last executing test programs:

1m32.51396376s ago: executing program 2 (id=789):
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0)
r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r3, 0x4004743a, &(0x7f0000000300))
write(r0, &(0x7f0000000380)="3ace", 0x2)

1m32.228055977s ago: executing program 2 (id=792):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2, 0x4}}}]}, 0x38}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb00"/38, 0x26}, {&(0x7f0000000440)="f058fe7dad777f8f6104bd3cb38043ec4e01391f5ce0a6ffa055a8509f0453d8a13534b12696d34378779d0d81259905b1d925811e1175bbe65f36cc23c9bc0f590b6bcb4948d8868d4eba9e4c8cbae983110d0b95da84def342574ac4767ccd4f269b7e00b21afb1c0655121ecfc1d7c943b99a1ea3ece27533c4971e57023da9f5c9e2529cfc1feaa4e3209db93f7b042579f4ba28c20b110e98527ab28326880b974e6bb2fa201093f597b34d38b7fa9626186cf691db6ecc4cb4b6f12e", 0xbf}, {&(0x7f0000000000)="1caed873c7abcee769c6f148cf3b38b2c83d789b06ae74", 0x17}, {&(0x7f00000022c0)="d7e59c50df6ae46aa4231d29ee6a72227014e57eae5dac54bf8ef3f61a55ccd657554272dce0ea7b95d1c3565f76839435acfe757235adc00ff20f556128328a82477c8bfd2d19c6aa05fdae812f07d81c2e65837a15bb269fd15328a392bbd563f4d0112e18dadff0d6d178c50a265685ab79762e6640eab0ed1907b7ad8411bc5cf3e73de0f0944d0aed614cf69f0cf616089ffbf86d90cfd5168efa1accc8fc1a253036864f89b921638c61609735eb6d704f7b65de64ec32915fe98a496ce1aef8edbc4620cea313e110019c8c5949061770674a45f99f0c8444ef63134994f9566a483e9a63056e03048a7773410d4665a0cb49991c19a7a2bbcf671da7ecc37103cedbd117", 0x108}], 0x4}, 0x5)

1m31.914897215s ago: executing program 2 (id=794):
clock_adjtime(0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
pipe(0x0)
r4 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
write$binfmt_format(r4, &(0x7f0000000100)='-1\x00', 0x2)
close(r4)
socket$inet6(0xa, 0x3, 0x3a)
openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2210886, &(0x7f00000001c0)={[{}, {@dioread_nolock}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r6 = openat$cgroup_ro(r5, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r6, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})

1m30.845892717s ago: executing program 2 (id=798):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x208810, &(0x7f0000000100), 0xff, 0x4c4, &(0x7f00000001c0)="$eJzs3MtrXFUYAPDvTh59N7HWamtro1UsPpImrdqFCxUFQQVBFxXcxCSttWkrTQRbgqYidSkF9+JS8C9w50bUhQhuFVxKoWgQmnY1cl9tMp1MHk0yaeb3g8mcc5/nu+eemTP35N4AWlZP+ieJ2BoRf0REV56dvUBP/jY9NTF0fWpiKIlq9a1/kmy5a1MTQ+Wi5XpbiszBSkTl8yReSGp2uiFi7PyFU4OjoyPnikl946c/7Bs7f+Hpk6cHT4ycGDkzcPTokcP9zz078MyyxJnGdW3PJ2f37n71nctvDB27/N7P36XF2rUvnz8zjnldrw2ovp70qP1bzdTOe2wRZb8bbJuRTtqbWBAWpS0i0urqyNp/V7TFrcrrilc+a2rhgBWVfjdtmHv2ZBVYx5KoO/m1VS8IsMrKL/r092/5WqWux5pw9cWIziI9PTUxNH0z/vaoFNM7VnD/PRFxbPLG1+krFnsdAgBgCbK+zVP1+n+V2JW952Md24sxlO6IuCcidkTEvRGxMyLui8iWvT8644F85WrXAvffU5O/vf9TuVK3zMsk7f89P6PvNz0j/uKtu63Ibcvi70iOnxwdOVQck4PRsSHN9zfYxw8v//7lXPNm9v/SV7r/si9YFOBKe80FuuHB8cHlOghXL0bsaa8Xf3JzJCA9A3ZHxJ7FbXp7mTj5xLd751po/vgbWIZxpuo3EY/n9T8ZNfGXksbjk30bY3TkUF95Vtzul98uvVkkO2vn3VH8yyCt/82zz/9izsXiveu/NP6x8xc6YnR05NxYOm3zovZx6c8v5vxNs9TzvzN5Oxuz/vX9fNrHg+Pj5/ojOpPXs3x5oLPpA7fWLfPl8mn8Bw/Ub/87inXS+B+MiPQk3hcRD0XE/qLsD0fEIxFxoEH8P7306AcN4k8iiabW/3Ddz78kYmOW6C7qPx+vX0Ki7dSP3881Yr6w+j8Sk9lnbS77/JtH43K1Rznlzo8gAAAArH2ViNgaSaU3T/dsjUqltzf/H/6dcaNarY6NP3n87EdnhvN7BLqjo1Je6eqacT20P5kstpjnB4prxeX8w8V146/aNmX53qGzo8NNjh1a3ZbZ7T/K9p/6u63ZpQNWnPu1oHXVtv9Kk8oBrL6FfP/7LQDrU532v6kZ5QBWn9//0Lrqtf9Pa/L6/7A+3d7+/6rzyDpgPdL/h9al/UPr0v6hJS30Lv7yeQpLfgjArER5s8DSt7Nxnjv813KiZ0W2XNbQsm55/3S+0WLKprg1KyoNVq8sal+TC1743c5Z5Zl9iq6Jyl2hRNpilrJ6bJ/vWRhzJeo8rAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAu9H8AAAD//0N93Y4=")
syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15)

1m28.585739729s ago: executing program 2 (id=804):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2, 0x4}}}]}, 0x38}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb00"/38, 0x26}, {&(0x7f0000000440)="f058fe7dad777f8f6104bd3cb38043ec4e01391f5ce0a6ffa055a8509f0453d8a13534b12696d34378779d0d81259905b1d925811e1175bbe65f36cc23c9bc0f590b6bcb4948d8868d4eba9e4c8cbae983110d0b95da84def342574ac4767ccd4f269b7e00b21afb1c0655121ecfc1d7c943b99a1ea3ece27533c4971e57023da9f5c9e2529cfc1feaa4e3209db93f7b042579f4ba28c20b110e98527ab28326880b974e6bb2fa201093f597b34d38b7fa9626186cf691db6ecc4cb4b6f12e", 0xbf}, {&(0x7f0000000000)="1caed873c7abcee769c6f148cf3b38b2c83d789b06ae74", 0x17}, {&(0x7f00000022c0)="d7e59c50df6ae46aa4231d29ee6a72227014e57eae5dac54bf8ef3f61a55ccd657554272dce0ea7b95d1c3565f76839435acfe757235adc00ff20f556128328a82477c8bfd2d19c6aa05fdae812f07d81c2e65837a15bb269fd15328a392bbd563f4d0112e18dadff0d6d178c50a265685ab79762e6640eab0ed1907b7ad8411bc5cf3e73de0f0944d0aed614cf69f0cf616089ffbf86d90cfd5168efa1accc8fc1a253036864f89b921638c61609735eb6d704f7b65de64ec32915fe98a496ce1aef8edbc4620cea313e110019c8c5949061770674a45f99f0c8444ef63134994f9566a483e9a63056e03048a7773410d4665a0cb49991c19a7a2bbcf671da7ecc37103cedbd117", 0x108}], 0x4}, 0x5)

1m27.55730411s ago: executing program 2 (id=808):
clock_adjtime(0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
pipe(0x0)
r4 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
write$binfmt_format(r4, &(0x7f0000000100)='-1\x00', 0x2)
close(r4)
socket$inet6(0xa, 0x3, 0x3a)
openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2210886, &(0x7f00000001c0)={[{}, {@dioread_nolock}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r6 = openat$cgroup_ro(r5, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r6, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})

1m27.149945463s ago: executing program 32 (id=808):
clock_adjtime(0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
pipe(0x0)
r4 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
write$binfmt_format(r4, &(0x7f0000000100)='-1\x00', 0x2)
close(r4)
socket$inet6(0xa, 0x3, 0x3a)
openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2210886, &(0x7f00000001c0)={[{}, {@dioread_nolock}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r6 = openat$cgroup_ro(r5, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r6, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})

11.866032498s ago: executing program 3 (id=1140):
r0 = socket(0x2b, 0x1, 0x1)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)={0x0, 0x2, 0x2, 0x1, 0x0, [@mcast2]}, 0x18)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
ioctl$PPPIOCGMRU(r0, 0x541b, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

9.432138219s ago: executing program 0 (id=1149):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x30, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x30}}, 0x2)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd71, 0xffffffffffffffff}, 0x78)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040302"], 0x4)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

9.141883026s ago: executing program 0 (id=1150):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10414b2, &(0x7f00000012c0), 0xfe, 0x24e, &(0x7f0000000800)="$eJzs3T9oJHUYBuB3Znc9c7fIqY0g/gER0UA4O8HmbBQO5DhEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpImCKIIVlFTxEbQYGGw0GJldxKJmzVRN+4cmeeBycxkfjPfDDvvt9vMboDGupjkcpJWkukknSTF4QF3V9PF/dXVqc3ZpNd74udiMK5arxzsdyHJSpKHkmyURV5qJ0vrz+z8uvXYfW8udu59f/3pqYle5L7dne3H9967+sZHVx5c+vLrH68WuZzuX67r9BUj/tcuklv+j2LXiaJd9xnwT1x77cNv+rm/Nck9g/x3UqZ68d5auGGjkwfe/bt93/7pq9snea7A6ev1Ov33wJXesaqRwNlSJummKGeSVMtlOTNTfYb/tnW+fHl+4dXpF+cX514Yaht1NSxgbN1k+9FPzn18YSj/P7Sq/ANnVz//T15b+66/vNeq+2yAibijmvXzP/3c8v2Rf2gc+Ydm+fzQsvxDc8k/NJf8Q3PJPzSX/MMZ1jl+s/xDc8k/NJf8Q3Mdzj8A0Cy9c3U/gQzUpe7+AwAAAAAAAAAAAAAAAAAAHLU6tTl7ME2q5mfvJLuPJGmPqt8a/B5xcuPg7/lfiv6wPxXVbmN59q4xDzCmD2p++vqm7+ut/8Wd9dZfnktWXk9yqd0+ev8V+/fff3fzCds7z49Z4F8qhtYffmqy9Yf9vlZv/Stbyaf9/nNpVP8pc9tgPrr/dE/+iuUTvfLbmAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgYv4IAAD//2ZfbBo=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010000000000e40004000000c17d38add725ab098300000000100000000000003ebef06daab787b2b91f17f2619ce35129c2369e03571f47e0ee36c52408491b901ce47eca63fc2f17ade69cd475249afc3a00000000000000008c5afaea8e07b31891acaed54e41bee035c4e13e53f3335fa71fd7042da5ac4aa55e6d7c40254634e1bb9f648afe543dd02f600b2d62067e53327b9bef82ac6b97957863371ef054caff093cb55a29e3e1bd3d6ca014764f58b714854c4491000775385d0149a058941c"], 0x24, 0x0)
syz_open_pts(0xffffffffffffffff, 0x80)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0xfffffcef)
sendmmsg$inet6(r1, &(0x7f0000003cc0), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000016c0)={0x18, 0x18, 0xa01, 0x70bd2b, 0xfffffffc, {0x4}, [@nested={0x4, 0x18}]}, 0x18}, 0x1, 0x0, 0x0, 0x8040}, 0x54)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='uni_xlate=1,iocharset=iso8859-5,shortname=winnt,nonumtail=0,uni_xlate=1,utf8=0,iocharset=maccroatian,iocharset=macgaelic,allow_utime=00000000000000000000527,nfs,nonumtail=0,iocharset=cp865,uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c636f6465706167653d3835352c004c87a56b54e381762bf87fb98d86d772421a964d437fff01c5e125acb191c125f8030000000000009dba05feee081e91fc61a0fef5511251"], 0x1, 0x238, &(0x7f0000000740)="$eJzs3c9qE10YB+B3krRf+rlIFq5EcEAXrkrbK2iRCmJXShbqQottQZJQsBBoFWNXXoGX5cY78AKE7nRRGJlM0rSQaov5U+rzbHJgzm/Oe5ITspo3r263m1u7ezuH779FtZpEaTVWk6OIepRi4GMAANfJzyyLo6xwuWSlNKmaAIDJuuDv/8IUSwIAJuzps+eP1zY21p+kaTWi/anTSKJ4La6v7cSbaMV2LEUtjiOyE8X44aON9aikuXrca3c7jTzZfvmlf/+17xG9/HLUoj46v5wWTuW7ncZc/N9ffzXPr0Qtbo7Or4zIR2M+7t89Vf9i1OLr69iNVmxFnh3mPyyn6YPs8493L/KK83zS7TT+680byspT/3AAAAAAAAAAAAAAAAAAAAAAALi2FtM0Tfsddbpn+u+Uj3vXF9OB+tn+PEX+vP5A3VP9dZbyJZJi/jBfiVuVqMxy7wAAAAAAAAAAAAAAAAAAAHBV7O0fNDdbre23Yx0MHusf/53/dhDlfmmtJOIK1NMbLOT1TGetOzHhtaK0f9AcnK7mZhJ/SFUndEiyEcevfG5qfkyrz98Y7y6SiJg7eTN/N7kac2P+pgAAAAAAAAAAAAAAAAAAAFM2fOh3xMXDGRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADMw/P//Swy6/fAFUzPeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+AXwEAAP//QBx8JQ==")
msgctl$IPC_INFO(0x0, 0x3, &(0x7f00000003c0)=""/162)
semget$private(0x0, 0x4, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000001780)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r3, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x1000, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)

8.803781096s ago: executing program 0 (id=1152):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2, 0x4}}}]}, 0x38}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee", 0x13}, {&(0x7f0000000440)="f058fe7dad777f8f6104bd3cb38043ec4e01391f5ce0a6ffa055a8509f0453d8a13534b12696d34378779d0d81259905b1d925811e1175bbe65f36cc23c9bc0f590b6bcb4948d8868d4eba9e4c8cbae983110d0b95da84def342574ac4767ccd4f269b7e00b21afb1c0655121ecfc1d7c943b99a1ea3ece27533c4971e57023da9f5c9e2529cfc1feaa4e3209db93f7b042579f4ba28c20b110e98527ab28326880b974e6bb2fa201093f597b34d38b7fa9626186cf691db6ecc4cb4b6f12e3f0b02d70a1be427710ade6ef32de8dabf826858a70c9d5c00e4de", 0xda}, {&(0x7f0000000000)="1caed873c7abcee769c6f148cf3b38b2c83d789b06ae74", 0x17}, {&(0x7f00000022c0)="d7e59c50df6ae46aa4231d29ee6a72227014e57eae5dac54bf8ef3f61a55ccd657554272dce0ea7b95d1c3565f76839435acfe757235adc00ff20f556128328a82477c8bfd2d19c6aa05fdae812f07d81c2e65837a15bb269fd15328a392bbd563f4d0112e18dadff0d6d178c50a265685ab79762e6640eab0ed1907b7ad8411bc5cf3e73de0f0944d0aed614cf69f0cf616089ffbf86d90cfd5168efa1accc8fc1a253036864f89b921638c61609735eb6d704f7b65de64ec32915fe98a496ce1aef8edbc4620cea313e110019c8c5949061770674a45f99f0c8444ef63134994f9566a483e9a63056e03048a7773410d4665a0cb49991c19a7a2bbcf671da7ecc37103cedbd117", 0x108}], 0x4}, 0x5)

8.3819701s ago: executing program 3 (id=1154):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f00000000c0)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x28040041, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="1f", 0x1}], 0x1}, 0x8c0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
pwritev2(r1, 0x0, 0x0, 0x5415, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ustat(0x801, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
recvmmsg(r0, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0)

8.372877121s ago: executing program 0 (id=1155):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = socket(0x10, 0x80002, 0x2)
bind$netlink(r3, &(0x7f0000177ff4)={0x10, 0x0, 0x25dfdbfc}, 0xc)
r4 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
writev(r5, &(0x7f0000000080), 0x0)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f0000000240)={0x2000, 0x1000000})
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
r6 = socket$inet6(0x10, 0x3, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001040)={0x4c, 0xd, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "1e1c"}]}, @NFTA_SET_ELEM_KEY_END={0xc, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "57b8"}]}]}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)
sendto$inet6(r6, &(0x7f0000000540)="900000001c001f4d154a817393278bff0a80a57802000000e503740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e00a2c5fed0759cb068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cef7cff81d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
sendto$inet6(r6, &(0x7f0000000180)="900000001d001f4d154a817393278bff0a80a578020000000404840014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000766436c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r2, 0x80047456, &(0x7f0000000040)={0x3, 0xb, 0xfffffffe, 0x7fffffff, 0x8, "23f555d9adb42d4408020e90d1beaa82dc1ecf", 0xffffffff})
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)

7.01532835s ago: executing program 3 (id=1161):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x37, 0x0, 0x0, 0x80000d6e, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xa01}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80000001b00010000000000fdfffffffc000000000000000000000000000000200100000000000000000000000000004e240000000000010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ffffffffffffff7ffcffffffffffffff04000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000006fcffff00000000000003000000000000000000000000000c0008"], 0xd8}}, 0x20008004)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'bond0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'gretap0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="400d0000000000003000128008000100687372002400028008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r1], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)

6.386004937s ago: executing program 1 (id=1163):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="7a0a00ff00000000711060000000000095"], 0x0}, 0x94)

6.385618317s ago: executing program 3 (id=1164):
r0 = shmget$private(0x0, 0x1000, 0x40, &(0x7f0000ffc000/0x1000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000100000000c00018008000100"], 0x20}}, 0x0)
shmctl$IPC_SET(r0, 0x1, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x240088c4)
shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/50)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x328, 0x2e8, 0x2e8, 0x328, 0x2e8, 0x3, 0x0, {[{{@ipv6={@local, @private1, [0xffffff00, 0xff000000], [0xff, 0x34da508f3e8fb0eb, 0xffffff00, 0xff], 'veth0_to_batadv\x00', 'veth1_to_team\x00', {0xff}, {0xff}, 0x89, 0x7, 0x7, 0x38}, 0x0, 0x190, 0x1c8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x100, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee0500000000000000ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06d7d4e252c3394fed47bf78c70f607b0178fa5ea3350ebc989f1f34a214e67442ce98bbaa8e0f7323a4ca0a7be6c60c527bac2b500", 0x1, 0x3}}, @common=@inet=@set2={{0x28}, {{0xfffe, 0x5, 0x4}}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x6, 0x7}, {0x3, 0x3, 0x6}, {0x1, 0x1, 0x2}, 0x3, 0x29b}}}, {{@ipv6={@remote, @loopback, [], [], 'macvtap0\x00', 'syzkaller1\x00', {}, {0xff}, 0x0, 0x0, 0x2}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00', {0xfffffffffffffffd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)

6.210997237s ago: executing program 1 (id=1166):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=@ipv4_newroute={0x1c, 0x18, 0x2, 0x70bd2d, 0x25dfdbfd, {0x2, 0x0, 0x80, 0x7, 0xfc, 0x2, 0xc8, 0xa, 0x900}}, 0x1c}, 0x1, 0x0, 0x0, 0x41}, 0x4040850)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r2, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000900)={0x2b4, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1, 0x78}}}}, [@NL80211_ATTR_TIMEOUT={0x8, 0x110, 0x5}, @NL80211_ATTR_PEER_MEASUREMENTS={0x28c, 0x111, 0x0, 0x1, {0x288, 0x5, 0x0, 0x1, [{0x284, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_CHAN={0x4c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9a8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98f}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1702}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x1e4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xf0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1c}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x16}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xb4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1c}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4dc}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}]}]}]}}]}, 0x2b4}, 0x1, 0x0, 0x0, 0x4000040}, 0x4080)

5.884916677s ago: executing program 1 (id=1167):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_int(r2, 0x1, 0x2a, &(0x7f0000000100)=0xfffe, 0x4)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000240)="3d4077e50823a7746c0ee30dd0afdfb5ff2a258d495dc9d2c2a25bc7dc0b11bde0d15d0770675db17901", 0x2a}, {&(0x7f0000000080)="b28231adddba8ed6f23bf98ca8caa015ab797f57", 0x14}], 0x2, 0x0)
recvmmsg(r2, &(0x7f0000001440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002002, 0x0)
write$binfmt_misc(r0, &(0x7f0000000040), 0xffc1)
setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000180)=0x55b7, 0x4)
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe0, 0x0)

5.627479131s ago: executing program 5 (id=1169):
socket$netlink(0x10, 0x3, 0x4)
syz_open_procfs(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = shmget(0x2, 0x1000, 0x1, &(0x7f0000935000/0x1000)=nil)
shmctl$IPC_INFO(r3, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x400452c8, &(0x7f0000000100))
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000002c0)={'erspan0\x00', 0x0})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0xd0}, [@ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x102}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)

5.370654326s ago: executing program 4 (id=1170):
socket$packet(0x11, 0x2, 0x300)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
keyctl$restrict_keyring(0x1d, 0x0, 0x0, &(0x7f0000000440)=']-\\+\x00')
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x8d, 0x1, &(0x7f0000000240)="184ce4529e71581ccb84ac4f33547bdce991149db263afbd188f8a30ff6d25b773488e07ffc6112ef1087a73b0a6af6e60a9442d048d821c396835f16a773f6693f29c311a690e0d000000000000adc349a678a4c888a646d72ca416e7c2c971671978dc9697fe3d53f02fe13e83a46c710490244f6b6a0eebd5c3790178d35ff8b72a1e18b4a4412756e860ad", &(0x7f0000000300)=""/1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x50)
r3 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
socket$packet(0x11, 0x3, 0x300)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000140)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=r6, @ANYBLOB="01980400000000001800128008000100736974000c00028008000300ac14"], 0x38}}, 0x0)

5.12825032s ago: executing program 3 (id=1171):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f00000000c0)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x28040041, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="1f", 0x1}], 0x1}, 0x8c0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
pwritev2(r1, 0x0, 0x0, 0x5415, 0x0, 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ustat(0x801, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
recvmmsg(r0, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0)

4.301167599s ago: executing program 4 (id=1172):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10414b2, &(0x7f00000012c0), 0xfe, 0x24e, &(0x7f0000000800)="$eJzs3T9oJHUYBuB3Znc9c7fIqY0g/gER0UA4O8HmbBQO5DhEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpImCKIIVlFTxEbQYGGw0GJldxKJmzVRN+4cmeeBycxkfjPfDDvvt9vMboDGupjkcpJWkukknSTF4QF3V9PF/dXVqc3ZpNd74udiMK5arxzsdyHJSpKHkmyURV5qJ0vrz+z8uvXYfW8udu59f/3pqYle5L7dne3H9967+sZHVx5c+vLrH68WuZzuX67r9BUj/tcuklv+j2LXiaJd9xnwT1x77cNv+rm/Nck9g/x3UqZ68d5auGGjkwfe/bt93/7pq9snea7A6ev1Ov33wJXesaqRwNlSJummKGeSVMtlOTNTfYb/tnW+fHl+4dXpF+cX514Yaht1NSxgbN1k+9FPzn18YSj/P7Sq/ANnVz//T15b+66/vNeq+2yAibijmvXzP/3c8v2Rf2gc+Ydm+fzQsvxDc8k/NJf8Q3PJPzSX/MMZ1jl+s/xDc8k/NJf8Q3Mdzj8A0Cy9c3U/gQzUpe7+AwAAAAAAAAAAAAAAAAAAHLU6tTl7ME2q5mfvJLuPJGmPqt8a/B5xcuPg7/lfiv6wPxXVbmN59q4xDzCmD2p++vqm7+ut/8Wd9dZfnktWXk9yqd0+ev8V+/fff3fzCds7z49Z4F8qhtYffmqy9Yf9vlZv/Stbyaf9/nNpVP8pc9tgPrr/dE/+iuUTvfLbmAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgYv4IAAD//2ZfbBo=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010000000000e40004000000c17d38add725ab098300000000100000000000003ebef06daab787b2b91f17f2619ce35129c2369e03571f47e0ee36c52408491b901ce47eca63fc2f17ade69cd475249afc3a00000000000000008c5afaea8e07b31891acaed54e41bee035c4e13e53f3335fa71fd7042da5ac4aa55e6d7c40254634e1bb9f648afe543dd02f600b2d62067e53327b9bef82ac6b97957863371ef054caff093cb55a29e3e1bd3d6ca014764f58b714854c4491000775385d0149a058941c"], 0x24, 0x0)
syz_open_pts(0xffffffffffffffff, 0x80)
r3 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0xfffffcef)
sendmmsg$inet6(r3, &(0x7f0000003cc0), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000016c0)={0x18, 0x18, 0xa01, 0x70bd2b, 0xfffffffc, {0x4}, [@nested={0x4, 0x18}]}, 0x18}, 0x1, 0x0, 0x0, 0x8040}, 0x54)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='uni_xlate=1,iocharset=iso8859-5,shortname=winnt,nonumtail=0,uni_xlate=1,utf8=0,iocharset=maccroatian,iocharset=macgaelic,allow_utime=00000000000000000000527,nfs,nonumtail=0,iocharset=cp865,uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c636f6465706167653d3835352c004c87a56b54e381762bf87fb98d86d772421a964d437fff01c5e125acb191c125f8030000000000009dba05feee081e91fc61a0fef5511251"], 0x1, 0x238, &(0x7f0000000740)="$eJzs3c9qE10YB+B3krRf+rlIFq5EcEAXrkrbK2iRCmJXShbqQottQZJQsBBoFWNXXoGX5cY78AKE7nRRGJlM0rSQaov5U+rzbHJgzm/Oe5ITspo3r263m1u7ezuH779FtZpEaTVWk6OIepRi4GMAANfJzyyLo6xwuWSlNKmaAIDJuuDv/8IUSwIAJuzps+eP1zY21p+kaTWi/anTSKJ4La6v7cSbaMV2LEUtjiOyE8X44aON9aikuXrca3c7jTzZfvmlf/+17xG9/HLUoj46v5wWTuW7ncZc/N9ffzXPr0Qtbo7Or4zIR2M+7t89Vf9i1OLr69iNVmxFnh3mPyyn6YPs8493L/KK83zS7TT+680byspT/3AAAAAAAAAAAAAAAAAAAAAAALi2FtM0Tfsddbpn+u+Uj3vXF9OB+tn+PEX+vP5A3VP9dZbyJZJi/jBfiVuVqMxy7wAAAAAAAAAAAAAAAAAAAHBV7O0fNDdbre23Yx0MHusf/53/dhDlfmmtJOIK1NMbLOT1TGetOzHhtaK0f9AcnK7mZhJ/SFUndEiyEcevfG5qfkyrz98Y7y6SiJg7eTN/N7kac2P+pgAAAAAAAAAAAAAAAAAAAFM2fOh3xMXDGRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADMw/P//Swy6/fAFUzPeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+AXwEAAP//QBx8JQ==")
msgctl$IPC_INFO(0x0, 0x3, &(0x7f00000003c0)=""/162)
semget$private(0x0, 0x4, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000001780)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r5, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x1000, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)

4.078105282s ago: executing program 1 (id=1173):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002e00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
syz_emit_ethernet(0x0, 0x0, 0x0)

3.922892981s ago: executing program 1 (id=1174):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000440)=ANY=[@ANYBLOB="120100021982302013042360e5ec0102030109021b0001000060020904840001ee48b10009058269"], 0x0)

3.544452283s ago: executing program 5 (id=1175):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/timer_list\x00', 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r0, &(0x7f00000000c0)=0x8b, 0x100000500)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r2, 0x1)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0xf, @loopback, 0x5}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0xfffffff1, @empty, 0x2}, 0x1c)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x80000b, @empty, 0x3}, 0x1c)

3.41808692s ago: executing program 5 (id=1176):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="7a0a00ff00000000711060000000000095"], 0x0}, 0x94)

3.375077433s ago: executing program 4 (id=1177):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x8f, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109027d0002010080000904000001020d0000052406000105240000000d240f0103050000fd0000000406241aff072908241c0101090000142413099f33760bf14377323063f9c8a04d113905241510000905810300020800040904010000020d00000904010102"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000000)={0xfffffffffffffee0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x20, 0x80, 0x1c, {0xff, 0x2070, 0x1000, 0x9, 0x4, 0x8000, 0xfffd, 0xec, 0x3906, 0xfffc, 0x3, 0xfb}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000900)={0x14, 0x0, &(0x7f00000008c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

3.25323717s ago: executing program 5 (id=1178):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
fcntl$lock(0xffffffffffffffff, 0x26, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000080)="29000300010003", 0x7)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

3.192114654s ago: executing program 0 (id=1179):
clock_adjtime(0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000200)=0x1000000000005)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, 0x0, 0x0)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
pipe(0x0)
r4 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
write$binfmt_format(r4, &(0x7f0000000100)='-1\x00', 0x2)
close(r4)
socket$inet6(0xa, 0x3, 0x3a)
openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2210886, &(0x7f00000001c0)={[{}, {@dioread_nolock}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r6 = openat$cgroup_ro(r5, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r6, 0x0)

1.833452613s ago: executing program 4 (id=1180):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d52101b080d29428f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae11a973735b36d5b1b63e91c00305d9be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c580263093ca9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6fa94fc488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c766000a5e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1386abdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060fb30e900caab415db6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3c901cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ffffff7f000000007f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca405d8c5f64fdb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb40800000077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e5e2c664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53dc10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fa6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf475bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c02b5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbb25c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d060000008926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000340)={&(0x7f0000000240)=[0x0], &(0x7f0000000380)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280), 0x1, 0x1, 0x7})
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001ac0)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, "ff9f020bbe82b398b1c4369d03740250ceaac594b1b3d741dd17c1ac0d38ef2a565ef1e8336300", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffe]}})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @dstopts_2292={{0xf8, 0x29, 0x4, {0x4, 0x1b, '\x00', [@calipso={0x7, 0x8, {0x1, 0x0, 0x9, 0x9f}}, @generic={0xfe, 0x70, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc1cf3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b08"}, @generic={0x80, 0x14, "09e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad"}, @calipso={0x7, 0x30, {0x1, 0xa, 0x7a, 0x8001, [0x5, 0x9, 0x4, 0x400, 0xb]}}, @ra={0x5, 0x2, 0xa7e}, @pad1, @ra={0x5, 0x2, 0xbf4}, @generic={0x93, 0x8, "e80ee304ecb784ec"}]}}}, @hoplimit={{0x14}}, @hopopts={{0xa8, 0x29, 0x36, {0x5e, 0x11, '\x00', [@generic={0xff, 0x41, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70"}, @pad1, @pad1, @calipso={0x7, 0x28, {0x3, 0x8, 0x0, 0xfff, [0x2, 0x4, 0x966, 0xfffffffffffffff7]}}, @calipso={0x7, 0x8, {0x0, 0x0, 0x7, 0x6}}, @generic={0x8}, @calipso={0x7, 0x8, {0x3, 0x0, 0x3}}]}}}, @rthdr={{0x18}}], 0x1e8}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{0x0}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.832943453s ago: executing program 5 (id=1181):
r0 = shmget$private(0x0, 0x1000, 0x40, &(0x7f0000ffc000/0x1000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000100000000c00018008000100"], 0x20}}, 0x0)
shmctl$IPC_SET(r0, 0x1, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x240088c4)
shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000000)=""/50)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x328, 0x2e8, 0x2e8, 0x328, 0x2e8, 0x3, 0x0, {[{{@ipv6={@local, @private1, [0xffffff00, 0xff000000], [0xff, 0x34da508f3e8fb0eb, 0xffffff00, 0xff], 'veth0_to_batadv\x00', 'veth1_to_team\x00', {0xff}, {0xff}, 0x89, 0x7, 0x7, 0x38}, 0x0, 0x190, 0x1c8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x100, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee0500000000000000ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06d7d4e252c3394fed47bf78c70f607b0178fa5ea3350ebc989f1f34a214e67442ce98bbaa8e0f7323a4ca0a7be6c60c527bac2b500", 0x1, 0x3}}, @common=@inet=@set2={{0x28}, {{0xfffe, 0x5, 0x4}}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x6, 0x7}, {0x3, 0x3, 0x6}, {0x1, 0x1, 0x2}, 0x3, 0x29b}}}, {{@ipv6={@remote, @loopback, [], [], 'macvtap0\x00', 'syzkaller1\x00', {}, {0xff}, 0x0, 0x0, 0x2}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00', {0xfffffffffffffffd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)

1.646048044s ago: executing program 4 (id=1182):
socket$packet(0x11, 0x2, 0x300)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
keyctl$restrict_keyring(0x1d, 0x0, 0x0, &(0x7f0000000440)=']-\\+\x00')
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x8d, 0x1, &(0x7f0000000240)="184ce4529e71581ccb84ac4f33547bdce991149db263afbd188f8a30ff6d25b773488e07ffc6112ef1087a73b0a6af6e60a9442d048d821c396835f16a773f6693f29c311a690e0d000000000000adc349a678a4c888a646d72ca416e7c2c971671978dc9697fe3d53f02fe13e83a46c710490244f6b6a0eebd5c3790178d35ff8b72a1e18b4a4412756e860ad", &(0x7f0000000300)=""/1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x50)
r3 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
socket$packet(0x11, 0x3, 0x300)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000140)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=r6, @ANYBLOB="01980400000000001800128008000100736974000c00028008000300ac14"], 0x38}}, 0x0)

1.609186886s ago: executing program 0 (id=1183):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000100000000c00018008000100"], 0x20}}, 0x0)
shmctl$IPC_SET(0x0, 0x1, 0x0)
shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000000)=""/50)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x328, 0x2e8, 0x2e8, 0x328, 0x2e8, 0x3, 0x0, {[{{@ipv6={@local, @private1, [0xffffff00, 0xff000000], [0xff, 0x34da508f3e8fb0eb, 0xffffff00, 0xff], 'veth0_to_batadv\x00', 'veth1_to_team\x00', {0xff}, {0xff}, 0x89, 0x7, 0x7, 0x38}, 0x0, 0x190, 0x1c8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x100, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee0500000000000000ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06d7d4e252c3394fed47bf78c70f607b0178fa5ea3350ebc989f1f34a214e67442ce98bbaa8e0f7323a4ca0a7be6c60c527bac2b500", 0x1, 0x3}}, @common=@inet=@set2={{0x28}, {{0xfffe, 0x5, 0x4}}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x6, 0x7}, {0x3, 0x3, 0x6}, {0x1, 0x1, 0x2}, 0x3, 0x29b}}}, {{@ipv6={@remote, @loopback, [], [], 'macvtap0\x00', 'syzkaller1\x00', {}, {0xff}, 0x0, 0x0, 0x2}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00', {0xfffffffffffffffd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)

449.759244ms ago: executing program 1 (id=1184):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
ioctl$SNDCTL_SEQ_SYNC(0xffffffffffffffff, 0x5101)
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="03040000b50000000100fefffeefffff"], 0xc8)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

293.230383ms ago: executing program 3 (id=1185):
socket$netlink(0x10, 0x3, 0x4)
syz_open_procfs(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = shmget(0x2, 0x1000, 0x1, &(0x7f0000935000/0x1000)=nil)
shmctl$IPC_INFO(r3, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x400452c8, &(0x7f0000000100))
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000002c0)={'erspan0\x00', 0x0})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0xd0}, [@ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x102}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)

198.258598ms ago: executing program 5 (id=1186):
socket$pppoe(0x18, 0x1, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x18, 0x1410, 0x300, 0x70bd2a, 0x25dfd9fc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x20004084}, 0x4004080)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421803001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'wg0\x00', &(0x7f0000000000)=@ethtool_gstrings={0x1b, 0x7}})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0xa5)
chdir(0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1800001, 0x12, r2, 0x6a6db000)
socket$inet_sctp(0x2, 0x5, 0x84)

0s ago: executing program 4 (id=1187):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b40)={0x38, r2, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x1c, 0x33, @data_frame={@msdu=@type01={{0x0, 0x2, 0x5, 0x0, 0x1, 0x1, 0x1, 0x1}, {0x914}, @broadcast, @initial, @device_b, {0x5, 0x4}}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x48801}, 0x44010)

kernel console output (not intermixed with test programs):

loop0: rw=0, sector=393218, nr_sectors = 2 limit=1024
[  106.140586][ T4910] loop3: detected capacity change from 0 to 256
[  106.259764][ T4910] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  107.001062][ T4318] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  107.040066][ T4919] netlink: 68 bytes leftover after parsing attributes in process `syz.0.143'.
[  107.052723][ T4919] netlink: 16 bytes leftover after parsing attributes in process `syz.0.143'.
[  107.225591][ T4318] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  107.241068][ T4318] usb 5-1: config 1 has no interface number 1
[  107.265871][ T4318] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  107.306674][ T4318] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  107.332102][ T4318] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.340365][ T4318] usb 5-1: Product: syz
[  107.348256][ T4318] usb 5-1: Manufacturer: syz
[  107.354106][ T4318] usb 5-1: SerialNumber: syz
[  107.952905][ T4318] usb 5-1: 2:1: invalid format type 0x1001 is detected, processed as PCM
[  107.966153][ T4318] usb 5-1: 2:1 : unsupported sample bitwidth 30 in 64 bytes
[  108.027504][ T4318] usb 5-1: USB disconnect, device number 3
[  108.113708][ T4259] udevd[4259]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  108.129199][ T4932] loop3: detected capacity change from 0 to 128
[  108.222828][ T4259] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  108.367945][  T126] usb 2-1: USB disconnect, device number 3
[  108.517150][ T4938] loop3: detected capacity change from 0 to 256
[  108.533424][ T4938] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  109.973044][ T4949] loop4: detected capacity change from 0 to 128
[  110.047076][ T4952] 9pnet_virtio: no channels available for device 127.0.0.1
[  110.307121][ T4259] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  110.593040][ T4956] loop4: detected capacity change from 0 to 256
[  110.601893][ T4956] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  111.728142][ T4976] loop3: detected capacity change from 0 to 1024
[  111.848426][ T4976] syz.3.154: attempt to access beyond end of device
[  111.848426][ T4976] loop3: rw=0, sector=393218, nr_sectors = 2 limit=1024
[  112.460645][ T4976] syz.3.154: attempt to access beyond end of device
[  112.460645][ T4976] loop3: rw=0, sector=393218, nr_sectors = 2 limit=1024
[  112.954004][ T4988] loop1: detected capacity change from 0 to 512
[  112.980304][ T4988] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  112.990228][ T4988] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  113.000054][ T4988] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  113.087840][ T4988] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  113.095889][ T4988] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  113.104235][ T4988] EXT4-fs (loop1): failed to initialize system zone (-117)
[  113.111959][ T4988] EXT4-fs (loop1): mount failed
[  113.809943][ T4259] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  114.513825][ T5001] loop4: detected capacity change from 0 to 128
[  114.729174][ T5009] 9pnet_fd: Insufficient options for proto=fd
[  114.790205][ T4258] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  115.094031][ T5018] loop4: detected capacity change from 0 to 256
[  115.121173][ T5018] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  115.163986][ T5017] Illegal XDP return value 185307192 on prog  (id 10) dev syz_tun, expect packet loss!
[  115.658333][ T5021] loop2: detected capacity change from 0 to 1024
[  115.792766][ T5021] syz.2.175: attempt to access beyond end of device
[  115.792766][ T5021] loop2: rw=0, sector=393218, nr_sectors = 2 limit=1024
[  115.837049][ T5021] syz.2.175: attempt to access beyond end of device
[  115.837049][ T5021] loop2: rw=0, sector=393218, nr_sectors = 2 limit=1024
[  116.420366][  T126] kernel write not supported for file /input/event2 (pid: 126 comm: kworker/0:2)
[  116.501961][ T5038] virtio-fs: tag </dev/md0> not found
[  117.340087][ T5052] loop2: detected capacity change from 0 to 512
[  117.368827][ T5052] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  117.378833][ T5052] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  117.388761][ T5052] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  117.561404][ T5052] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  117.569538][ T5052] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  117.577742][ T5052] EXT4-fs (loop2): failed to initialize system zone (-117)
[  117.585365][ T5052] EXT4-fs (loop2): mount failed
[  119.470651][ T5072] loop2: detected capacity change from 0 to 128
[  119.591971][ T5071] loop1: detected capacity change from 0 to 4096
[  119.677037][ T5071] EXT4-fs (loop1): Test dummy encryption mode enabled
[  119.821867][ T5075] loop2: detected capacity change from 0 to 256
[  119.991540][ T5075] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  120.120319][ T5071] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c01c, mo2=0002]
[  120.214651][ T5071] System zones: 0-5
[  120.381255][ T5071] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  120.987509][ T5093] Cannot find set identified by id 65534 to match
[  121.937520][ T4318] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  121.983884][ T5109] loop3: detected capacity change from 0 to 128
[  122.045484][ T5071] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  122.140189][ T4318] usb 5-1: Using ep0 maxpacket: 16
[  122.147091][ T4318] usb 5-1: config 173 has too many interfaces: 43, using maximum allowed: 32
[  122.188372][ T4318] usb 5-1: config 173 has 1 interface, different from the descriptor's value: 43
[  122.222606][ T4318] usb 5-1: config 173 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.304812][ T4318] usb 5-1: config 173 interface 0 has no altsetting 0
[  122.328317][ T4318] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  122.361227][ T4318] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.393869][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  122.482527][ T4821] kworker/u4:17: attempt to access beyond end of device
[  122.482527][ T4821] loop3: rw=1, sector=145, nr_sectors = 896 limit=128
[  122.597110][ T4375] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  122.625826][ T5123] loop1: detected capacity change from 0 to 512
[  122.655510][ T5123] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  122.665364][ T5123] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  122.675164][ T5123] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  122.696353][ T5123] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  122.704653][ T5123] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  122.713044][ T5123] EXT4-fs (loop1): failed to initialize system zone (-117)
[  122.720369][ T5123] EXT4-fs (loop1): mount failed
[  122.787176][ T4375] usb 3-1: Using ep0 maxpacket: 32
[  122.794131][ T4375] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  122.827092][ T4375] usb 3-1: config 0 has no interface number 0
[  122.843769][ T4375] usb 3-1: config 0 interface 184 has no altsetting 0
[  122.866493][ T4375] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  122.884177][ T4375] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.949612][ T4318] hid (null): unknown global tag 0xd
[  122.954993][ T4318] hid (null): global environment stack underflow
[  122.962964][ T4375] usb 3-1: Product: syz
[  122.977094][ T4318] hid (null): invalid report_count 29927
[  122.984593][ T4375] usb 3-1: Manufacturer: syz
[  123.453442][ T4318] usb 5-1: USB disconnect, device number 4
[  123.504773][ T4375] usb 3-1: SerialNumber: syz
[  123.862901][ T5139] input: syz1 as /devices/virtual/input/input6
[  124.086225][ T4375] usb 3-1: config 0 descriptor??
[  124.527759][ T4375] smsc75xx v1.0.0
[  124.629370][ T5144] loop3: detected capacity change from 0 to 128
[  124.880649][ T4258] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  125.532385][ T5154] loop3: detected capacity change from 0 to 256
[  126.106942][ T4375] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  126.146516][ T4375] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  126.191692][ T5154] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  126.334419][ T5161] loop4: detected capacity change from 0 to 512
[  126.427901][ T5163] loop1: detected capacity change from 0 to 1024
[  126.500635][ T5163] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  126.572422][ T5161] EXT4-fs (loop4): 1 truncate cleaned up
[  126.624823][ T5161] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  126.847655][ T5173] Cannot find set identified by id 65534 to match
[  127.523453][ T5161] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.202: bg 0: block 465: padding at end of block bitmap is not set
[  127.548174][ T5163] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3852: comm syz.1.203: Allocating blocks 497-513 which overlap fs metadata
[  127.569715][ T5161] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 29 with max blocks 1 with error 28
[  127.609175][ T4375] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71
[  127.652773][ T4375] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71
[  127.696394][ T5161] EXT4-fs (loop4): This should not happen!! Data will be lost
[  127.696394][ T5161] 
[  127.705974][ T5163] EXT4-fs error (device loop1): __ext4_get_inode_loc:4513: comm syz.1.203: Invalid inode table block 5 in block_group 0
[  127.720261][ T5163] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[  127.723006][ T4375] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  127.755443][ T5180] loop2: detected capacity change from 0 to 1024
[  127.786305][ T4375] smsc75xx: probe of 3-1:0.184 failed with error -71
[  127.815911][ T5161] EXT4-fs (loop4): Total free blocks count 0
[  127.833995][ T5161] EXT4-fs (loop4): Free/Dirty block details
[  127.851508][ T4375] usb 3-1: USB disconnect, device number 2
[  127.886545][ T5163] EXT4-fs error (device loop1): ext4_dirty_inode:6137: inode #15: comm syz.1.203: mark_inode_dirty error
[  127.897014][ T5161] EXT4-fs (loop4): free_blocks=0
[  127.946548][ T5183] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  127.979943][ T5163] EXT4-fs error (device loop1): ext4_discard_preallocations:5122: comm syz.1.203: Error -117 loading buddy information for 4294953550
[  128.002459][ T5187] loop3: detected capacity change from 0 to 164
[  128.053317][ T5187] ISOFS: unable to read i-node block
[  128.055813][ T5161] EXT4-fs (loop4): dirty_blocks=2
[  128.101911][ T5187] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  128.115940][ T5161] EXT4-fs (loop4): Block reservation details
[  128.152526][ T5183] EXT4-fs (loop4): This should not happen!! Data will be lost
[  128.152526][ T5183] 
[  128.163117][ T5163] EXT4-fs error (device loop1): ext4_discard_preallocations:5122: comm syz.1.203: Error -117 loading buddy information for 4294953550
[  128.276274][ T5163] EXT4-fs error (device loop1): __ext4_get_inode_loc:4513: comm syz.1.203: Invalid inode table block 5 in block_group 0
[  128.358903][ T5163] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[  128.383465][ T5190] loop2: detected capacity change from 0 to 512
[  128.392403][ T5190] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  128.402266][ T5190] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  128.412067][ T5190] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  128.430936][ T5163] EXT4-fs error (device loop1): ext4_ext_truncate:4454: inode #15: comm syz.1.203: mark_inode_dirty error
[  128.487776][ T5190] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  128.495883][ T5190] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  128.503681][ T5190] EXT4-fs (loop2): failed to initialize system zone (-117)
[  128.511048][ T5190] EXT4-fs (loop2): mount failed
[  128.533189][ T5163] EXT4-fs error (device loop1): __ext4_get_inode_loc:4513: comm syz.1.203: Invalid inode table block 5 in block_group 0
[  128.793946][ T5205] loop2: detected capacity change from 0 to 256
[  128.801137][ T5205] exfat: Deprecated parameter 'namecase'
[  128.806918][ T5205] exfat: Deprecated parameter 'namecase'
[  129.880472][ T5205] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  129.902324][ T5204] syz.2.211: attempt to access beyond end of device
[  129.902324][ T5204] loop2: rw=524288, sector=34225520824, nr_sectors = 1 limit=256
[  129.916931][ T5204] syz.2.211: attempt to access beyond end of device
[  129.916931][ T5204] loop2: rw=0, sector=34225520824, nr_sectors = 1 limit=256
[  129.931644][   T26] audit: type=1800 audit(1769050887.267:5): pid=5204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.211" name="file1" dev="loop2" ino=1048601 res=0 errno=0
[  130.040951][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  130.060569][ T5198] exFAT-fs (loop2): invalid start cluster (4278190088)
[  130.421997][ T5217] loop3: detected capacity change from 0 to 2048
[  130.663227][ T5217] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  131.610181][ T5242] loop0: detected capacity change from 0 to 1024
[  131.747230][ T4255] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  131.769217][ T5244] loop4: detected capacity change from 0 to 512
[  131.779849][ T5244] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  131.789769][ T5244] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  131.799610][ T5244] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  132.041526][ T4255] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  132.065887][ T5244] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  132.073850][ T5244] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  132.082113][ T5244] EXT4-fs (loop4): failed to initialize system zone (-117)
[  132.089566][ T5244] EXT4-fs (loop4): mount failed
[  132.269682][ T4255] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  132.517079][ T4255] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  132.556992][ T4255] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  132.585869][ T4255] usb 4-1: SerialNumber: syz
[  132.786539][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  132.792951][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  132.817190][ T4821] hfsplus: b-tree write err: -5, ino 4
[  132.963505][ T4255] usb 4-1: 0:2 : does not exist
[  133.065082][ T4255] usb 4-1: USB disconnect, device number 5
[  133.356609][ T4259] udevd[4259]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  133.674246][ T4268] EXT4-fs (loop3): unmounting filesystem.
[  133.844489][ T4311] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  133.926371][ T5297] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  133.942250][ T5297] tmpfs: Too few inodes for current use
[  134.494117][ T5298] loop2: detected capacity change from 0 to 1024
[  134.718154][   T26] audit: type=1800 audit(1769050892.058:6): pid=5298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.233" name="file1" dev="loop2" ino=2 res=0 errno=0
[  135.387285][ T4311] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  135.428263][ T4311] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  135.470834][ T4311] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  135.490273][ T4311] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.522606][ T4311] usb 2-1: Product: syz
[  135.541725][ T4311] usb 2-1: Manufacturer: syz
[  135.560439][ T4311] usb 2-1: SerialNumber: syz
[  136.163960][ T4311] cdc_ncm 2-1:1.0: bind() failure
[  136.182035][ T4311] usbtest: probe of 2-1:1.1 failed with error -71
[  136.210440][ T4311] usb 2-1: USB disconnect, device number 4
[  136.292700][ T5334] loop4: detected capacity change from 0 to 512
[  136.334269][ T5336] 9pnet_virtio: no channels available for device 127.0.0.1
[  136.464864][ T5334] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  136.696319][ T4279] EXT4-fs (loop4): unmounting filesystem.
[  137.244941][ T5352] loop1: detected capacity change from 0 to 512
[  137.276980][ T5352] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  137.319921][ T5352] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  137.328982][ T5352] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  137.421753][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  137.891118][ T5366] loop4: detected capacity change from 0 to 1024
[  138.056516][ T5366] EXT4-fs: Ignoring removed nomblk_io_submit option
[  138.129506][ T5366] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  138.506056][ T5366] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  139.005100][ T4279] EXT4-fs (loop4): unmounting filesystem.
[  139.404546][ T5386] Cannot find set identified by id 65534 to match
[  140.000159][ T5389] tmpfs: Too few inodes for current use
[  140.146406][ T5391] loop4: detected capacity change from 0 to 512
[  140.255271][ T5391] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  140.386517][   T26] audit: type=1800 audit(1769050897.720:7): pid=5401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.255" name="bus" dev="loop4" ino=18 res=0 errno=0
[  140.595231][ T4279] EXT4-fs (loop4): unmounting filesystem.
[  141.101150][ T5415] loop3: detected capacity change from 0 to 512
[  141.112720][ T5415] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  141.155420][ T5415] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  141.164410][ T5415] ext4 filesystem being mounted at /51/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  141.349302][ T4268] EXT4-fs (loop3): unmounting filesystem.
[  141.458568][ T5419] 9pnet_virtio: no channels available for device 127.0.0.1
[  141.812280][ T5430] tmpfs: Too few inodes for current use
[  141.863133][ T5433] loop2: detected capacity change from 0 to 2048
[  141.903273][ T5433] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  141.919072][ T5433] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  142.028719][ T4266] EXT4-fs (loop2): unmounting filesystem.
[  142.172192][ T5439] loop0: detected capacity change from 0 to 512
[  142.230414][ T5442] x_tables: duplicate underflow at hook 1
[  142.281012][ T5439] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  142.661723][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  142.805570][ T5451] capability: warning: `syz.1.276' uses deprecated v2 capabilities in a way that may be insecure
[  143.014642][ T5456] loop2: detected capacity change from 0 to 512
[  143.033983][ T5456] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  143.455628][ T5456] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  143.464874][ T5456] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  143.576543][ T4266] EXT4-fs (loop2): unmounting filesystem.
[  144.235114][ T5474] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  144.717317][ T5478] loop1: detected capacity change from 0 to 16
[  144.735071][ T5478] erofs: (device loop1): mounted with root inode @ nid 36.
[  144.796780][ T5478] erofs: (device loop1): z_erofs_fill_inode_lazy: unknown HEAD2 format 3 for nid 36, please upgrade kernel
[  144.846625][ T5481] loop0: detected capacity change from 0 to 256
[  144.850777][ T5478] erofs: (device loop1): z_erofs_fill_inode_lazy: unknown HEAD2 format 3 for nid 36, please upgrade kernel
[  144.885860][ T5478] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-95]
[  144.887960][ T5481] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  144.911349][ T5481] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  144.977149][ T5487] input: syz1 as /devices/virtual/input/input7
[  145.516961][ T5481] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  146.100589][ T5499] Cannot find set identified by id 65534 to match
[  146.726834][ T5501] 9pnet_virtio: no channels available for device 127.0.0.1
[  147.458734][ T5509] loop2: detected capacity change from 0 to 512
[  147.476189][ T5509] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  147.638979][ T5512] Cannot find set identified by id 65534 to match
[  147.943428][ T5509] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  147.952935][ T5509] ext4 filesystem being mounted at /73/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  148.020640][ T4266] EXT4-fs (loop2): unmounting filesystem.
[  148.312403][ T5527] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  149.086559][ T5529] loop3: detected capacity change from 0 to 128
[  149.120291][ T5531] loop4: detected capacity change from 0 to 512
[  149.184243][ T5531] EXT4-fs: Ignoring removed oldalloc option
[  149.199350][ T5533] loop0: detected capacity change from 0 to 1024
[  149.227003][ T5533] EXT4-fs: Ignoring removed nobh option
[  149.242934][ T5533] EXT4-fs: Ignoring removed bh option
[  149.283708][ T5531] EXT4-fs (loop4): unable to read superblock
[  149.321016][ T5533] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  149.467417][ T5533] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  149.512589][ T5533] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3852: comm syz.0.299: Allocating blocks 385-513 which overlap fs metadata
[  149.539652][ T5531] loop4: detected capacity change from 0 to 512
[  149.616387][ T5531] EXT4-fs: Ignoring removed mblk_io_submit option
[  149.636105][ T5533] EXT4-fs (loop0): Remounting filesystem read-only
[  149.661458][ T5531] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  149.702124][ T5531] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  149.721067][ T5531] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  149.746122][ T5533] EXT4-fs (loop0): pa ffff8880747882a0: logic 16, phys. 129, len 24
[  149.754852][ T5533] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 8
[  149.771779][ T5531] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  149.851810][ T5533] EXT4-fs (loop0): Remounting filesystem read-only
[  149.883135][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  149.973172][ T5531] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  150.020818][ T5531] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e04ce11c, mo2=0000]
[  150.043442][ T5531] EXT4-fs (loop4): failed to initialize system zone (-117)
[  150.149618][ T5531] EXT4-fs (loop4): mount failed
[  150.756960][ T5550] loop2: detected capacity change from 0 to 128
[  150.822550][ T4259] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  151.015559][ T5556] loop3: detected capacity change from 0 to 16
[  151.052557][ T5557] loop2: detected capacity change from 0 to 256
[  151.055814][ T5556] erofs: (device loop3): mounted with root inode @ nid 36.
[  151.069549][ T5557] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  151.792610][ T5561] loop4: detected capacity change from 0 to 512
[  151.805991][ T5561] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  152.225289][ T5561] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  152.234605][ T5561] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  152.281913][ T4279] EXT4-fs (loop4): unmounting filesystem.
[  152.769608][ T5576] binder: 5571:5576 ioctl c0306201 200000000080 returned -22
[  153.524849][ T5578] loop1: detected capacity change from 0 to 256
[  153.578806][ T5582] loop2: detected capacity change from 0 to 1024
[  153.586124][ T5578] exfat: Deprecated parameter 'namecase'
[  153.624827][ T5578] exfat: Deprecated parameter 'namecase'
[  153.675741][ T5578] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  153.742991][ T5578] syz.1.312: attempt to access beyond end of device
[  153.742991][ T5578] loop1: rw=524288, sector=34225520824, nr_sectors = 1 limit=256
[  153.849786][ T5578] syz.1.312: attempt to access beyond end of device
[  153.849786][ T5578] loop1: rw=0, sector=34225520824, nr_sectors = 1 limit=256
[  153.864455][   T26] audit: type=1800 audit(1769050911.203:8): pid=5578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.312" name="file1" dev="loop1" ino=1048606 res=0 errno=0
[  153.888326][ T5577] exFAT-fs (loop1): invalid start cluster (4278190088)
[  154.613644][ T5591] netlink: 8 bytes leftover after parsing attributes in process `syz.4.310'.
[  156.252328][ T5615] loop1: detected capacity change from 0 to 512
[  156.267117][ T5615] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  156.553646][ T5615] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  156.563168][ T5615] ext4 filesystem being mounted at /52/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  156.728316][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  156.758939][ T5621] loop2: detected capacity change from 0 to 128
[  157.088094][ T5627] loop4: detected capacity change from 0 to 128
[  157.141618][ T4258] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  157.145653][ T5629] loop2: detected capacity change from 0 to 256
[  157.211732][ T5629] exfat: Deprecated parameter 'namecase'
[  157.248772][ T5629] exfat: Deprecated parameter 'namecase'
[  157.441968][ T5629] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  157.534501][ T5629] syz.2.328: attempt to access beyond end of device
[  157.534501][ T5629] loop2: rw=524288, sector=34225520824, nr_sectors = 1 limit=256
[  158.193448][ T5635] loop4: detected capacity change from 0 to 256
[  158.231190][ T4258] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  158.270428][ T5629] syz.2.328: attempt to access beyond end of device
[  158.270428][ T5629] loop2: rw=0, sector=34225520824, nr_sectors = 1 limit=256
[  158.341552][ T5635] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  158.366884][   T26] audit: type=1800 audit(1769050915.704:9): pid=5629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.328" name="file1" dev="loop2" ino=1048608 res=0 errno=0
[  158.436413][ T5639] exFAT-fs (loop2): invalid start cluster (4278190088)
[  158.765247][ T5649] Cannot find set identified by id 65534 to match
[  158.958774][   T22] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  159.225004][   T22] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  159.291235][   T22] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  159.483788][   T22] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  159.493316][   T22] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.513746][   T22] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  159.610449][ T5656] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  160.090558][   T22] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  160.203604][   T22] usb 2-1: Product: syz
[  160.223404][   T22] usb 2-1: Manufacturer: syz
[  160.275600][   T22] cdc_wdm 2-1:1.0: skipping garbage
[  160.285083][   T22] cdc_wdm 2-1:1.0: skipping garbage
[  160.323931][   T22] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  160.336659][   T22] cdc_wdm 2-1:1.0: Unknown control protocol
[  160.749264][    C1] cdc_wdm 2-1:1.0: Unexpected error -71
[  160.756704][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  160.763486][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  160.770351][  T126] usb 2-1: USB disconnect, device number 5
[  160.773920][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  160.782789][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  160.788876][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  160.923229][ T5678] loop3: detected capacity change from 0 to 512
[  160.971725][ T5678] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  161.127396][ T5678] EXT4-fs (loop3): 1 truncate cleaned up
[  161.151184][ T5678] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  162.615463][ T5702] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  162.666391][ T5678] syz.3.341 (5678) used greatest stack depth: 20528 bytes left
[  162.767499][ T4268] EXT4-fs (loop3): unmounting filesystem.
[  164.133659][ T5724] loop3: detected capacity change from 0 to 128
[  164.209557][ T4259] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  164.595421][ T5731] loop3: detected capacity change from 0 to 256
[  164.654970][ T5731] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  165.104671][ T5739] loop1: detected capacity change from 0 to 1024
[  166.520840][ T5752] loop1: detected capacity change from 0 to 128
[  166.880319][ T5759] loop1: detected capacity change from 0 to 4096
[  167.032764][ T5759] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  167.177305][ T5759] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  167.308467][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  167.330611][ T5770] loop4: detected capacity change from 0 to 1024
[  167.370465][ T5771] loop0: detected capacity change from 0 to 256
[  167.460969][ T5771] exfat: Deprecated parameter 'utf8'
[  167.472106][ T5770] hfsplus: xattr searching failed
[  167.481764][ T5770] hfsplus: xattr searching failed
[  167.516606][ T5771] exfat: Deprecated parameter 'namecase'
[  167.563472][ T5771] exfat: Deprecated parameter 'utf8'
[  167.623952][ T5771] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  167.736510][   T22] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  167.928074][   T22] usb 2-1: Using ep0 maxpacket: 32
[  167.937770][   T22] usb 2-1: config 0 has an invalid interface number: 188 but max is 0
[  167.972633][   T22] usb 2-1: config 0 has no interface number 0
[  167.996600][   T22] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  168.010235][   T22] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  168.041531][   T26] audit: type=1326 audit(1769050925.386:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5783 comm="syz.2.374" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f290579acb9 code=0x0
[  168.041790][   T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.124360][   T22] usb 2-1: Product: syz
[  168.135295][   T22] usb 2-1: Manufacturer: syz
[  168.146766][   T22] usb 2-1: SerialNumber: syz
[  168.159913][   T22] usb 2-1: config 0 descriptor??
[  168.170378][ T5775] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  168.299000][   T31] kworker/u4:2: attempt to access beyond end of device
[  168.299000][   T31] loop4: rw=1, sector=3892, nr_sectors = 4384 limit=1024
[  168.349656][   T31] kworker/u4:2: attempt to access beyond end of device
[  168.349656][   T31] loop4: rw=1, sector=8276, nr_sectors = 2160 limit=1024
[  168.404266][ T5775] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  168.464916][ T5795] loop3: detected capacity change from 0 to 128
[  169.167989][ T5806] Cannot find set identified by id 65534 to match
[  169.763660][ T5807] loop3: detected capacity change from 0 to 256
[  169.846956][ T5807] exfat: Deprecated parameter 'namecase'
[  169.847409][ T5809] loop4: detected capacity change from 0 to 128
[  169.852688][ T5807] exfat: Deprecated parameter 'namecase'
[  169.890556][ T5807] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  169.956476][ T5807] syz.3.383: attempt to access beyond end of device
[  169.956476][ T5807] loop3: rw=524288, sector=34225520824, nr_sectors = 1 limit=256
[  169.975884][ T5807] syz.3.383: attempt to access beyond end of device
[  169.975884][ T5807] loop3: rw=0, sector=34225520824, nr_sectors = 1 limit=256
[  169.999270][   T26] audit: type=1800 audit(1769050927.347:11): pid=5807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.383" name="file1" dev="loop3" ino=1048611 res=0 errno=0
[  170.088014][ T5804] exFAT-fs (loop3): invalid start cluster (4278190088)
[  170.118908][ T4258] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  170.625315][ T5819] loop4: detected capacity change from 0 to 256
[  170.666128][ T4258] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  170.820703][ T5823] loop3: detected capacity change from 0 to 8
[  170.864927][ T5819] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  170.977815][ T4489] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  171.084592][ T5826] loop3: detected capacity change from 0 to 512
[  171.091971][ T4489] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  171.187541][ T5826] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  171.241043][ T5826] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  171.260175][   T22] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  171.291720][ T5826] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.388: Corrupt directory, running e2fsck is recommended
[  171.305411][   T22] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  171.325786][   T22] asix: probe of 2-1:0.188 failed with error -71
[  171.357093][ T5826] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  171.408150][   T22] usb 2-1: USB disconnect, device number 6
[  171.417341][ T5826] EXT4-fs error (device loop3): ext4_iget_extra_inode:4756: inode #15: comm syz.3.388: corrupted in-inode xattr
[  171.483674][ T5826] EXT4-fs (loop3): Remounting filesystem read-only
[  171.505928][ T5826] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.388: couldn't read orphan inode 15 (err -117)
[  171.555665][ T5826] EXT4-fs (loop3): Remounting filesystem read-only
[  171.576013][ T5826] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  171.664659][ T5826] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  171.711497][ T5826] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  171.735761][ T5826] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.388: Corrupt directory, running e2fsck is recommended
[  171.772531][ T5833] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  171.827678][ T5826] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  171.848778][ T5833] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  171.865299][ T5835] loop0: detected capacity change from 0 to 128
[  171.888508][ T5826] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  171.897581][ T5833] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.388: Corrupt directory, running e2fsck is recommended
[  171.938269][ T4258] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  172.101585][ T5835] loop0: detected capacity change from 0 to 256
[  172.110224][ T5835] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  172.149343][ T5826] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.388: Corrupt directory, running e2fsck is recommended
[  172.191619][ T5833] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  172.226568][ T5833] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz.3.388: path /81/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  172.286006][ T5833] EXT4-fs (loop3): Remounting filesystem read-only
[  172.301553][ T5833] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 6: comm syz.3.388: path /81/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  172.341453][ T5840] loop0: detected capacity change from 0 to 8
[  172.360851][ T5833] EXT4-fs (loop3): Remounting filesystem read-only
[  172.375054][ T5840] SQUASHFS error: Failed to read block 0x636: -5
[  172.393299][ T5840] SQUASHFS error: Unable to read metadata cache entry [634]
[  172.403440][ T5840] SQUASHFS error: Unable to read metadata cache entry [634]
[  172.444142][ T5840] SQUASHFS error: Unable to read directory block [634:0]
[  172.467838][ T4268] EXT4-fs (loop3): unmounting filesystem.
[  172.875065][ T5851] loop3: detected capacity change from 0 to 256
[  172.892298][ T5851] exfat: Deprecated parameter 'namecase'
[  172.898208][ T5851] exfat: Deprecated parameter 'namecase'
[  172.924452][ T5851] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  172.990696][ T5851] exFAT-fs (loop3): invalid start cluster (4278190088)
[  173.204586][ T5856] device syzkaller0 entered promiscuous mode
[  173.345335][  T126] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  173.710085][ T5863] loop0: detected capacity change from 0 to 512
[  173.780774][ T5863] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  173.893205][ T5863] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  173.924917][ T5863] ext4 filesystem being mounted at /83/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.978073][  T126] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  174.029244][  T126] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[  174.082683][  T126] usb 5-1: SerialNumber: syz
[  174.110158][ T5870] EXT4-fs error (device loop0): __ext4_new_inode:1285: comm syz.0.401: failed to insert inode 16: doubly allocated?
[  174.140235][  T126] usb 5-1: config 0 descriptor??
[  174.203646][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  174.508978][ T5879] loop1: detected capacity change from 0 to 2048
[  174.521669][ T5879] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  174.807228][ T5885] loop2: detected capacity change from 0 to 128
[  174.980045][ T4259] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  175.035117][ T5891] 9pnet_virtio: no channels available for device 127.0.0.1
[  175.219248][ T5896] loop0: detected capacity change from 0 to 128
[  175.286386][ T5897] loop0: detected capacity change from 0 to 256
[  175.295758][ T5897] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  175.355989][ T5898] loop2: detected capacity change from 0 to 256
[  175.393229][ T5898] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  175.396527][  T126] pegasus 5-1:0.0: can't reset MAC
[  175.417377][  T126] pegasus: probe of 5-1:0.0 failed with error -5
[  175.445078][  T126] usb 5-1: USB disconnect, device number 5
[  176.300340][ T5905] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  177.264508][  T126] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  177.456250][  T126] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  177.482457][  T126] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  177.567318][  T126] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  177.576872][  T126] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.598027][ T5933] 9pnet_virtio: no channels available for device 127.0.0.1
[  177.598993][  T126] usb 2-1: Product: syz
[  177.616929][  T126] usb 2-1: Manufacturer: syz
[  177.621675][  T126] usb 2-1: SerialNumber: syz
[  177.710532][ T5935] loop0: detected capacity change from 0 to 128
[  177.764816][ T4258] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  178.072511][ T5940] loop0: detected capacity change from 0 to 256
[  178.123891][ T5940] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  178.698524][  T126] cdc_ncm 2-1:1.0: bind() failure
[  178.736122][  T126] usbtest: probe of 2-1:1.1 failed with error -71
[  178.773191][  T126] usb 2-1: USB disconnect, device number 7
[  179.356970][ T5953] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns
[  179.396805][ T5953] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  179.481591][ T5955] user requested TSC rate below hardware speed
[  179.936611][ T5959] loop1: detected capacity change from 0 to 128
[  181.138103][ T5968] loop1: detected capacity change from 0 to 256
[  181.250412][ T5968] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  181.402762][ T5985] loop3: detected capacity change from 0 to 512
[  181.717393][ T5992] Cannot find set identified by id 65534 to match
[  182.041812][ T5985] EXT4-fs error (device loop3): ext4_iget_extra_inode:4756: inode #15: comm syz.3.440: corrupted in-inode xattr
[  182.259564][ T5985] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.440: couldn't read orphan inode 15 (err -117)
[  182.306523][ T5985] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  182.431222][ T5996] loop0: detected capacity change from 0 to 128
[  182.448310][ T5985] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.440: bg 0: block 5: invalid block bitmap
[  182.505838][ T4259] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  182.729973][ T4268] EXT4-fs (loop3): unmounting filesystem.
[  182.831619][ T6002] loop0: detected capacity change from 0 to 256
[  182.901418][ T6002] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  183.222944][   T27] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  183.414604][   T27] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  183.434974][   T27] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  183.457258][ T6012] loop1: detected capacity change from 0 to 128
[  183.460310][   T27] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  183.491061][ T6012] FAT-fs (loop1): Directory bread(block 32) failed
[  183.491069][   T27] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.491089][   T27] usb 5-1: Product: syz
[  183.519629][   T27] usb 5-1: Manufacturer: syz
[  183.524782][   T27] usb 5-1: SerialNumber: syz
[  183.533235][ T6012] FAT-fs (loop1): Directory bread(block 33) failed
[  183.550157][ T6012] FAT-fs (loop1): Directory bread(block 34) failed
[  183.570323][ T6012] FAT-fs (loop1): Directory bread(block 35) failed
[  183.590648][ T6012] FAT-fs (loop1): Directory bread(block 36) failed
[  183.597340][ T6012] FAT-fs (loop1): Directory bread(block 37) failed
[  183.614546][ T6012] FAT-fs (loop1): Directory bread(block 38) failed
[  183.621128][ T6012] FAT-fs (loop1): Directory bread(block 39) failed
[  183.648193][ T6012] FAT-fs (loop1): Directory bread(block 40) failed
[  183.654879][ T6012] FAT-fs (loop1): Directory bread(block 41) failed
[  183.913565][ T6014] loop2: detected capacity change from 0 to 164
[  183.956943][   T27] usb 5-1: cannot find UAC_HEADER
[  184.015088][   T27] snd-usb-audio: probe of 5-1:1.0 failed with error -22
[  184.056438][ T4258] udevd[4258]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  184.081565][   T27] usb 5-1: USB disconnect, device number 6
[  185.474673][ T6028] Cannot find set identified by id 65534 to match
[  186.603554][ T6045] loop1: detected capacity change from 0 to 4096
[  186.733697][ T6055] loop4: detected capacity change from 0 to 1764
[  187.249247][ T6061] device syzkaller0 entered promiscuous mode
[  187.263344][ T6045] EXT4-fs (loop1): Test dummy encryption mode enabled
[  187.311847][ T6045] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  187.425853][ T6045] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  187.439294][ T6055] iso9660: Corrupted directory entry in block 2 of inode 1920
[  187.561679][ T6069] loop2: detected capacity change from 0 to 128
[  187.572319][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  187.629542][ T4258] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  187.976558][ T6074] loop2: detected capacity change from 0 to 256
[  187.983328][ T4258] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  188.013903][ T4258] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  188.032060][ T4258] Buffer I/O error on dev loop2, logical block 0, async page read
[  188.119096][ T6078] loop4: detected capacity change from 0 to 512
[  188.157648][ T6078] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  188.263221][ T6081] Cannot find set identified by id 65534 to match
[  188.862247][ T6074] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  188.952520][ T6078] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2799: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  188.979047][ T6078] EXT4-fs (loop4): 1 truncate cleaned up
[  188.994990][ T6078] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  189.145539][ T6078] EXT4-fs error (device loop4): swap_inode_boot_loader:378: comm syz.4.467: inode #5: comm syz.4.467: iget: illegal inode #
[  189.172343][ T6078] EXT4-fs (loop4): Remounting filesystem read-only
[  189.340983][ T4279] EXT4-fs (loop4): unmounting filesystem.
[  189.476755][ T6087] loop1: detected capacity change from 0 to 128
[  189.746189][ T4259] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  190.174993][ T6099] device syzkaller0 entered promiscuous mode
[  190.277918][ T6100] loop1: detected capacity change from 0 to 256
[  190.329915][ T6100] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  190.370353][ T6104] loop4: detected capacity change from 0 to 512
[  190.430143][ T6104] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  190.522185][ T6104] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  190.613871][ T6104] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  190.756812][ T6104] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  190.856204][ T6104] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  190.915406][ T6104] EXT4-fs (loop4): failed to initialize system zone (-117)
[  190.939117][ T6104] EXT4-fs (loop4): mount failed
[  191.347946][ T6119] 9pnet_virtio: no channels available for device 127.0.0.1
[  192.881534][ T6133] netlink: 48 bytes leftover after parsing attributes in process `syz.0.485'.
[  193.214227][ T6138] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  193.273313][ T6142] loop1: detected capacity change from 0 to 128
[  193.342297][ T6144] loop3: detected capacity change from 0 to 512
[  193.367126][ T6144] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  193.468721][ T6144] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  193.504253][ T6144] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.598830][ T6149] loop1: detected capacity change from 0 to 256
[  193.636039][ T4268] EXT4-fs (loop3): unmounting filesystem.
[  193.656482][ T6149] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  194.332201][ T6163] 9pnet_virtio: no channels available for device 127.0.0.1
[  194.373075][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  194.385489][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  194.866340][ T6167] device syzkaller0 entered promiscuous mode
[  196.196804][ T6182] loop2: detected capacity change from 0 to 2048
[  196.270215][ T6182] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  198.001552][ T6202] loop1: detected capacity change from 0 to 512
[  198.141804][ T6205] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  198.486144][ T6207] 9pnet_virtio: no channels available for device 127.0.0.1
[  198.582195][ T6202] EXT4-fs (loop1): Test dummy encryption mode enabled
[  198.899981][ T6202] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  199.060224][ T6202] EXT4-fs (loop1): 1 truncate cleaned up
[  199.066074][ T6202] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  199.462522][ T4311] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  199.691860][ T4311] usb 3-1: Using ep0 maxpacket: 32
[  199.707587][ T4311] usb 3-1: config 1 has an invalid interface number: 121 but max is 0
[  199.781745][ T4311] usb 3-1: config 1 has no interface number 0
[  199.856034][ T4311] usb 3-1: config 1 interface 121 has no altsetting 0
[  199.950499][ T4311] usb 3-1: New USB device found, idVendor=2c7c, idProduct=030e, bcdDevice=ce.f2
[  200.004388][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  200.029236][ T4311] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.056448][ T4311] usb 3-1: Product: syz
[  200.069110][ T4311] usb 3-1: Manufacturer: syz
[  200.083759][ T4311] usb 3-1: SerialNumber: syz
[  200.411629][ T4311] option 3-1:1.121: GSM modem (1-port) converter detected
[  200.473951][ T4311] usb 3-1: GSM modem (1-port) converter now attached to ttyUSB0
[  201.250308][ T4311] usb 3-1: USB disconnect, device number 3
[  201.280615][ T4311] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0
[  201.304072][ T4311] option 3-1:1.121: device disconnected
[  201.411866][ T6235] loop2: detected capacity change from 0 to 128
[  201.601132][ T6242] loop1: detected capacity change from 0 to 512
[  201.632450][ T6242] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  201.662674][ T6242] EXT4-fs (loop1): 1 truncate cleaned up
[  201.668596][ T6242] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  201.779302][ T6242] EXT4-fs (loop1): shut down requested (2)
[  201.828434][ T6244] loop2: detected capacity change from 0 to 256
[  201.880711][ T6244] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  201.954083][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  202.208323][ T6254] 9pnet_virtio: no channels available for device 127.0.0.1
[  202.918664][ T4325] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  203.148476][   T26] audit: type=1326 audit(1769050960.484:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6258 comm="syz.3.526" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed7c99acb9 code=0x0
[  203.258447][ T4325] usb 2-1: Using ep0 maxpacket: 16
[  203.282419][ T4325] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[  203.430551][ T4325] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.587910][ T4325] usb 2-1: Product: syz
[  203.659245][ T4325] usb 2-1: Manufacturer: syz
[  203.751482][ T4325] usb 2-1: SerialNumber: syz
[  203.773168][ T4325] usb 2-1: config 0 descriptor??
[  203.798027][ T4325] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  203.834354][ T4325] usb 2-1: Detected FT-X
[  204.010426][ T4325] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  204.256915][ T6273] loop4: detected capacity change from 0 to 512
[  204.276410][ T6273] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  204.286389][ T6273] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  204.296265][ T6273] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  204.412396][ T6273] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  204.420537][ T6273] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  204.428751][ T6273] EXT4-fs (loop4): failed to initialize system zone (-117)
[  204.436349][ T6273] EXT4-fs (loop4): mount failed
[  204.930662][ T4325] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  205.102694][   T14] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  205.124496][ T4318] usb 2-1: USB disconnect, device number 8
[  205.158422][ T4318] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  205.180271][ T4318] ftdi_sio 2-1:0.0: device disconnected
[  205.299569][   T14] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  205.313755][   T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.339216][   T14] usb 1-1: config 0 descriptor??
[  205.350187][   T14] asix: probe of 1-1:0.0 failed with error -22
[  205.619031][ T6294] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  207.366208][ T6310] loop2: detected capacity change from 0 to 512
[  207.387901][ T6310] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  207.466051][ T6310] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  207.476570][ T6310] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.606781][ T6317] loop1: detected capacity change from 0 to 512
[  207.628490][ T6317] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  207.638451][ T6317] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  207.648376][ T6317] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  207.762543][ T6317] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  207.770718][ T6317] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  207.778926][ T6317] EXT4-fs (loop1): failed to initialize system zone (-117)
[  207.786461][ T6317] EXT4-fs (loop1): mount failed
[  207.811459][ T4266] EXT4-fs (loop2): unmounting filesystem.
[  208.380976][  T126] usb 1-1: USB disconnect, device number 3
[  208.742947][ T6333] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  209.042302][ T6334] Cannot find set identified by id 65534 to match
[  209.578780][  T126] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  209.591781][ T6347] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  210.338351][  T126] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  210.361043][  T126] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  210.395875][  T126] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  210.456889][  T126] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  210.466105][  T126] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.479218][  T126] usb 2-1: config 0 descriptor??
[  210.596692][ T4311] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  210.798631][ T4311] usb 4-1: config 160 has an invalid interface number: 200 but max is 0
[  210.811092][ T4311] usb 4-1: config 160 has no interface number 0
[  210.829244][ T4311] usb 4-1: config 160 interface 200 has no altsetting 0
[  210.851554][ T4311] usb 4-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b
[  210.861872][ T4311] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.869998][ T4311] usb 4-1: Product: syz
[  210.874535][ T4311] usb 4-1: Manufacturer: syz
[  210.879360][ T4311] usb 4-1: SerialNumber: syz
[  210.896114][  T126] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  211.040887][  T126] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  211.123969][ T4311] usb 4-1: MIDIStreaming interface descriptor not found
[  211.221338][ T6360] loop2: detected capacity change from 0 to 512
[  211.286588][ T6360] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  211.296962][ T6360] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  211.306844][ T6360] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  211.429341][ T6360] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  211.437533][ T6360] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  211.445725][ T6360] EXT4-fs (loop2): failed to initialize system zone (-117)
[  211.453393][ T6360] EXT4-fs (loop2): mount failed
[  211.643746][ T4311] usb 4-1: USB disconnect, device number 6
[  212.032004][ T4305] usb 2-1: USB disconnect, device number 9
[  213.030398][ T6361] fido_id[6361]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  213.360393][ T6382] loop2: detected capacity change from 0 to 1024
[  213.522523][ T6382] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  213.532460][ T6382] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.537101][ T6390] loop4: detected capacity change from 0 to 2048
[  213.550250][ T6390] EXT4-fs: Ignoring removed bh option
[  213.563409][ T6387] Cannot find set identified by id 65534 to match
[  213.570139][ T4311] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  213.584168][ T6390] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  213.691674][ T6382] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz.2.560: Invalid block bitmap block 7637287204033462068 in block_group 0
[  213.788828][ T6382] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 131587 with max blocks 1 with error 117
[  213.816874][ T6382] EXT4-fs (loop2): This should not happen!! Data will be lost
[  213.816874][ T6382] 
[  213.856931][   T31] EXT4-fs error (device loop2): __ext4_get_inode_loc:4513: comm kworker/u4:2: Invalid inode table block 12813008985704163751 in block_group 0
[  213.883053][ T4311] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  214.011655][ T6394] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  214.028565][ T6394] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 17 with error 28
[  214.041242][ T6394] EXT4-fs (loop4): This should not happen!! Data will be lost
[  214.041242][ T6394] 
[  214.051245][ T6394] EXT4-fs (loop4): Total free blocks count 0
[  214.057329][ T6394] EXT4-fs (loop4): Free/Dirty block details
[  214.063323][ T6394] EXT4-fs (loop4): free_blocks=2415919104
[  214.069184][ T6394] EXT4-fs (loop4): dirty_blocks=32
[  214.074346][ T6394] EXT4-fs (loop4): Block reservation details
[  214.080401][ T6394] EXT4-fs (loop4): i_reserved_data_blocks=2
[  214.452486][ T4311] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.462421][ T4311] usb 4-1: config 0 descriptor??
[  214.478677][ T4266] EXT4-fs (loop2): unmounting filesystem.
[  214.491243][ T4311] cp210x 4-1:0.0: cp210x converter detected
[  214.637663][ T4279] EXT4-fs (loop4): unmounting filesystem.
[  214.897008][ T4311] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  214.917246][ T4311] usb 4-1: cp210x converter now attached to ttyUSB0
[  214.932761][ T4691] udevd[4691]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  215.115738][  T126] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  215.130070][ T4318] usb 4-1: USB disconnect, device number 7
[  215.317417][ T6408] loop0: detected capacity change from 0 to 512
[  215.393952][ T6408] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  215.404105][ T6408] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  215.413939][ T6408] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  215.424117][  T126] usb 5-1: Using ep0 maxpacket: 16
[  215.439953][  T126] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  215.451704][ T6408] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  215.459912][ T6408] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  215.467803][ T6408] EXT4-fs (loop0): failed to initialize system zone (-117)
[  215.475051][ T6408] EXT4-fs (loop0): mount failed
[  215.481649][ T4318] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  215.561015][ T4318] cp210x 4-1:0.0: device disconnected
[  215.566751][  T126] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  215.596588][  T126] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  215.612993][  T126] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  215.623791][  T126] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.675855][  T126] usb 5-1: config 0 descriptor??
[  216.111604][  T126] microsoft 0003:045E:07DA.0005: report is too long
[  216.155801][  T126] microsoft 0003:045E:07DA.0005: item 0 4 0 8 parsing failed
[  216.163969][  T126] microsoft 0003:045E:07DA.0005: parse failed
[  216.173631][  T126] microsoft: probe of 0003:045E:07DA.0005 failed with error -22
[  216.379088][  T126] usb 5-1: USB disconnect, device number 7
[  217.049137][ T6426] loop0: detected capacity change from 0 to 128
[  217.066464][ T6428] loop2: detected capacity change from 0 to 736
[  217.116631][ T6430] loop4: detected capacity change from 0 to 8
[  217.210237][ T6430] SQUASHFS error: Failed to read block 0x4de: -5
[  217.236303][ T6430] SQUASHFS error: Failed to read block 0x4de: -5
[  217.245648][   T26] audit: type=1800 audit(1769050974.608:13): pid=6430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.575" name="file1" dev="loop4" ino=5 res=0 errno=0
[  217.312082][ T6430] SQUASHFS error: Failed to read block 0x6e6: -5
[  217.366885][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  217.433142][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  217.477516][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  217.486499][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  217.534485][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  217.550223][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  217.559466][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  217.567672][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  217.576724][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  217.592503][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  217.611591][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  217.633637][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  217.653636][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  217.674456][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  217.682352][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  217.696081][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  217.703575][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  217.710472][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  217.716832][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  217.728492][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  217.736269][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  217.742526][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  217.749940][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  217.806990][ T6444] loop0: detected capacity change from 0 to 256
[  217.816783][ T6444] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  217.878705][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  217.921218][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  217.981675][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  218.017324][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  218.073523][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  218.116088][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  218.186403][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  218.192817][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  218.224635][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  218.233850][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  218.240382][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  218.268073][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  218.287698][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  218.293957][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  218.332965][ T6450] loop1: detected capacity change from 0 to 512
[  218.345175][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  218.359368][ T6450] EXT4-fs: Ignoring removed i_version option
[  218.380776][ T6453] loop3: detected capacity change from 0 to 512
[  218.399810][ T6453] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  218.410207][ T6453] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  218.420004][ T6453] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  218.451202][ T6453] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  218.459231][ T6453] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  218.467157][ T6453] EXT4-fs (loop3): failed to initialize system zone (-117)
[  218.474443][ T6453] EXT4-fs (loop3): mount failed
[  218.513555][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  218.523677][ T6450] EXT4-fs: Ignoring removed bh option
[  218.571508][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  218.636453][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  218.643351][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  218.687797][ T6450] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  218.706563][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  218.714188][ T6450] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  218.789869][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  218.796943][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  218.803263][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  218.810943][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  218.830625][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  218.838073][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  218.855115][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  218.872209][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  218.910988][ T6435] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  218.957961][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  218.978470][ T6435] SQUASHFS error: read_indexes: reading block [6e4:0]
[  218.994583][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  219.002903][ T6435] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  219.011598][ T6435] SQUASHFS error: read_indexes: reading block [6e4:0]
[  219.019141][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  219.042785][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  219.060427][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  219.074943][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  219.085290][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  219.110331][ T6463] netlink: 1304 bytes leftover after parsing attributes in process `syz.0.583'.
[  219.140151][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  219.238851][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  219.246008][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  219.252251][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  219.271821][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  219.443983][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  219.629924][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  219.769871][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  219.927863][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  219.934157][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  219.941605][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  219.948522][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  219.954804][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  219.962167][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  219.969205][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  219.975503][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  220.014648][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  220.050811][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  220.094690][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  220.134847][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  220.174908][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  220.183990][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  220.197153][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  220.222268][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  220.323847][ T6481] loop3: detected capacity change from 0 to 128
[  220.364786][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  220.404638][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  220.411617][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  220.426784][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  220.444533][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  220.464490][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  220.533608][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  220.541848][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  220.549887][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  220.557120][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  220.565249][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  220.572578][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  220.580109][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  220.588118][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  220.605422][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  220.613521][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  220.623158][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  220.647744][ T6430] SQUASHFS error: Failed to read block 0x0: -5
[  220.656105][ T6430] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  220.663597][ T6430] SQUASHFS error: read_indexes: reading block [6e4:0]
[  221.444038][ T6496] loop1: detected capacity change from 0 to 512
[  221.484027][ T6496] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  221.494485][ T6496] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  221.504280][ T6496] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  221.577145][ T6496] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  221.585123][ T6496] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  221.592916][ T6496] EXT4-fs (loop1): failed to initialize system zone (-117)
[  221.600225][ T6496] EXT4-fs (loop1): mount failed
[  221.949708][ T6498] loop2: detected capacity change from 0 to 512
[  222.028852][ T6505] loop3: detected capacity change from 0 to 256
[  222.037056][ T6505] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  222.181506][ T6508] loop0: detected capacity change from 0 to 1024
[  222.366927][ T6511] loop4: detected capacity change from 0 to 512
[  222.418942][ T6508] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  222.436773][ T6511] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.600: invalid indirect mapped block 10 (level 1)
[  222.456162][ T6511] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.600: invalid indirect mapped block 8 (level 1)
[  222.477270][ T6511] EXT4-fs (loop4): 1 truncate cleaned up
[  222.482993][ T6511] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  222.526703][ T6498] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  222.591610][   T26] audit: type=1800 audit(1769050979.949:14): pid=6508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.598" name="file1" dev="loop0" ino=839 res=0 errno=0
[  222.685778][ T4279] EXT4-fs (loop4): unmounting filesystem.
[  222.868543][ T6498] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  222.910130][ T6498] ext4 filesystem being mounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  223.093908][   T14] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  223.171041][ T4266] EXT4-fs (loop2): unmounting filesystem.
[  223.291073][   T14] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  223.311949][   T14] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  223.355263][   T14] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  223.378604][ T6528] overlayfs: unrecognized mount option "=7õñÇo¿iÎù
apÙÂhöˬÂæ›" or missing value
[  223.390490][   T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.412823][   T14] usb 2-1: Product: syz
[  223.417124][   T14] usb 2-1: Manufacturer: syz
[  223.433772][   T14] usb 2-1: SerialNumber: syz
[  223.444552][ T6528] loop4: detected capacity change from 0 to 1024
[  223.983267][ T6539] loop4: detected capacity change from 0 to 2048
[  224.026559][ T6539] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  224.030509][ T6541] loop3: detected capacity change from 0 to 512
[  224.073245][   T14] cdc_ncm 2-1:1.0: failed GET_NTB_PARAMETERS
[  224.080275][   T14] cdc_ncm 2-1:1.0: bind() failure
[  224.121754][   T14] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  224.148911][   T14] cdc_ncm 2-1:1.1: bind() failure
[  224.209646][ T6541] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  224.404594][ T6541] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  224.433285][ T6541] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  224.444347][ T6541] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  224.452318][ T6541] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  224.505772][ T6551] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  225.082097][ T6541] EXT4-fs (loop3): failed to initialize system zone (-117)
[  225.090766][ T6541] EXT4-fs (loop3): mount failed
[  225.191383][ T6553] loop4: detected capacity change from 0 to 1024
[  225.314418][ T6558] fuse: Bad value for 'fd'
[  225.417442][ T6559] loop0: detected capacity change from 0 to 256
[  225.490163][ T6559] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  226.130803][  T126] usb 2-1: USB disconnect, device number 10
[  226.170433][ T5019] hfsplus: b-tree write err: -5, ino 4
[  226.680583][ T6574] loop2: detected capacity change from 0 to 128
[  228.500121][ T6590] loop4: detected capacity change from 0 to 256
[  228.578647][ T6590] FAT-fs (loop4): Directory bread(block 64) failed
[  228.595612][ T6590] FAT-fs (loop4): Directory bread(block 65) failed
[  228.610194][ T6590] FAT-fs (loop4): Directory bread(block 66) failed
[  228.630647][ T6590] FAT-fs (loop4): Directory bread(block 67) failed
[  228.662884][ T6590] FAT-fs (loop4): Directory bread(block 68) failed
[  228.669663][ T6590] FAT-fs (loop4): Directory bread(block 69) failed
[  228.683165][ T6590] FAT-fs (loop4): Directory bread(block 70) failed
[  228.689752][ T6590] FAT-fs (loop4): Directory bread(block 71) failed
[  228.702400][ T6590] FAT-fs (loop4): Directory bread(block 72) failed
[  228.743837][ T6590] FAT-fs (loop4): Directory bread(block 73) failed
[  228.840099][ T6596] loop2: detected capacity change from 0 to 256
[  229.096233][ T6596] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  229.184917][ T6601] loop1: detected capacity change from 0 to 256
[  229.329380][ T6601] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  231.186265][ T6617] loop0: detected capacity change from 0 to 1024
[  231.525003][ T6617] syz.0.633: attempt to access beyond end of device
[  231.525003][ T6617] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  231.692144][ T6617] Buffer I/O error on dev loop0, logical block 2889, async page read
[  231.711058][ T6617] syz.0.633: attempt to access beyond end of device
[  231.711058][ T6617] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  232.390579][ T6617] Buffer I/O error on dev loop0, logical block 2889, async page read
[  232.525270][   T26] audit: type=1800 audit(1769050989.881:15): pid=6617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.633" name="file1" dev="loop0" ino=20 res=0 errno=0
[  232.698032][ T6626] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  233.236480][ T6640] loop4: detected capacity change from 0 to 128
[  233.285282][ T6640] FAT-fs (loop4): Unrecognized mount option "sys_émmutable" or missing value
[  233.817341][ T6648] loop3: detected capacity change from 0 to 256
[  233.876322][ T6648] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  237.437282][ T6674] loop0: detected capacity change from 0 to 128
[  237.504248][ T6674] EXT4-fs (loop0): Test dummy encryption mode enabled
[  237.617775][ T6674] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  237.632150][ T6674] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.661441][ T6676] overlayfs: unrecognized mount option "=7õñÇo¿iÎù
apÙÂhöˬÂæ›" or missing value
[  237.774425][ T6678] loop3: detected capacity change from 0 to 512
[  237.948932][ T6678] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  238.093139][ T6678] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  238.111409][ T6678] ext4 filesystem being mounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  238.275168][ T6674] fscrypt (loop0): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  238.454634][ T4268] EXT4-fs (loop3): unmounting filesystem.
[  238.482182][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  238.633321][ T6703] loop0: detected capacity change from 0 to 128
[  238.921346][ T6705] loop0: detected capacity change from 0 to 256
[  239.961157][ T6705] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  240.313627][ T6711] device syzkaller0 entered promiscuous mode
[  242.056233][ T6727] Cannot find set identified by id 65534 to match
[  243.891700][ T6741] loop0: detected capacity change from 0 to 512
[  244.984008][ T6753] Cannot find set identified by id 65534 to match
[  245.342274][ T6741] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  245.445188][ T6741] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  245.474849][ T6741] ext4 filesystem being mounted at /141/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  246.021555][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  248.013970][ T6784] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  248.023346][ T6784] tmpfs: Too few inodes for current use
[  248.360653][ T6794] loop2: detected capacity change from 0 to 1024
[  248.381217][ T6794] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  249.047578][ T6794] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  249.068708][ T6794] EXT4-fs (loop2): orphan cleanup on readonly fs
[  249.193059][ T6794] EXT4-fs error (device loop2): __ext4_get_inode_loc:4513: comm syz.2.681: Invalid inode table block 0 in block_group 0
[  249.348320][ T6794] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5933: Corrupt filesystem
[  250.529638][ T6794] EXT4-fs error (device loop2): ext4_quota_write:7247: inode #3: comm syz.2.681: mark_inode_dirty error
[  250.667994][ T6794] Quota error (device loop2): write_blk: dquota write failed
[  250.687795][ T6794] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  250.717721][ T6794] EXT4-fs error (device loop2): ext4_acquire_dquot:6835: comm syz.2.681: Failed to acquire dquot type 0
[  250.757894][ T6794] EXT4-fs error (device loop2): __ext4_get_inode_loc:4513: comm syz.2.681: Invalid inode table block 0 in block_group 0
[  250.807407][ T6794] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5933: Corrupt filesystem
[  250.829286][ T6813] overlayfs: unrecognized mount option "=7õñÇo¿iÎù
apÙÂhöˬÂæ›" or missing value
[  250.843626][ T6794] EXT4-fs error (device loop2): ext4_ext_truncate:4454: inode #15: comm syz.2.681: mark_inode_dirty error
[  250.862622][ T6794] EXT4-fs error (device loop2): __ext4_get_inode_loc:4513: comm syz.2.681: Invalid inode table block 0 in block_group 0
[  250.883567][ T6794] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5933: Corrupt filesystem
[  250.898820][ T6815] loop1: detected capacity change from 0 to 1024
[  250.910035][ T6794] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[  250.944623][ T6794] EXT4-fs error (device loop2): __ext4_get_inode_loc:4513: comm syz.2.681: Invalid inode table block 0 in block_group 0
[  250.959591][ T6794] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5933: Corrupt filesystem
[  250.988552][ T6794] EXT4-fs error (device loop2): ext4_truncate:4318: inode #15: comm syz.2.681: mark_inode_dirty error
[  251.001163][ T6794] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[  251.021507][ T6794] EXT4-fs (loop2): 1 truncate cleaned up
[  251.029697][ T6794] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  251.137153][ T4266] EXT4-fs (loop2): unmounting filesystem.
[  251.564438][ T6829] loop0: detected capacity change from 0 to 128
[  252.735073][ T6838] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  252.744261][ T6838] tmpfs: Too few inodes for current use
[  254.070694][ T6851] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  255.122746][ T6853] loop1: detected capacity change from 0 to 256
[  255.297283][ T6853] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  255.638920][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  255.645340][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  255.654280][ T6861] overlayfs: unrecognized mount option "=7õñÇo¿iÎù
apÙÂhöˬÂæ›" or missing value
[  256.475636][ T6861] loop1: detected capacity change from 0 to 1024
[  256.851091][ T6879] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  256.860481][ T6879] tmpfs: Too few inodes for current use
[  256.904922][ T6886] loop0: detected capacity change from 0 to 128
[  257.019273][ T6889] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  257.063410][ T6886] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  257.119690][ T6886] ext4 filesystem being mounted at /149/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  257.207702][ T6886] fscrypt (loop0, inode 12): Mutually exclusive encryption flags (0x14)
[  257.574806][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  257.890852][ T6903] loop3: detected capacity change from 0 to 1024
[  257.994939][ T6911] loop0: detected capacity change from 0 to 256
[  259.061177][ T6911] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  259.095767][ T4333] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  259.380399][ T4333] usb 2-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  260.035785][ T4333] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  260.062749][ T4333] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  260.074341][ T4333] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.215699][ T4333] usb 2-1: config 0 descriptor??
[  260.275612][ T4333] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  260.295120][ T6922] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  262.428572][ T6942] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  262.437966][ T6942] tmpfs: Too few inodes for current use
[  262.640777][ T4334] usb 2-1: USB disconnect, device number 11
[  265.977665][ T6985] netlink: 220 bytes leftover after parsing attributes in process `syz.4.735'.
[  267.289923][ T6996] 9pnet_virtio: no channels available for device 127.0.0.1
[  267.848525][ T7001] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  268.540916][ T7006] loop0: detected capacity change from 0 to 1024
[  268.932593][ T7012] input: syz0 as /devices/virtual/input/input8
[  269.277325][ T7019] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  270.633400][ T6165] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  271.090797][ T6165] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  271.635869][ T6165] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  271.782763][ T6165] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  271.820988][ T6165] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.852202][ T6165] usb 3-1: Product: syz
[  271.865104][ T6165] usb 3-1: Manufacturer: syz
[  271.869755][ T6165] usb 3-1: SerialNumber: syz
[  271.895077][ T7046] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  272.262056][ T7049] 9pnet_virtio: no channels available for device 127.0.0.1
[  273.011881][ T7056] loop0: detected capacity change from 0 to 1024
[  273.633309][ T6165] cdc_ncm 3-1:1.0: bind() failure
[  273.650281][ T6165] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  273.679253][ T6165] cdc_ncm 3-1:1.1: bind() failure
[  273.941543][ T7059] loop1: detected capacity change from 0 to 512
[  273.966243][ T7059] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  274.032878][ T4311] usb 3-1: USB disconnect, device number 4
[  274.060055][ T7059] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  274.069186][ T7059] ext4 filesystem being mounted at /130/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  274.176236][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  275.542824][ T4334] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  275.743530][ T4334] usb 1-1: config 0 has no interfaces?
[  275.750058][ T4334] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  275.759953][ T4334] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  275.768218][ T4334] usb 1-1: SerialNumber: syz
[  275.774534][ T4334] usb 1-1: config 0 descriptor??
[  276.002076][ T4255] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  276.070840][ T4311] usb 1-1: USB disconnect, device number 4
[  276.193583][ T4255] usb 4-1: config 16 has an invalid interface number: 50 but max is 0
[  276.206549][ T4255] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  276.218461][ T4255] usb 4-1: config 16 has no interface number 0
[  276.230456][ T4255] usb 4-1: New USB device found, idVendor=046d, idProduct=08c2, bcdDevice=d4.71
[  276.244222][ T4255] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.258334][ T4255] usb 4-1: Product: syz
[  276.264222][ T4255] usb 4-1: Manufacturer: syz
[  276.269872][ T4255] usb 4-1: SerialNumber: syz
[  276.498837][ T4255] usb 4-1: USB disconnect, device number 8
[  277.505662][ T7103] loop0: detected capacity change from 0 to 512
[  277.539596][ T7103] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  277.588703][ T7103] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  277.597755][ T7103] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  277.669242][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  278.652574][ T7139] loop0: detected capacity change from 0 to 2048
[  279.475927][ T7139] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  279.552451][ T7139] EXT4-fs error (device loop0): ext4_ext_precache:627: inode #2: comm syz.0.782: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  279.653137][ T7152] EXT4-fs (loop0): re-mounted. Quota mode: none.
[  280.087239][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  280.869056][ T7168] device syzkaller0 entered promiscuous mode
[  280.950990][ T4255] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  281.166476][ T4255] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  281.189659][ T4255] usb 4-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  281.635391][ T7176] loop2: detected capacity change from 0 to 512
[  281.684230][ T7176] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  281.707098][ T4255] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  282.052581][ T7176] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  282.061719][ T7176] ext4 filesystem being mounted at /166/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  282.140800][ T4255] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.148849][ T4255] usb 4-1: Product: syz
[  282.167178][ T4266] EXT4-fs (loop2): unmounting filesystem.
[  282.184275][ T4255] usb 4-1: Manufacturer: syz
[  282.188920][ T4255] usb 4-1: SerialNumber: syz
[  282.379678][ T7184] loop0: detected capacity change from 0 to 512
[  282.933768][ T7184] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  282.990679][ T7184] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  282.999666][ T7184] ext4 filesystem being mounted at /169/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  283.098063][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  283.978720][ T4255] cdc_ncm 4-1:1.0: bind() failure
[  283.987368][ T4255] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  284.014704][ T4255] cdc_ncm 4-1:1.1: bind() failure
[  284.073459][ T7197] loop2: detected capacity change from 0 to 512
[  284.108505][ T7197] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.798: inode has both inline data and extents flags
[  284.145380][ T7197] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.798: couldn't read orphan inode 15 (err -117)
[  284.188060][ T4255] usb 4-1: USB disconnect, device number 9
[  284.255800][ T7197] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  284.562026][ T7208] loop1: detected capacity change from 0 to 2048
[  284.644475][ T5785] EXT4-fs (loop2): unmounting filesystem.
[  284.657434][ T7208] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  284.678108][ T7208] ext4 filesystem being mounted at /136/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.647915][ T4821] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.670912][ T7218] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.805: bg 0: block 345: padding at end of block bitmap is not set
[  285.719985][ T7218] EXT4-fs (loop1): Remounting filesystem read-only
[  285.826157][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  285.827554][ T4821] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.946364][ T4821] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.425374][ T4821] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.980498][ T4283] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  286.990642][ T4283] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  287.001073][ T4283] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  287.010779][ T4283] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  287.018346][ T4283] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  287.036727][ T4283] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  287.053510][ T4278] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  287.061313][ T4278] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  287.069279][ T4278] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  287.079079][ T4278] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  287.158529][ T4278] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  287.166102][ T4278] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  287.243454][ T7263] Cannot find set identified by id 65534 to match
[  288.193833][ T7257] chnl_net:caif_netlink_parms(): no params data found
[  288.811909][ T7300] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  289.346713][ T4283] Bluetooth: hci0: command 0x0409 tx timeout
[  289.672025][ T7257] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.685976][ T7257] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.715287][ T7257] device bridge_slave_0 entered promiscuous mode
[  289.776857][ T7257] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.784465][ T7257] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.800402][ T7257] device bridge_slave_1 entered promiscuous mode
[  289.822064][ T7313] netlink: 24 bytes leftover after parsing attributes in process `syz.4.828'.
[  289.994491][ T7257] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  290.046852][ T7257] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  290.203824][ T7257] team0: Port device team_slave_0 added
[  290.234829][ T7257] team0: Port device team_slave_1 added
[  290.298965][ T4821] device hsr_slave_0 left promiscuous mode
[  290.325770][ T4821] device hsr_slave_1 left promiscuous mode
[  290.345137][ T4821] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  290.394790][ T4821] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.451535][ T4821] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  290.476181][ T4821] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.495418][ T4821] device bridge_slave_1 left promiscuous mode
[  290.507984][ T4821] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.575057][ T4821] device bridge_slave_0 left promiscuous mode
[  290.594489][ T4821] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.715331][ T4821] device veth1_macvtap left promiscuous mode
[  290.746939][ T4821] device veth0_macvtap left promiscuous mode
[  291.531320][ T4283] Bluetooth: hci0: command 0x041b tx timeout
[  291.635485][ T4821] device veth1_vlan left promiscuous mode
[  291.673982][ T4821] device veth0_vlan left promiscuous mode
[  291.886277][ T7341] loop1: detected capacity change from 0 to 1024
[  291.920131][ T7341] EXT4-fs: Ignoring removed oldalloc option
[  291.997182][ T7341] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  292.040992][ T7341] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.124192][ T7341] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.834: inode has both inline data and extents flags
[  292.240261][ T4267] EXT4-fs (loop1): unmounting filesystem.
[  293.220464][ T4821] team0 (unregistering): Port device team_slave_1 removed
[  293.262648][ T4821] team0 (unregistering): Port device team_slave_0 removed
[  293.300508][ T4821] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  293.344055][ T4821] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  293.551942][ T4283] Bluetooth: hci0: command 0x040f tx timeout
[  293.645122][ T4821] bond0 (unregistering): Released all slaves
[  293.868838][ T7368] netlink: 24 bytes leftover after parsing attributes in process `syz.4.839'.
[  293.924490][ T7257] batman_adv: batadv0: Adding interface: batadv_slave_0
[  293.933483][ T7257] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.025047][ T7257] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  294.050125][ T7257] batman_adv: batadv0: Adding interface: batadv_slave_1
[  294.067453][ T7257] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.183899][ T7257] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  294.622170][ T7257] device hsr_slave_0 entered promiscuous mode
[  294.786730][ T7257] device hsr_slave_1 entered promiscuous mode
[  294.918686][ T7257] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  294.926298][ T7257] Cannot create hsr debugfs directory
[  295.627726][ T4283] Bluetooth: hci0: command 0x0419 tx timeout
[  295.811646][ T7257] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  295.866750][ T7257] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  295.893484][ T7257] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  295.923147][ T7257] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  296.355719][ T7428] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  296.365123][ T7428] tmpfs: Too few inodes for current use
[  296.460589][ T7257] 8021q: adding VLAN 0 to HW filter on device bond0
[  296.577208][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  296.595846][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  296.653367][ T7257] 8021q: adding VLAN 0 to HW filter on device team0
[  296.705757][ T7257] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  296.722333][ T7257] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  296.772952][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  296.808400][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  296.816937][ T4310] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.824092][ T4310] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.853657][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  296.869005][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  296.883033][ T4310] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.890296][ T4310] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.904727][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  296.917035][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  296.931381][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  296.945053][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  296.960191][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  296.974730][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  296.984744][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  296.999078][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  297.012023][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  297.022044][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  297.053088][ T7435] netlink: 24 bytes leftover after parsing attributes in process `syz.0.852'.
[  297.070584][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  297.088146][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  297.105362][ T4310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  299.689435][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  299.714240][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  299.775518][ T7257] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.914871][ T7486] netlink: 24 bytes leftover after parsing attributes in process `syz.0.863'.
[  301.083128][ T4821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  301.134103][ T4821] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  301.213189][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  301.253001][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  301.284195][ T7257] device veth0_vlan entered promiscuous mode
[  301.302496][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  301.329841][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  301.392893][ T7257] device veth1_vlan entered promiscuous mode
[  301.500210][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  301.682259][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  301.701050][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  301.726996][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  301.801452][ T7543] netlink: 24 bytes leftover after parsing attributes in process `syz.4.875'.
[  301.883731][ T7257] device veth0_macvtap entered promiscuous mode
[  302.087877][ T4496] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  302.162049][ T7257] device veth1_macvtap entered promiscuous mode
[  302.482607][ T7257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.532062][ T7257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.599674][ T7257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.620602][ T7257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.651500][ T7257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.670119][ T7257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.683254][ T7257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.695977][ T7257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.740386][ T7257] batman_adv: batadv0: Interface activated: batadv_slave_0
[  302.781191][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  302.797038][ T4355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  302.887234][ T7257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.930462][ T7558] Cannot find set identified by id 65534 to match
[  302.946001][ T7257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.983721][ T7257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.026407][ T7257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.075451][ T7257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.086566][ T7257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.096521][ T7257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.107489][ T7257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.118631][ T7257] batman_adv: batadv0: Interface activated: batadv_slave_1
[  303.128129][ T4496] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  303.145956][ T4496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  303.207906][ T7573] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  303.797647][ T7257] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  303.867540][ T7257] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  303.914272][ T7257] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  303.951876][ T7257] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.231512][ T4537] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.251660][ T4537] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.288806][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  304.417197][ T4821] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.454055][ T4821] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.079093][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  305.530769][ T7602] loop5: detected capacity change from 0 to 512
[  306.104182][ T7602] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  306.176616][ T7602] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  306.185833][ T7602] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  306.306133][ T7257] EXT4-fs (loop5): unmounting filesystem.
[  307.656691][ T7633] loop1: detected capacity change from 0 to 512
[  307.667229][ T7633] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  307.677081][ T7633] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  307.686998][ T7633] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  307.716289][ T7633] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  307.724237][ T7633] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  307.732470][ T7633] EXT4-fs (loop1): failed to initialize system zone (-117)
[  307.739852][ T7633] EXT4-fs (loop1): mount failed
[  308.195223][ T4334] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  308.978173][ T4334] usb 2-1: config 160 has an invalid interface number: 200 but max is 0
[  309.034937][ T4334] usb 2-1: config 160 has no interface number 0
[  309.041271][ T4334] usb 2-1: config 160 interface 200 has no altsetting 0
[  309.088573][ T4334] usb 2-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b
[  309.099321][ T7662] loop5: detected capacity change from 0 to 128
[  309.122146][ T4334] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.136120][ T4334] usb 2-1: Product: syz
[  309.140327][ T4334] usb 2-1: Manufacturer: syz
[  309.153642][ T4334] usb 2-1: SerialNumber: syz
[  309.196322][ T4259] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  309.383806][ T4334] usb 2-1: MIDIStreaming interface descriptor not found
[  309.484818][ T4334] usb 2-1: USB disconnect, device number 12
[  309.844835][ T7667] loop0: detected capacity change from 0 to 512
[  309.987943][ T7667] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  310.016280][ T4260] udevd[4260]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  310.096338][ T7682] loop5: detected capacity change from 0 to 256
[  310.128204][ T7682] FAT-fs (loop5): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  310.944377][ T4325] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  311.124543][ T4325] usb 4-1: device descriptor read/64, error -71
[  311.396654][ T4325] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  312.138470][ T4325] usb 4-1: device descriptor read/64, error -71
[  312.264373][ T4325] usb usb4-port1: attempt power cycle
[  312.297991][ T7667] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  312.337661][ T7714] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  312.414509][ T7667] ext4 filesystem being mounted at /195/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  312.589814][ T7722] loop5: detected capacity change from 0 to 512
[  312.673209][ T7722] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  312.683125][ T7722] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  312.693064][ T7722] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  312.703550][ T4325] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  312.783429][ T4325] usb 4-1: device descriptor read/8, error -71
[  312.806211][ T7722] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  312.814301][ T7722] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  312.822072][ T7722] EXT4-fs (loop5): failed to initialize system zone (-117)
[  312.829356][ T7722] EXT4-fs (loop5): mount failed
[  313.943746][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  315.879317][ T7767] loop1: detected capacity change from 0 to 512
[  315.905793][ T7768] Cannot find set identified by id 65534 to match
[  316.114483][ T7767] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  316.124374][ T7767] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  316.134195][ T7767] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  316.165967][ T7767] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  316.174082][ T7767] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  316.181944][ T7767] EXT4-fs (loop1): failed to initialize system zone (-117)
[  316.189319][ T7767] EXT4-fs (loop1): mount failed
[  316.551042][ T7785] loop5: detected capacity change from 0 to 128
[  317.072696][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  317.085702][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  317.766537][ T7800] Cannot find set identified by id 65534 to match
[  317.831145][ T7802] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  318.740294][ T7811] loop5: detected capacity change from 0 to 256
[  319.027877][ T7811] FAT-fs (loop5): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  320.592529][ T7840] Cannot find set identified by id 65534 to match
[  322.385271][ T7866] loop5: detected capacity change from 0 to 512
[  322.410985][ T7866] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  322.420886][ T7866] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  322.430713][ T7866] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  322.477573][ T7866] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  322.485735][ T7866] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  322.493669][ T7866] EXT4-fs (loop5): failed to initialize system zone (-117)
[  322.501098][ T7866] EXT4-fs (loop5): mount failed
[  323.113603][ T7882] 9pnet_virtio: no channels available for device 127.0.0.1
[  324.211074][ T7901] loop5: detected capacity change from 0 to 128
[  324.810474][ T7911] Cannot find set identified by id 65534 to match
[  325.282231][ T7922] loop0: detected capacity change from 0 to 512
[  325.296406][ T7922] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  325.306291][ T7922] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  325.316157][ T7922] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  325.331775][ T7922] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  325.339746][ T7922] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  325.347638][ T7922] EXT4-fs (loop0): failed to initialize system zone (-117)
[  325.354972][ T7922] EXT4-fs (loop0): mount failed
[  325.434695][ T7924] loop5: detected capacity change from 0 to 256
[  325.501299][ T4259] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  325.650674][ T7924] FAT-fs (loop5): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  326.107608][ T7942] 9pnet_virtio: no channels available for device 127.0.0.1
[  328.735626][ T7984] 9pnet_virtio: no channels available for device 127.0.0.1
[  329.498826][ T8006] loop1: detected capacity change from 0 to 128
[  330.322095][ T8031] loop1: detected capacity change from 0 to 256
[  330.340565][ T8031] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  331.099374][ T8033] 9pnet_virtio: no channels available for device 127.0.0.1
[  331.874522][ T8053] loop0: detected capacity change from 0 to 16
[  331.899319][ T8053] erofs: (device loop0): mounted with root inode @ nid 36.
[  332.545242][ T8069] 9pnet_virtio: no channels available for device 127.0.0.1
[  333.978055][ T8065] device syzkaller0 entered promiscuous mode
[  334.098954][ T8083] loop1: detected capacity change from 0 to 128
[  334.835275][ T8113] loop1: detected capacity change from 0 to 256
[  334.843471][ T8113] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  335.182912][ T8117] 9pnet_virtio: no channels available for device 127.0.0.1
[  335.974000][ T8124] device syzkaller0 entered promiscuous mode
[  337.068957][ T4255] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  337.288780][ T4255] usb 2-1: Using ep0 maxpacket: 8
[  337.305563][ T4255] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  337.345620][ T4255] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.397374][ T8169] loop5: detected capacity change from 0 to 128
[  337.481010][ T4255] usb 2-1: Product: syz
[  337.570747][ T4255] usb 2-1: Manufacturer: syz
[  337.653678][ T4255] usb 2-1: SerialNumber: syz
[  337.739872][ T4255] usb 2-1: config 0 descriptor??
[  337.846058][ T4255] gspca_main: sq905-2.14.0 probing 2770:9120
[  338.489646][ T4255] gspca_sq905: sq905_command: usb_control_msg failed (-71)
[  338.512932][ T4255] sq905: probe of 2-1:0.0 failed with error -71
[  338.557079][ T4255] usb 2-1: USB disconnect, device number 13
[  338.630959][ T8181] loop5: detected capacity change from 0 to 256
[  338.646235][ T8181] FAT-fs (loop5): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  339.177399][ T8191] loop1: detected capacity change from 0 to 1024
[  339.973993][ T8212] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  341.756630][ T8251] 9pnet_virtio: no channels available for device 127.0.0.1
[  342.402631][ T8255] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1064'.
[  342.424951][ T8246] process 'syz.0.1059' launched '/dev/fd/8' with NULL argv: empty string added
[  342.492992][ T8259] loop1: detected capacity change from 0 to 128
[  342.718070][ T8262] loop1: detected capacity change from 0 to 256
[  342.726176][ T8262] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  343.216027][ T8273] device syzkaller0 entered promiscuous mode
[  346.040734][ T8313] Cannot find set identified by id 65534 to match
[  347.175925][ T8303] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  348.619700][ T8347] Cannot find set identified by id 65534 to match
[  349.321757][ T8353] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1088'.
[  349.537650][ T8361] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  350.226584][ T8369] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1091'.
[  350.699430][ T8381] device syzkaller0 entered promiscuous mode
[  352.582718][ T8424] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  355.055455][ T4305] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  355.075323][ T8455] loop0: detected capacity change from 0 to 128
[  355.129380][ T8456] device gretap1 entered promiscuous mode
[  355.136403][ T4259] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  355.296744][ T4305] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  355.325129][ T4305] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.411704][ T4305] usb 6-1: config 0 descriptor??
[  355.462870][ T8453] loop0: detected capacity change from 0 to 256
[  355.483027][ T8453] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  355.651878][ T4305] [drm] vendor descriptor length:a data:02 5f 00 00 00 00 00 00 00 00 00
[  355.673957][ T4305] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  355.704943][   T22] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  355.956645][ T4305] [drm:udl_init] *ERROR* Selecting channel failed
[  355.979255][ T4305] [drm] Initialized udl 0.0.1 20120220 for 6-1:0.0 on minor 2
[  355.986883][ T4305] [drm] Initialized udl on minor 2
[  355.995658][ T4305] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  356.006264][ T4305] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[  356.031280][ T4305] usb 6-1: USB disconnect, device number 2
[  356.054812][   T22] usb 2-1: Using ep0 maxpacket: 32
[  356.121943][   T22] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  356.273915][   T22] usb 2-1: config 0 interface 0 has no altsetting 0
[  356.413625][   T22] usb 2-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  356.646908][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.701298][   T22] usb 2-1: config 0 descriptor??
[  356.744405][ T4311] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[  356.796547][ T4311] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[  356.829064][ T4311] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[  357.193250][   T22] hid-rmi 0003:0461:4E72.0006: hidraw0: USB HID v0.02 Device [HID 0461:4e72] on usb-dummy_hcd.1-1/input0
[  357.329242][ T8489] device syzkaller0 entered promiscuous mode
[  357.426333][ T8490] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  357.440463][   T22] usb 2-1: USB disconnect, device number 14
[  358.088900][ T8484] fido_id[8484]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  359.608926][ T8530] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  362.752599][ T8587] Cannot find set identified by id 65534 to match
[  363.307344][ T8601] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[  363.890833][ T8614] loop0: detected capacity change from 0 to 128
[  364.385615][ T8619] device syzkaller0 entered promiscuous mode
[  365.268111][ T8640] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1155'.
[  365.410945][ T8643] loop1: detected capacity change from 0 to 128
[  365.675208][ T4259] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  365.841848][ T8645] loop1: detected capacity change from 0 to 256
[  365.850054][ T8645] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  366.110989][ T8649] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1161'.
[  366.172484][ T8649] device bond0 entered promiscuous mode
[  366.205576][ T8649] device bond_slave_0 entered promiscuous mode
[  366.262995][ T8649] device bond_slave_1 entered promiscuous mode
[  366.310046][ T8649] device gretap0 entered promiscuous mode
[  366.359438][ T8649] device hsr1 entered promiscuous mode
[  366.361153][ T8651] loop1: detected capacity change from 0 to 128
[  367.451956][ T8674] Cannot find set identified by id 65534 to match
[  369.531982][ T4318] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  369.731874][ T4318] usb 2-1: Using ep0 maxpacket: 32
[  369.740224][ T4318] usb 2-1: config 0 has an invalid interface number: 132 but max is 0
[  369.781886][ T4318] usb 2-1: config 0 has no interface number 0
[  369.788041][ T4318] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  369.847255][ T4318] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  369.861536][ T4318] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.154019][ T8706] loop0: detected capacity change from 0 to 512
[  371.184723][ T8706] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  371.206903][ T4318] usb 2-1: Product: syz
[  371.217019][ T4318] usb 2-1: Manufacturer: syz
[  371.234997][ T4318] usb 2-1: SerialNumber: syz
[  371.301195][ T4318] usb 2-1: config 0 descriptor??
[  371.318288][ T8706] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  371.327369][ T8706] ext4 filesystem being mounted at /242/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  371.409910][ T4318] em28xx 2-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  371.426451][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  371.445728][ T4318] em28xx 2-1:0.132: Video interface 132 found: isoc
[  371.724406][ T4318] em28xx 2-1:0.132: unknown em28xx chip ID (0)
[  371.873453][ T4318] em28xx 2-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  372.054163][ T4318] em28xx 2-1:0.132: board has no eeprom
[  372.271546][ T4318] em28xx 2-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  372.356425][ T4318] em28xx 2-1:0.132: analog set to isoc mode.
[  372.451109][ T8723] Cannot find set identified by id 65534 to match
[  372.797553][ T4318] usb 2-1: USB disconnect, device number 15
[  372.804688][ T4318] em28xx 2-1:0.132: Disconnecting em28xx
[  372.811043][ T4334] em28xx 2-1:0.132: Registering V4L2 extension
[  373.074357][ T8736] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1186'.
[  373.253296][ T8736] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  373.398167][ T8736] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  373.454745][ T4334] em28xx 2-1:0.132: Config register raw data: 0xffffffed
[  373.469402][ T4334] em28xx 2-1:0.132: AC97 chip type couldn't be determined
[  373.515504][ T4334] em28xx 2-1:0.132: No AC97 audio processor
[  373.779376][ T4334] usb 2-1: Decoder not found
[  373.804372][ T4334] em28xx 2-1:0.132: failed to create media graph
[  373.840679][ T4334] em28xx 2-1:0.132: V4L2 device video103 deregistered
[  373.898727][ T8745] ==================================================================
[  373.906832][ T8745] BUG: KASAN: use-after-free in v4l2_fh_open+0xc6/0x430
[  373.913764][ T8745] Read of size 8 at addr ffff888027fe8738 by task v4l_id/8745
[  373.921203][ T8745] 
[  373.923521][ T8745] CPU: 0 PID: 8745 Comm: v4l_id Not tainted syzkaller #0
[  373.930537][ T8745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  373.940594][ T8745] Call Trace:
[  373.943866][ T8745]  <TASK>
[  373.946780][ T8745]  dump_stack_lvl+0x188/0x24e
[  373.951452][ T8745]  ? __lock_acquire+0x7d10/0x7d10
[  373.956462][ T8745]  ? show_regs_print_info+0x12/0x12
[  373.961646][ T8745]  ? load_image+0x400/0x400
[  373.966149][ T8745]  ? _raw_spin_lock_irqsave+0xbc/0x100
[  373.971876][ T8745]  ? __virt_addr_valid+0x188/0x540
[  373.976972][ T8745]  ? __virt_addr_valid+0x465/0x540
[  373.982073][ T8745]  ? v4l2_fh_open+0xc6/0x430
[  373.986650][ T8745]  print_report+0xa8/0x210
[  373.991054][ T8745]  kasan_report+0x10b/0x140
[  373.995546][ T8745]  ? v4l2_fh_open+0xc6/0x430
[  374.000127][ T8745]  v4l2_fh_open+0xc6/0x430
[  374.004533][ T8745]  em28xx_v4l2_open+0x152/0x990
[  374.009372][ T8745]  ? __lock_acquire+0x7d10/0x7d10
[  374.014388][ T8745]  v4l2_open+0x20b/0x360
[  374.018615][ T8745]  chrdev_open+0x5c5/0x6a0
[  374.023018][ T8745]  ? cd_forget+0x160/0x160
[  374.027417][ T8745]  ? fsnotify_perm+0x39b/0x550
[  374.032168][ T8745]  ? cd_forget+0x160/0x160
[  374.036570][ T8745]  do_dentry_open+0x7e9/0x10d0
[  374.041319][ T8745]  path_openat+0x2635/0x2ee0
[  374.045896][ T8745]  ? verify_lock_unused+0x140/0x140
[  374.051085][ T8745]  ? do_syscall_64+0x4c/0xa0
[  374.055676][ T8745]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  374.061727][ T8745]  ? do_filp_open+0x430/0x430
[  374.066390][ T8745]  do_filp_open+0x1f1/0x430
[  374.070881][ T8745]  ? vfs_tmpfile+0x480/0x480
[  374.075465][ T8745]  ? _raw_spin_unlock+0x24/0x40
[  374.080296][ T8745]  ? alloc_fd+0x58f/0x630
[  374.084611][ T8745]  do_sys_openat2+0x150/0x4b0
[  374.089277][ T8745]  ? up_read+0x20/0x20
[  374.093327][ T8745]  ? do_faccessat+0x73f/0xa10
[  374.097989][ T8745]  ? kmem_cache_free+0xf7/0x290
[  374.102821][ T8745]  ? do_sys_open+0xe0/0xe0
[  374.107222][ T8745]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  374.113260][ T8745]  ? lock_chain_count+0x20/0x20
[  374.118100][ T8745]  __x64_sys_openat+0x135/0x160
[  374.122940][ T8745]  do_syscall_64+0x4c/0xa0
[  374.127354][ T8745]  ? clear_bhb_loop+0x60/0xb0
[  374.132032][ T8745]  ? clear_bhb_loop+0x60/0xb0
[  374.136710][ T8745]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  374.142594][ T8745] RIP: 0033:0x7f67ca9d5407
[  374.147013][ T8745] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  374.166610][ T8745] RSP: 002b:00007fffbdc89b10 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  374.175010][ T8745] RAX: ffffffffffffffda RBX: 00007f67ca949880 RCX: 00007f67ca9d5407
[  374.182966][ T8745] RDX: 0000000000000000 RSI: 00007fffbdc8bf1b RDI: ffffffffffffff9c
[  374.190921][ T8745] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  374.198875][ T8745] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  374.206834][ T8745] R13: 00007fffbdc89d60 R14: 00007f67cac26000 R15: 00005623c83c74d8
[  374.214806][ T8745]  </TASK>
[  374.217813][ T8745] 
[  374.220118][ T8745] Allocated by task 4334:
[  374.224423][ T8745]  kasan_set_track+0x4b/0x70
[  374.229002][ T8745]  __kasan_kmalloc+0x8e/0xa0
[  374.233576][ T8745]  em28xx_v4l2_init+0x107/0x2e70
[  374.238495][ T8745]  em28xx_init_extension+0x118/0x1b0
[  374.243764][ T8745]  process_one_work+0x8a2/0x1160
[  374.248682][ T8745]  worker_thread+0xd83/0x1270
[  374.253350][ T8745]  kthread+0x29d/0x330
[  374.257419][ T8745]  ret_from_fork+0x1f/0x30
[  374.261825][ T8745] 
[  374.264134][ T8745] Freed by task 4334:
[  374.268096][ T8745]  kasan_set_track+0x4b/0x70
[  374.272684][ T8745]  kasan_save_free_info+0x2d/0x50
[  374.277694][ T8745]  ____kasan_slab_free+0x126/0x1e0
[  374.282793][ T8745]  slab_free_freelist_hook+0x131/0x1a0
[  374.288245][ T8745]  __kmem_cache_free+0xb6/0x1f0
[  374.293080][ T8745]  em28xx_v4l2_init+0x166c/0x2e70
[  374.298085][ T8745]  em28xx_init_extension+0x118/0x1b0
[  374.303356][ T8745]  process_one_work+0x8a2/0x1160
[  374.308277][ T8745]  worker_thread+0xd83/0x1270
[  374.312934][ T8745]  kthread+0x29d/0x330
[  374.316986][ T8745]  ret_from_fork+0x1f/0x30
[  374.321384][ T8745] 
[  374.323773][ T8745] The buggy address belongs to the object at ffff888027fe8000
[  374.323773][ T8745]  which belongs to the cache kmalloc-8k of size 8192
[  374.337804][ T8745] The buggy address is located 1848 bytes inside of
[  374.337804][ T8745]  8192-byte region [ffff888027fe8000, ffff888027fea000)
[  374.351238][ T8745] 
[  374.353545][ T8745] The buggy address belongs to the physical page:
[  374.359942][ T8745] page:ffffea00009ffa00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888027fec000 pfn:0x27fe8
[  374.371379][ T8745] head:ffffea00009ffa00 order:3 compound_mapcount:0 compound_pincount:0
[  374.379679][ T8745] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  374.388197][ T8745] raw: 00fff00000010200 ffffea000063f000 dead000000000002 ffff888017442280
[  374.396760][ T8745] raw: ffff888027fec000 0000000080020001 00000001ffffffff 0000000000000000
[  374.405321][ T8745] page dumped because: kasan: bad access detected
[  374.411726][ T8745] page_owner tracks the page as allocated
[  374.417440][ T8745] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 7845, tgid 7844 (syz.1.952), ts 320902073113, free_ts 320898801271
[  374.440093][ T8745]  post_alloc_hook+0x173/0x1a0
[  374.444851][ T8745]  get_page_from_freelist+0x1a1e/0x1ab0
[  374.450393][ T8745]  __alloc_pages+0x1ec/0x4f0
[  374.454987][ T8745]  alloc_slab_page+0x5d/0x160
[  374.459674][ T8745]  new_slab+0x87/0x2c0
[  374.463725][ T8745]  ___slab_alloc+0xbc6/0x1240
[  374.468388][ T8745]  __kmem_cache_alloc_node+0x1a0/0x260
[  374.473839][ T8745]  __kmalloc_node+0xa0/0x240
[  374.478410][ T8745]  kvmalloc_node+0x6c/0x180
[  374.482898][ T8745]  bpf_check+0x1b7/0x10db0
[  374.487289][ T8745]  bpf_prog_load+0x101a/0x1560
[  374.492033][ T8745]  __sys_bpf+0x5b8/0x780
[  374.496254][ T8745]  __x64_sys_bpf+0x78/0x90
[  374.500648][ T8745]  do_syscall_64+0x4c/0xa0
[  374.505046][ T8745]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  374.510922][ T8745] page last free stack trace:
[  374.515571][ T8745]  free_unref_page_prepare+0x8b4/0x9a0
[  374.521020][ T8745]  free_unref_page+0x2e/0x3f0
[  374.525684][ T8745]  qlist_free_all+0x76/0xe0
[  374.530257][ T8745]  kasan_quarantine_reduce+0x144/0x160
[  374.535693][ T8745]  __kasan_slab_alloc+0x1e/0x80
[  374.540548][ T8745]  slab_post_alloc_hook+0x4b/0x480
[  374.545670][ T8745]  kmem_cache_alloc+0x123/0x2f0
[  374.550504][ T8745]  vm_area_alloc+0x20/0xe0
[  374.554897][ T8745]  mmap_region+0xc18/0x1ca0
[  374.559379][ T8745]  do_mmap+0x964/0xfd0
[  374.563429][ T8745]  vm_mmap_pgoff+0x1c1/0x2d0
[  374.568016][ T8745]  ksys_mmap_pgoff+0x516/0x6f0
[  374.572769][ T8745]  do_syscall_64+0x4c/0xa0
[  374.577168][ T8745]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  374.583046][ T8745] 
[  374.585346][ T8745] Memory state around the buggy address:
[  374.590949][ T8745]  ffff888027fe8600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  374.598987][ T8745]  ffff888027fe8680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  374.607027][ T8745] >ffff888027fe8700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  374.615069][ T8745]                                         ^
[  374.620945][ T8745]  ffff888027fe8780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  374.628985][ T8745]  ffff888027fe8800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  374.637022][ T8745] ==================================================================
[  374.663602][ T4334] em28xx 2-1:0.132: Remote control support is not available for this card.
[  374.686618][ T4318] em28xx 2-1:0.132: Closing input extension
[  374.701247][ T8736] bond0 (unregistering): Released all slaves
[  374.711282][ T8747] Cannot find set identified by id 65534 to match
[  374.854342][ T8745] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  374.861586][ T8745] CPU: 0 PID: 8745 Comm: v4l_id Not tainted syzkaller #0
[  374.868634][ T8745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  374.878694][ T8745] Call Trace:
[  374.881961][ T8745]  <TASK>
[  374.884874][ T8745]  dump_stack_lvl+0x188/0x24e
[  374.889539][ T8745]  ? memcpy+0x3c/0x60
[  374.893503][ T8745]  ? show_regs_print_info+0x12/0x12
[  374.898684][ T8745]  ? load_image+0x400/0x400
[  374.903171][ T8745]  panic+0x2e5/0x730
[  374.907062][ T8745]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  374.913211][ T8745]  ? bpf_jit_dump+0xd0/0xd0
[  374.917735][ T8745]  ? _raw_spin_unlock_irqrestore+0x10d/0x120
[  374.923884][ T8745]  ? _raw_spin_unlock+0x40/0x40
[  374.928735][ T8745]  check_panic_on_warn+0x80/0xa0
[  374.933678][ T8745]  ? v4l2_fh_open+0xc6/0x430
[  374.938263][ T8745]  end_report+0x66/0x110
[  374.942496][ T8745]  kasan_report+0x118/0x140
[  374.946985][ T8745]  ? v4l2_fh_open+0xc6/0x430
[  374.951565][ T8745]  v4l2_fh_open+0xc6/0x430
[  374.955971][ T8745]  em28xx_v4l2_open+0x152/0x990
[  374.960813][ T8745]  ? __lock_acquire+0x7d10/0x7d10
[  374.965827][ T8745]  v4l2_open+0x20b/0x360
[  374.970060][ T8745]  chrdev_open+0x5c5/0x6a0
[  374.974459][ T8745]  ? cd_forget+0x160/0x160
[  374.978855][ T8745]  ? fsnotify_perm+0x39b/0x550
[  374.983607][ T8745]  ? cd_forget+0x160/0x160
[  374.988002][ T8745]  do_dentry_open+0x7e9/0x10d0
[  374.992752][ T8745]  path_openat+0x2635/0x2ee0
[  374.997338][ T8745]  ? verify_lock_unused+0x140/0x140
[  375.002520][ T8745]  ? do_syscall_64+0x4c/0xa0
[  375.007091][ T8745]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  375.013144][ T8745]  ? do_filp_open+0x430/0x430
[  375.017802][ T8745]  do_filp_open+0x1f1/0x430
[  375.022292][ T8745]  ? vfs_tmpfile+0x480/0x480
[  375.026865][ T8745]  ? _raw_spin_unlock+0x24/0x40
[  375.031694][ T8745]  ? alloc_fd+0x58f/0x630
[  375.036006][ T8745]  do_sys_openat2+0x150/0x4b0
[  375.040681][ T8745]  ? up_read+0x20/0x20
[  375.044766][ T8745]  ? do_faccessat+0x73f/0xa10
[  375.049441][ T8745]  ? kmem_cache_free+0xf7/0x290
[  375.054286][ T8745]  ? do_sys_open+0xe0/0xe0
[  375.058704][ T8745]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  375.064673][ T8745]  ? lock_chain_count+0x20/0x20
[  375.069513][ T8745]  __x64_sys_openat+0x135/0x160
[  375.074356][ T8745]  do_syscall_64+0x4c/0xa0
[  375.078759][ T8745]  ? clear_bhb_loop+0x60/0xb0
[  375.083423][ T8745]  ? clear_bhb_loop+0x60/0xb0
[  375.088081][ T8745]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  375.093955][ T8745] RIP: 0033:0x7f67ca9d5407
[  375.098351][ T8745] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  375.117941][ T8745] RSP: 002b:00007fffbdc89b10 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  375.126343][ T8745] RAX: ffffffffffffffda RBX: 00007f67ca949880 RCX: 00007f67ca9d5407
[  375.134297][ T8745] RDX: 0000000000000000 RSI: 00007fffbdc8bf1b RDI: ffffffffffffff9c
[  375.142251][ T8745] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  375.150198][ T8745] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  375.158338][ T8745] R13: 00007fffbdc89d60 R14: 00007f67cac26000 R15: 00005623c83c74d8
[  375.166310][ T8745]  </TASK>
[  375.169723][ T8745] Kernel Offset: disabled
[  375.174042][ T8745] Rebooting in 86400 seconds..