 0 to 256
[ 1461.085879][T21628] syzkaller1: entered promiscuous mode
[ 1461.117039][T21628] syzkaller1: entered allmulticast mode
[ 1461.168169][    C0] =====================================================
[ 1461.175565][    C0] BUG: KMSAN: uninit-value in bpf_prog_run_generic_xdp+0x11c2/0x20d0
[ 1461.184165][    C0]  bpf_prog_run_generic_xdp+0x11c2/0x20d0
[ 1461.190176][    C0]  do_xdp_generic+0xe07/0x17f0
[ 1461.195114][    C0]  __netif_receive_skb_core+0x1a46/0x4dc0
[ 1461.201116][    C0]  process_backlog+0x514/0x1500
[ 1461.206133][    C0]  __napi_poll+0xdc/0x950
[ 1461.210885][    C0]  net_rx_action+0xa5b/0x1c70
[ 1461.215926][    C0]  handle_softirqs+0x171/0x7e0
[ 1461.221137][    C0]  __do_softirq+0x14/0x1b
[ 1461.225766][    C0]  do_softirq+0x58/0x90
[ 1461.230203][    C0]  __local_bh_enable_ip+0xa1/0xb0
[ 1461.235426][    C0]  tun_rx_batched+0x887/0x980
[ 1461.240345][    C0]  tun_get_user+0x6002/0x7830
[ 1461.245235][    C0]  tun_chr_write_iter+0x3e9/0x5c0
[ 1461.250529][    C0]  vfs_write+0xbe1/0x15c0
[ 1461.255041][    C0]  ksys_write+0x1d9/0x470
[ 1461.259696][    C0]  __ia32_sys_write+0x9a/0xf0
[ 1461.264568][    C0]  ia32_sys_call+0x37a7/0x4360
[ 1461.269493][    C0]  __do_fast_syscall_32+0x17f/0x420
[ 1461.275043][    C0]  do_fast_syscall_32+0x37/0x80
[ 1461.280164][    C0]  do_SYSENTER_32+0x1f/0x30
[ 1461.284851][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1461.291454][    C0] 
[ 1461.293860][    C0] Uninit was created at:
[ 1461.298377][    C0]  __kmalloc_node_track_caller_noprof+0x4f6/0x1750
[ 1461.305139][    C0]  pskb_expand_head+0x3d1/0x1e00
[ 1461.310327][    C0]  do_xdp_generic+0xb30/0x17f0
[ 1461.315247][    C0]  __netif_receive_skb_core+0x1a46/0x4dc0
[ 1461.321225][    C0]  process_backlog+0x514/0x1500
[ 1461.326333][    C0]  __napi_poll+0xdc/0x950
[ 1461.330951][    C0]  net_rx_action+0xa5b/0x1c70
[ 1461.335972][    C0]  handle_softirqs+0x171/0x7e0
[ 1461.341002][    C0]  __do_softirq+0x14/0x1b
[ 1461.345569][    C0] 
[ 1461.348008][    C0] CPU: 0 UID: 0 PID: 21631 Comm: syz.2.4983 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1461.359335][    C0] Tainted: [L]=SOFTLOCKUP
[ 1461.363869][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1461.374142][    C0] =====================================================
[ 1461.381236][    C0] Disabling lock debugging due to kernel taint
[ 1461.387490][    C0] Kernel panic - not syncing: kmsan.panic set ...
[ 1461.394043][    C0] CPU: 0 UID: 0 PID: 21631 Comm: syz.2.4983 Tainted: G    B        L      syzkaller #0 PREEMPT(full) 
[ 1461.405173][    C0] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP
[ 1461.410948][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1461.421150][    C0] Call Trace:
[ 1461.424549][    C0]  <IRQ>
[ 1461.427487][    C0]  __dump_stack+0x26/0x30
[ 1461.432028][    C0]  dump_stack_lvl+0x50/0x1c0
[ 1461.436881][    C0]  ? dump_stack+0x12/0x25
[ 1461.441402][    C0]  dump_stack+0x1e/0x25
[ 1461.445731][    C0]  vpanic+0x7b4/0x1430
[ 1461.450007][    C0]  panic+0x15d/0x160
[ 1461.454130][    C0]  kmsan_report+0x31a/0x320
[ 1461.458794][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1461.464800][    C0]  ? __msan_warning+0x1b/0x30
[ 1461.469689][    C0]  ? bpf_prog_run_generic_xdp+0x11c2/0x20d0
[ 1461.475842][    C0]  ? do_xdp_generic+0xe07/0x17f0
[ 1461.481021][    C0]  ? __netif_receive_skb_core+0x1a46/0x4dc0
[ 1461.487175][    C0]  ? process_backlog+0x514/0x1500
[ 1461.492463][    C0]  ? __napi_poll+0xdc/0x950
[ 1461.497136][    C0]  ? net_rx_action+0xa5b/0x1c70
[ 1461.502159][    C0]  ? handle_softirqs+0x171/0x7e0
[ 1461.507258][    C0]  ? __do_softirq+0x14/0x1b
[ 1461.511889][    C0]  ? do_softirq+0x58/0x90
[ 1461.516398][    C0]  ? __local_bh_enable_ip+0xa1/0xb0
[ 1461.521765][    C0]  ? tun_rx_batched+0x887/0x980
[ 1461.526755][    C0]  ? tun_get_user+0x6002/0x7830
[ 1461.531781][    C0]  ? tun_chr_write_iter+0x3e9/0x5c0
[ 1461.537239][    C0]  ? vfs_write+0xbe1/0x15c0
[ 1461.541912][    C0]  ? ksys_write+0x1d9/0x470
[ 1461.546686][    C0]  ? __ia32_sys_write+0x9a/0xf0
[ 1461.551730][    C0]  ? ia32_sys_call+0x37a7/0x4360
[ 1461.556803][    C0]  ? __do_fast_syscall_32+0x17f/0x420
[ 1461.562333][    C0]  ? do_fast_syscall_32+0x37/0x80
[ 1461.567500][    C0]  ? do_SYSENTER_32+0x1f/0x30
[ 1461.572412][    C0]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1461.579082][    C0]  ? kmsan_get_metadata+0xf1/0x160
[ 1461.584318][    C0]  ? kmsan_get_metadata+0xf1/0x160
[ 1461.589593][    C0]  ? __bpf_prog_run32+0xc2/0xf0
[ 1461.594703][    C0]  ? kmsan_get_metadata+0xf1/0x160
[ 1461.599976][    C0]  __msan_warning+0x1b/0x30
[ 1461.604667][    C0]  bpf_prog_run_generic_xdp+0x11c2/0x20d0
[ 1461.610991][    C0]  ? pskb_expand_head+0x1b8f/0x1e00
[ 1461.616404][    C0]  do_xdp_generic+0xe07/0x17f0
[ 1461.621301][    C0]  ? qdisc_bstats_update+0x1d1/0x250
[ 1461.626810][    C0]  ? filter_irq_stacks+0x49/0x190
[ 1461.632134][    C0]  __netif_receive_skb_core+0x1a46/0x4dc0
[ 1461.638001][    C0]  ? kmsan_get_metadata+0xf1/0x160
[ 1461.643247][    C0]  ? kmsan_get_metadata+0xf1/0x160
[ 1461.648496][    C0]  ? __napi_poll+0xdc/0x950
[ 1461.653160][    C0]  ? __msan_warning+0x1b/0x30
[ 1461.658026][    C0]  ? stack_depot_save_flags+0x35/0x790
[ 1461.663713][    C0]  process_backlog+0x514/0x1500
[ 1461.668720][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1461.674776][    C0]  ? filter_irq_stacks+0x49/0x190
[ 1461.680156][    C0]  ? __pfx_process_backlog+0x10/0x10
[ 1461.685586][    C0]  __napi_poll+0xdc/0x950
[ 1461.690058][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1461.696008][    C0]  net_rx_action+0xa5b/0x1c70
[ 1461.700836][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1461.706776][    C0]  ? sched_clock_cpu+0x59/0xa70
[ 1461.711797][    C0]  ? __run_timer_base+0x91/0xdf0
[ 1461.716951][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 1461.722216][    C0]  handle_softirqs+0x171/0x7e0
[ 1461.727169][    C0]  __do_softirq+0x14/0x1b
[ 1461.731622][    C0]  do_softirq+0x58/0x90
[ 1461.735917][    C0]  </IRQ>
[ 1461.738964][    C0]  <TASK>
[ 1461.742164][    C0]  __local_bh_enable_ip+0xa1/0xb0
[ 1461.747381][    C0]  ? tun_rx_batched+0x167/0x980
[ 1461.752370][    C0]  tun_rx_batched+0x887/0x980
[ 1461.757262][    C0]  ? kmsan_get_metadata+0xf1/0x160
[ 1461.762601][    C0]  ? kmsan_get_metadata+0xf1/0x160
[ 1461.767861][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1461.773809][    C0]  tun_get_user+0x6002/0x7830
[ 1461.778691][    C0]  ? stack_depot_save_flags+0x35/0x790
[ 1461.784364][    C0]  ? kmsan_get_metadata+0xf1/0x160
[ 1461.789626][    C0]  ? kmsan_get_metadata+0xf1/0x160
[ 1461.794906][    C0]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[ 1461.801555][    C0]  ? kmsan_get_metadata+0x20/0x160
[ 1461.807025][    C0]  tun_chr_write_iter+0x3e9/0x5c0
[ 1461.812291][    C0]  vfs_write+0xbe1/0x15c0
[ 1461.817090][    C0]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1461.822861][    C0]  ksys_write+0x1d9/0x470
[ 1461.827402][    C0]  __ia32_sys_write+0x9a/0xf0
[ 1461.832248][    C0]  ia32_sys_call+0x37a7/0x4360
[ 1461.837131][    C0]  __do_fast_syscall_32+0x17f/0x420
[ 1461.842490][    C0]  do_fast_syscall_32+0x37/0x80
[ 1461.847486][    C0]  do_SYSENTER_32+0x1f/0x30
[ 1461.852130][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1461.858647][    C0] RIP: 0023:0xf7f62f6c
[ 1461.862821][    C0] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1461.882834][    C0] RSP: 002b:00000000f540550c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[ 1461.891389][    C0] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001440
[ 1461.899459][    C0] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[ 1461.907525][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1461.915611][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1461.923867][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1461.931988][    C0]  </TASK>
[ 1461.935606][    C0] Kernel Offset: disabled
[ 1461.940020][    C0] Rebooting in 86400 seconds..