last executing test programs:

6m22.596180365s ago: executing program 2 (id=448):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="020114008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e4a139697dd2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0ab42e32a097dbd4be5ffca88faca"], 0xdd12}], 0x1}, 0x20040051)

6m22.416188018s ago: executing program 2 (id=451):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000009000000000100000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xe, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200)={0x0, 0xf}, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x6d)

6m22.30441978s ago: executing program 2 (id=453):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
syz_usb_connect$uac1(0x6, 0x71, &(0x7f0000000200)={{0x12, 0x1, 0x351, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0xbe, 0x40, 0x50, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x1, 0x66}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x0, 0x7, 0x81, {0x7, 0x25, 0x1, 0x82, 0xc, 0xc28}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x40, 0x6, 0x3, {0x7, 0x25, 0x1, 0x0, 0x8, 0x1000}}}}}}}]}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b036c00e0ff64000200475400f6a13bb10000000800894f48", 0x19, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

6m21.356157178s ago: executing program 2 (id=458):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000000)={[{@nodiscard}, {@noinit_itable}, {@barrier_val={'barrier', 0x3d, 0x40}}, {@grpjquota}, {@errors_remount}, {@init_itable}]}, 0xfe, 0x4c5, &(0x7f0000000540)="$eJzs3d1rW+cZAPBHUuzYjrd8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxbcVPLlrHkNDa5cNq7XPSitLRQetH7/gW9aa4aCqXXLb0tvSgpbepCWyio6Ehy/CE5aupIjc/vByd6z3sUPe8r8bw+es85OgGk1tnaP5mI4Yh4LyKO1le3P+Fs/WHj/s2Z2pKJavXyZ5nkebX15lOb/+9IRKxHxEBE/OtvEf/P7I5bXl2bny4WC8uN9XxlYSlfXl27cG1heq4wV1gcm7w4NTU5OjE+tW99vf3807cvvfmP/je+eu7e3RfefqvWrOHGtq392E/1rvfF8S11hyLiz48jWA/kGv0Z7HVDeCS1z+9nEXEuyf+jkUs+TSANqtVq9dvq4Xab16vAgZVN9oEz2ZGIqJez2ZGR+j78z2MoWyyVK7+/WlpZnK3vKx+LvuzVa8XCaOO7wrHoy9TWx5Lyg/XxHesTEck+8Iu5wWR9ZKZUnO3uUAfscGRH/n+Zq+c/kBK+8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0ivvfK/v4vtALrqn5cu1ZZq8/r32eurK/Ol6xdmC+X5kYWVmZGZ0vLSyFypNJdcs7PwsNcrlkpLY3+IlRv5SqFcyZdX164slFYWK1eS6/qvFPq60iugE8fP3PkgExHrfxxMltjyJ1+uwsFWrWai19cgA72R6/UABPSMqX9Ir+/xHb/tj4QBT7YWP9G7zUDr6r/E0uNoDdAN2V43AOiZ86cc/4O0Mv8P6WX+H9LLPj7wiPP/Yf4fnlzm/yG9htvc/+snW+7dNRoRP42I93N9h5v3+gIOguwnmcb+//mjvx7eubU/83VyiKA/Ip559fLLN6YrleWxWv3nm/WVVxr1471oP9CpZp428xgASK+N+zdnmks343761/pJCLvjH2rMTQ4kxyiHNjLbzlXI7NO5C+u3IuJkq/iZxv3O60c+hjZyu+KfaDxm6i+RtPdQct/07sQ/tSX+r7bEP/2D3xVIhzu18We0Vf5lk5yOzfzbPv4M79O5E+3Hv+zm+JdrM/6d6TDGU689+3Hb+LciTreM34w3kMTaGb/WtvMdxr/333//ot226uv112kVv6lWylcWlvLl1bULye/IzRUWxyYvTk1Njk6MT+WTOep8c6Z6tz+dfPfuXv0fahO/3t8PW/a/VvfbDvv/zS/f+c/ZPeL/5lzrz/9E8tj6/R+MiN91GP+L8Y/+125bLf5sm/5n94hfq5voMH75pb+7dhgAfkTKq2vz08ViYVlBQUFhs/CwkWO9OwMU8Ng8SPpetwQAAAAAAAAAAADoVDdOJ+51HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoLvAgAA//+tldf6")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x0, 0x0)

6m21.199332871s ago: executing program 2 (id=459):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000100)={r3, 0x401, 0x5, 0x6, 0x7, 0x7ff}, 0x14)

6m20.584257853s ago: executing program 2 (id=461):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f00000001c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r1, &(0x7f0000000000), 0x8)
listen(r1, 0x0)
listen(r0, 0x0)

6m20.248364159s ago: executing program 32 (id=461):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f00000001c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r1, &(0x7f0000000000), 0x8)
listen(r1, 0x0)
listen(r0, 0x0)

5m25.668491973s ago: executing program 1 (id=796):
bind$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x6}, 0x20)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r0, &(0x7f0000000080)={0xa, 0x0, 0x3, @ipv4={'\x00', '\xff\xff', @loopback}, 0xd964, 0x4}, 0x20)
connect$l2tp6(r0, &(0x7f0000000180)={0xa, 0x0, 0x6, @ipv4={'\x00', '\xff\xff', @empty}, 0x4, 0x4}, 0x20)

5m24.24000939s ago: executing program 1 (id=805):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000880)={0x118, 0x24, 0x1, 0x70bd26, 0x25dfdbfe, "", [@nested={0x105, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x2}, @nested={0x78, 0x64, 0x0, 0x1, [@nested={0x6d, 0x121, 0x0, 0x1, [@generic="d9b45c1c72ea0f6ec741f650e5d8f1c76e4d6e6f78dffc", @generic="d42ec6795d0f76e5ed0f31909e6bed6e29fb89f169f2f3f03481b87cf2a83e3bc132072ed4ee7ab77002f80ddf0b8c819b047e1a70ad821d12b62ac2e3a2ccd666b54ee507ea702cd16bf1df7c22f67f542e"]}, @nested={0x4, 0xf}]}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973"]}]}, 0x118}], 0x1}, 0x0)

5m24.156321952s ago: executing program 1 (id=806):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd8456a18f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0x2000)
close_range(r0, 0xffffffffffffffff, 0x0)

5m24.134049452s ago: executing program 1 (id=807):
syz_mount_image$iso9660(&(0x7f0000000d40), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000b80)=ANY=[], 0x1, 0x5ca, &(0x7f0000001480)="$eJzs3MFuG8cZAOBZW4ppBTUKBG0cx0A2Tg7uwQpJ1TKE9GB2tZI2IbnELhXIpyKopdSolABNCzS+FL6kDdCip56LXHroE/Sl8gwqllzJpGSJjmJBKvp9gLXD5b8z/4wXMxLB2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhChZbTZbUehm/c2t+GTJapH3Tnn/oL7/TB2mzE/8DFEIUfUvNBrh5vjUzTeex/6k+nEnvDl+9WZoVIdGePr6T3/84RtzV6oL56MonJLQK3F9+uUXV8b5HJ748qunv/10d3f7d+edyCW1nvazMs96nfU0zso8Xllebn6wsVbGa1k3LR+Vw7QXJ0XaGeZFfDd5GEJYWYrTxUf5Zn99tdNN47vJz+LWysqDe+1mczn+aHGQdooy73/w0WKZbGTdbtZfH8VUb99rvxMeVDfix9kwHqaNXhzvPNndXpqVZBXUepmg9qygdrPdbrXa7dby/ZX7D5rNxvh2+NfhibnmEeHoJXPnf9Ny6bwWJiaOgznutVc1h8NZ7Sd/v+gUAAAAgHMWjT5jj0afy98cldaybtqcitmPrl9YfgAAAMAPF4XR9+ui+ot5N0N0/O//Cb6zAgAAAP+D/nLqHrsQRaEcXIsO/uwfbL0f7XWqUmfv6vjU1aM1DtduRTfqSkaH5bn6VZLejt4aB711EP1dfdiZzmM+HM0jKor56NmZE6ii5sJfw61xzK3H4+PjOq7ekbiwlnXTxSTvftgKnc6NK8N0a/iHz5/8MYSi2L/6Tb93Iwo7T3a3F3/9xe7jUS7Pqlqe7UXj6qLTc7kWng9G+P3hvsd65B9O93h+9EFM1etv+r2FcbvNyf7XmxGvvPx/QPg6vD2OeXthfFyY7n+jarO1+ILeT2bRGmy9f61u7CV7fiSL2+OY23ffqw7v3a3fmZ/Ioj0ri3Y9/n+qxv9MY3FCFpNjsTQri6XJu+AMWQBclJ2jq9Cx9f/Yunt8lhvv6T9llts5/beManGeubr/Jsxq5evw7jjm3Vtzz1ekIzN6c9aM3nzJdf3wN5QjWfw73PnnP0LYDHcOgk9aY6t2/za1qkZ731YXfHus3XqneSi77f39EK7Xy+9XT+892fv0s+3Ptj9vt5eWmz9vNu+3w/yoG/XhxeN1NVh7AP6vpcV30cLwz1FRZINftVZWWp3hRhoXefJxXGSr62mc9YdpkWx0+utpPCjyYZ7k3arwSbaalnG5ORjkxTBey4t4kJfZ1ujJL3H96Jcy7XX6wywpB920U6ZxkveHnWQYr2ZlEg82f9nNyo20GF1cDtIkW8uSzjDL+3GZbxZJuhjHZZpOBGaraX+YrWVVsR8PiqzXKR7Fn+TdzV4ar6ZlUmSDYT6u8KCtrL+WF71RtYsXPdgAcEl8Geon2B0+yu57F0JjRsxF9xEAmHZ0lb52YqRnAAAAAAAAAAAAAAAAwEWZ3K73i/qRPj94R+BBofGK6plRaEyfefj6i4LfOfc0vlchhDB3CdK4hIUohHAJ0jj9HjuvwsFznk6Kma/fP2sT1eDODv5RFXNRMxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnOy/AQAA///WGYzf")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x89, 0x40000, {r1}}, 0x20)

5m23.931706926s ago: executing program 1 (id=808):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$snapshot(r0, 0x0, 0x0)

5m23.413408336s ago: executing program 1 (id=811):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000000000)={0xc, {"a2e3ad21ed0d52f91b5d390987f70e06d038e7ff7fc6e5539b324b298b089b07083550090890e0878f0e1ac6e7049b334b959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193b63735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d759be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d6e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bacdc76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa94779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5092f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b1cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b384c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a119b616d41826137ba5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4f006738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba30642f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e51f7d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d2462374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a0000ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6994ff2bdfb14cb6d648cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

5m23.103454682s ago: executing program 33 (id=811):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000000000)={0xc, {"a2e3ad21ed0d52f91b5d390987f70e06d038e7ff7fc6e5539b324b298b089b07083550090890e0878f0e1ac6e7049b334b959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193b63735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d759be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d6e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bacdc76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa94779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5092f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b1cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b384c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a119b616d41826137ba5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4f006738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba30642f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e51f7d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d2462374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a0000ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6994ff2bdfb14cb6d648cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

4m28.915703158s ago: executing program 5 (id=1243):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x44, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000580))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4m28.464092757s ago: executing program 5 (id=1247):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0xb})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4m28.29007473s ago: executing program 5 (id=1250):
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008e88052086800095d8b601020301090212000100000000090401"], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f0000000080)=[{0x1e, 0x0, 0x0, 0x0}], 0x1})

4m25.544216783s ago: executing program 5 (id=1273):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x221)

4m25.355960846s ago: executing program 5 (id=1275):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}}, &(0x7f0000000100)='GPL\x00'}, 0x94)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)

4m24.844210586s ago: executing program 5 (id=1280):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0xb})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0})

4m24.434786844s ago: executing program 34 (id=1280):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0xb})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0})

11.264270094s ago: executing program 0 (id=2320):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x180, 0x557, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000050000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x94f, &(0x7f00000016c0)={0x0, 0x0, 0x1, 0xfffffffc}, &(0x7f0000000000), 0x0)

7.570365845s ago: executing program 3 (id=2327):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000002c0)={0x18, r2, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x4}]}, 0x18}}, 0x20000000)

7.439361208s ago: executing program 4 (id=2328):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

7.415658378s ago: executing program 3 (id=2329):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
socket$alg(0x26, 0x5, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r0, 0x0, 0x0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fanotify_init(0x8, 0x80000)
fanotify_mark(r3, 0x105, 0x4800003a, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0xfffffff7, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x8})
r5 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000340)={{0xfffffff7, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x8})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000a40)={{0x0, 0x0, 0x800000, 0x0, 'syz0\x00', 0x80001}, 0x6, 0x100, 0x2, 0x0, 0x0, 0x7, 'syz0\x00', 0x0})

7.340304669s ago: executing program 4 (id=2330):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
msgget$private(0x0, 0x641)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000480)='./file1\x00', 0x2000, 0x0)
setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f00000001c0)=@v2={0x2000000, [{0x7fffffff, 0x7}, {0x0, 0x5}]}, 0x14, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x20400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x83fb, 0x789b1c25, 0x29, 0x4, 0x5, 0xcc7, 0x8, 0x8d, 0x9, 0x0, 0x2, 0x1, 0x1, 0x1, 0x6, 0x81, 0x6, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e5c, 0xb, 0xffc00004, 0x3c, 0x8, 0x100006, 0xf7fffff7, 0xfffffff8]})
r6 = socket$inet6(0xa, 0x80002, 0x0)
sendmmsg$inet(r6, &(0x7f0000002ec0)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10, 0x0, 0x0, &(0x7f00000002c0)=[@ip_retopts={{0x10}}], 0x10}}], 0x1, 0x4000854)
unlink(&(0x7f0000000280)='./file1\x00')
link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00')

6.752058771s ago: executing program 6 (id=2331):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, 0x0, 0x0, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

6.546400975s ago: executing program 6 (id=2332):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58)
mount$9p_fd(0x0, &(0x7f00000025c0)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
chdir(&(0x7f0000000100)='./file0\x00')
read$FUSE(r0, &(0x7f0000005280)={0x2020}, 0x2020)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x1)

6.391638148s ago: executing program 0 (id=2333):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsmount(0xffffffffffffffff, 0x0, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r4)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r6, 0x0, 0x0)
accept4$bt_l2cap(r6, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1})

6.169458522s ago: executing program 6 (id=2334):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0xb00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd71, 0xffffffffffffffff}, 0x78)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$EVIOCGPROP(r0, 0x40047438, &(0x7f0000000180)=""/246)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ipv6_route\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r8, 0x321, 0x70bd2b, 0x25dfdbfc}, 0x14}}, 0x4000000)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x0)

5.422462406s ago: executing program 0 (id=2335):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r2, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
connect$bt_l2cap(r2, 0x0, 0x0)
sendmmsg(r2, 0x0, 0x0, 0x800)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl(r5, 0xbffff000, 0x0)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
syz_clone(0x2020100, 0x0, 0xfffffffffffffff4, 0x0, 0x0, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0x3c, 0x0, 0x0)
sendmmsg$inet(r6, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, 0x7, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x2000c094)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xc, 0x1c, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.14092206s ago: executing program 6 (id=2336):
socket$inet_tcp(0x2, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0xa0}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r0, &(0x7f0000000080)={0x27, 0x0, 0xffffffffffffffff, 0x7, 0x0, 0x6, "750538d1ee602ec4802a04ea7cdcd151bb2cd9893bc31f80718336d9bd3517076db9ad1f6a120d8be6d7f81cd81ec275000386e7d95f0669b740a5418d69d0", 0x1000003fffffff}, 0x60)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x10}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x4003, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r3, 0x0, 0x0)
bind$nfc_llcp(r2, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x7, 0x0, 0x6, "750538d1ee602ec4802a04ea7cdcd151bb2cd9893bc31f80718336d9bd3517076db9ad1f6a120d8be6d7f81cd81ec275000386e7d95f0669b740a5418d69d0", 0x1000000000003f}, 0x60)
sendmsg$unix(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4040801}, 0x20008840)
getpid()
mprotect(&(0x7f000095b000/0x4000)=nil, 0x4000, 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6}]}, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)

3.072351301s ago: executing program 0 (id=2337):
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
write$USERIO_CMD_REGISTER(r0, 0x0, 0x0)

1.954176162s ago: executing program 3 (id=2338):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000002c0)={0x18, r2, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x4}]}, 0x18}}, 0x20000000)

1.812498095s ago: executing program 4 (id=2339):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x0, 0x802, 0xff, 0xf, 0x402, 0x3})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

1.757679837s ago: executing program 3 (id=2340):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, 0x0, 0x0, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

1.711538877s ago: executing program 6 (id=2341):
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events.local\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00', @ANYRES32=r2], 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r1})
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8936, &(0x7f0000000000)={r1})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)

1.616319219s ago: executing program 4 (id=2342):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58)
mount$9p_fd(0x0, &(0x7f00000025c0)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
chdir(&(0x7f0000000100)='./file0\x00')
read$FUSE(r0, &(0x7f0000005280)={0x2020}, 0x2020)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x1)

1.607674499s ago: executing program 3 (id=2343):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsmount(0xffffffffffffffff, 0x0, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r4)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r6, 0x0, 0x0)
accept4$bt_l2cap(r6, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1})

1.422516563s ago: executing program 6 (id=2344):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0xb00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd71, 0xffffffffffffffff}, 0x78)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ipv6_route\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r8, 0x321, 0x70bd2b, 0x25dfdbfc}, 0x14}}, 0x4000000)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
bpf$TOKEN_CREATE(0x24, &(0x7f00000003c0)={0x0, r0}, 0x8)

1.421767093s ago: executing program 4 (id=2345):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x180, 0x4, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000050000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18)
syz_io_uring_setup(0x223d, &(0x7f0000000100)={0x0, 0x57d9, 0x2, 0x0, 0x53}, &(0x7f0000000040), &(0x7f00000001c0))

585.136899ms ago: executing program 3 (id=2346):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
msgget$private(0x0, 0x641)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000480)='./file1\x00', 0x2000, 0x0)
setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f00000001c0)=@v2={0x2000000, [{0x7fffffff, 0x7}, {0x0, 0x5}]}, 0x14, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x20400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x83fb, 0x789b1c25, 0x29, 0x4, 0x5, 0xcc7, 0x8, 0x8d, 0x9, 0x0, 0x2, 0x1, 0x1, 0x1, 0x6, 0x81, 0x6, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e5c, 0xb, 0xffc00004, 0x3c, 0x8, 0x100006, 0xf7fffff7, 0xfffffff8]})
socket$inet6(0xa, 0x80002, 0x0)
unlink(&(0x7f0000000280)='./file1\x00')
link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00')

392.223412ms ago: executing program 4 (id=2347):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f00000010c0)={0xc, {"a2e3ad21ed0d52f91b5d380987f70e06d038e7ff7fc6e5539b356d298b089b0708374b090890e0878f0e1ac6e7049b3350959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d074b0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af1079c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b75d63c3c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe603000000e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0ab00800000269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$vim2m(0x0, 0x0, 0x2)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0, 0xc000814}, 0x2400c050)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x1, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000005000000f80900008500000041000000", @ANYBLOB='\x00'/12, @ANYRES32=0x0], 0x50)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r6}, 0x38)

134.469957ms ago: executing program 0 (id=2348):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@ldst={0x5, 0x3, 0x2, 0xa}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0xc048aeca, &(0x7f0000000300))

0s ago: executing program 0 (id=2349):
unshare(0x62040200)
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x11)
r5 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x142ba3)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/oops_count', 0x8a883, 0x2)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f0000000080)={r6, 0x0, {0x0, 0x0, 0x0, 0x7, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x9]}})
ioctl$LOOP_SET_BLOCK_SIZE(r5, 0x4c09, 0x6)
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, &(0x7f00000001c0)={0xffffffffffffffff, 0x2, 0xa69, 0x6})
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x2000084, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
rmdir(&(0x7f0000000100)='./file0\x00')

kernel console output (not intermixed with test programs):

08][ T9052] hpfs: hpfs_map_4sectors(): unaligned read
[  212.928641][ T9052] hpfs: filesystem error: unable to find root dir
[  212.956969][ T9048] loop3: detected capacity change from 0 to 32768
[  212.991570][ T9048] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  213.007673][ T9048] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  213.058798][ T5844] usb 6-1: Using ep0 maxpacket: 16
[  213.095562][ T5844] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  213.146655][ T5844] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  213.173339][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[  213.210729][ T5844] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  213.268648][ T5844] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.276696][ T5844] usb 6-1: Product: syz
[  213.318292][ T5844] usb 6-1: Manufacturer: syz
[  213.330865][ T5844] usb 6-1: SerialNumber: syz
[  213.404841][ T9068] binder: 9067:9068 ioctl 4018620d 0 returned -22
[  213.593190][ T5844] usb 6-1: 0:2 : does not exist
[  213.629410][ T5844] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  213.668426][ T5844] usb 6-1: USB disconnect, device number 2
[  213.781618][ T5891] udevd[5891]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  214.203564][ T9085] loop3: detected capacity change from 0 to 32768
[  214.254584][ T9085] ERROR: (device loop3): diAllocAG: numfree > numinos
[  214.254584][ T9085] 
[  214.264135][ T9085] ERROR: (device loop3): remounting filesystem as read-only
[  214.271661][ T9085] ialloc: diAlloc returned -5!
[  214.311620][ T9092] loop4: detected capacity change from 0 to 128
[  214.338940][ T9094] netlink: 'syz.0.916': attribute type 3 has an invalid length.
[  214.346068][ T9092] hpfs: bad mount options.
[  214.347837][ T9094] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.916'.
[  215.611059][ T9134] netlink: 'syz.3.929': attribute type 3 has an invalid length.
[  215.625226][ T9133] netlink: 12 bytes leftover after parsing attributes in process `syz.4.928'.
[  215.688715][ T9134] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.929'.
[  216.008682][ T5835] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  216.267508][ T5835] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  216.308402][ T5835] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  216.352618][ T5835] usb 6-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  216.364294][ T5835] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.372517][ T5835] usb 6-1: Product: syz
[  216.376709][ T5835] usb 6-1: Manufacturer: syz
[  216.382114][ T5835] usb 6-1: SerialNumber: syz
[  216.398033][ T5835] usb 6-1: config 0 descriptor??
[  216.409379][ T9136] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  216.416707][ T9136] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  216.432417][ T9150] binder: BINDER_SET_CONTEXT_MGR already set
[  216.472420][ T9150] binder: 9149:9150 ioctl 4018620d 200000000040 returned -16
[  216.691829][ T9136] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  216.716766][ T9136] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  216.871981][ T9166] netlink: 'syz.3.941': attribute type 3 has an invalid length.
[  216.908643][ T9166] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.941'.
[  217.039579][ T9169] loop4: detected capacity change from 0 to 4096
[  217.173983][ T9169] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  217.261838][ T9171] loop0: detected capacity change from 0 to 32768
[  217.278175][ T9171] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.943 (9171)
[  217.305474][ T9171] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  217.316285][ T9171] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  217.325127][ T9171] BTRFS info (device loop0): enabling disk space caching
[  217.332250][ T9171] BTRFS info (device loop0): enabling auto defrag
[  217.338773][ T9171] BTRFS info (device loop0): doing ref verification
[  217.345384][ T9171] BTRFS info (device loop0): use no compression
[  217.351727][ T9171] BTRFS info (device loop0): force clearing of disk cache
[  217.358985][ T9171] BTRFS info (device loop0): disabling disk space caching
[  217.359364][ T9169] ntfs3: loop4: Failed to initialize $Extend/$ObjId.
[  217.478989][ T9171] BTRFS info (device loop0): enabling ssd optimizations
[  217.486029][ T9171] BTRFS info (device loop0): auto enabling async discard
[  217.495026][ T9171] BTRFS info (device loop0): rebuilding free space tree
[  217.517650][ T9171] BTRFS info (device loop0): disabling free space tree
[  217.524818][ T9171] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  217.534570][ T9171] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  217.833276][ T5784] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  217.916673][ T5835] dm9601 6-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[  218.014780][ T9196] loop3: detected capacity change from 0 to 32768
[  218.164226][ T5835] dm9601 6-1:0.0 eth9: register 'dm9601' at usb-dummy_hcd.5-1, Davicom DM96xx USB 10/100 Ethernet, 6e:f1:98:9e:dd:08
[  218.166044][ T9196] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  218.181909][ T5835] usb 6-1: USB disconnect, device number 3
[  218.202616][ T5835] dm9601 6-1:0.0 eth9: unregister 'dm9601' usb-dummy_hcd.5-1, Davicom DM96xx USB 10/100 Ethernet
[  218.276833][ T9207] binder: BINDER_SET_CONTEXT_MGR already set
[  218.283159][ T9207] binder: 9206:9207 ioctl 4018620d 200000000040 returned -16
[  218.505659][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[  218.830113][ T9222] netlink: 12 bytes leftover after parsing attributes in process `syz.5.954'.
[  219.169525][ T9227] loop0: detected capacity change from 0 to 32768
[  219.188625][ T9230] netlink: 'syz.4.958': attribute type 3 has an invalid length.
[  219.196675][ T9230] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.958'.
[  219.269713][ T9232] binder: BINDER_SET_CONTEXT_MGR already set
[  219.285318][ T9232] binder: 9231:9232 ioctl 4018620d 200000000040 returned -16
[  219.600087][ T9235] loop4: detected capacity change from 0 to 32768
[  219.660561][ T9235] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  219.902262][ T7254] ocfs2: Unmounting device (7,4) on (node local)
[  220.005460][ T9250] loop3: detected capacity change from 0 to 512
[  220.139238][ T9250] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.209609][ T9250] ext4 filesystem being mounted at /253/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  220.270591][ T9246] loop5: detected capacity change from 0 to 32768
[  220.279233][ T9258] netlink: 'syz.0.975': attribute type 3 has an invalid length.
[  220.324731][ T9250] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.964: bg 0: block 217: padding at end of block bitmap is not set
[  220.334367][ T9258] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.975'.
[  220.410252][ T9246] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  220.555122][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.607365][ T8699] ocfs2: Unmounting device (7,5) on (node local)
[  220.629183][ T9268] netlink: 12 bytes leftover after parsing attributes in process `syz.0.969'.
[  221.242990][ T9285] loop3: detected capacity change from 0 to 4096
[  221.292508][ T9285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.522521][ T5161] udevd[5161]: worker [6573] terminated by signal 33 (Unknown signal 33)
[  221.585696][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.600700][ T5161] udevd[5161]: worker [6573] failed while handling '/devices/virtual/block/loop3'
[  221.820713][ T9308] netlink: 12 bytes leftover after parsing attributes in process `syz.3.982'.
[  222.068602][ T5858] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  222.228712][ T9302] loop0: detected capacity change from 0 to 32768
[  222.280857][ T5858] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  222.296140][ T5858] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  222.339135][ T9302] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  222.362997][ T5858] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  222.383751][ T9321] loop3: detected capacity change from 0 to 4096
[  222.397159][ T9321] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  222.406295][ T5858] usb 6-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[  222.406322][ T5858] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.440385][ T5858] usb 6-1: config 0 descriptor??
[  222.497784][ T5858] rndis_wlan 6-1:0.0: skipping garbage
[  222.519956][ T5858] usb 6-1: bad CDC descriptors
[  222.543638][ T5858] rndis_host 6-1:0.0: skipping garbage
[  222.563862][ T9324] program syz.3.989 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  222.580267][ T5858] usb 6-1: bad CDC descriptors
[  222.581817][ T5784] ocfs2: Unmounting device (7,0) on (node local)
[  222.654948][ T5819] usb 6-1: USB disconnect, device number 4
[  223.117639][ T9339] netlink: 12 bytes leftover after parsing attributes in process `syz.3.996'.
[  223.411396][ T9343] loop5: detected capacity change from 0 to 4096
[  223.437760][ T9343] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512).
[  223.508049][ T9337] loop0: detected capacity change from 0 to 32768
[  223.601532][ T9337] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  223.831216][ T9345] loop3: detected capacity change from 0 to 32768
[  223.861733][ T5784] ocfs2: Unmounting device (7,0) on (node local)
[  224.004421][ T9345] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  224.333009][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[  224.378429][ T9358] loop4: detected capacity change from 0 to 32768
[  224.386609][ T9362] loop5: detected capacity change from 0 to 256
[  225.422378][ T9371] loop5: detected capacity change from 0 to 32768
[  225.470926][ T9371] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  225.487185][ T9368] loop0: detected capacity change from 0 to 32768
[  225.632396][ T9368] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  225.717141][ T9368] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  225.794535][ T9380] loop4: detected capacity change from 0 to 40427
[  225.811891][ T9380] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  225.819754][ T9380] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  225.826494][ T8699] ocfs2: Unmounting device (7,5) on (node local)
[  225.844151][ T9380] F2FS-fs (loop4): invalid crc value
[  225.889807][ T9380] F2FS-fs (loop4): Found nat_bits in checkpoint
[  225.938707][ T9380] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  225.945807][ T9380] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  226.022226][ T5784] ocfs2: Unmounting device (7,0) on (node local)
[  226.876275][ T9388] loop3: detected capacity change from 0 to 32768
[  227.026917][ T9416] loop0: detected capacity change from 0 to 164
[  227.028748][ T9388] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  227.312471][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[  227.453163][ T9420] loop4: detected capacity change from 0 to 32768
[  227.527761][ T9420] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  227.624434][ T9420] XFS (loop4): Ending clean mount
[  227.643935][ T9420] XFS (loop4): Quotacheck needed: Please wait.
[  227.771505][ T9420] XFS (loop4): Quotacheck: Done.
[  227.895274][ T7254] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  228.215142][ T9447] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1035'.
[  228.635829][ T9449] loop5: detected capacity change from 0 to 32768
[  228.695466][ T9449] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  228.756563][ T8699] ocfs2: Unmounting device (7,5) on (node local)
[  228.986144][ T5858] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  229.132173][ T9474] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1047'.
[  229.209353][ T5858] usb 4-1: Using ep0 maxpacket: 32
[  229.226533][ T5858] usb 4-1: config 0 has an invalid interface number: 132 but max is 0
[  229.259662][ T5858] usb 4-1: config 0 has no interface number 0
[  229.294862][ T5858] usb 4-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  229.323165][ T5858] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  229.336105][ T5858] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.345461][ T5858] usb 4-1: Product: syz
[  229.350955][ T5858] usb 4-1: Manufacturer: syz
[  229.355768][ T5858] usb 4-1: SerialNumber: syz
[  229.367233][ T5858] usb 4-1: config 0 descriptor??
[  229.388289][ T9476] loop5: detected capacity change from 0 to 2048
[  229.390842][ T5858] em28xx 4-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  229.424739][ T5858] em28xx 4-1:0.132: Video interface 132 found:
[  229.427102][ T9476] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  229.490575][ T9478] loop0: detected capacity change from 0 to 4096
[  229.518724][ T9478] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  229.527714][ T9478] ntfs3: loop0: RAW NTFS volume: Filesystem size 0.00 Gb > volume size 0.00 Gb. Mount in read-only.
[  229.589433][ T9478] ntfs3: loop0: It is recommened to use chkdsk.
[  229.614515][ T9478] ntfs3: loop0: failed to read volume at offset 0x201800
[  229.635658][ T9478] ntfs3: loop0: failed to read volume at offset 0x201800
[  229.665288][ T9478] ntfs3: loop0: failed to read volume at offset 0x201800
[  229.684290][ T5858] em28xx 4-1:0.132: unknown em28xx chip ID (0)
[  229.707465][ T9478] ntfs3: loop0: failed to read volume at offset 0x201800
[  229.748084][ T9478] ntfs3: loop0: failed to read volume at offset 0x202800
[  229.759249][ T9478] ntfs3: loop0: failed to read volume at offset 0x203800
[  229.785449][ T9478] ntfs3: loop0: failed to read volume at offset 0x205800
[  229.804934][ T5858] em28xx 4-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  229.835675][ T5858] em28xx 4-1:0.132: board has no eeprom
[  229.920336][ T5858] em28xx 4-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  229.942993][ T5858] em28xx 4-1:0.132: analog set to bulk mode.
[  229.962606][ T5835] em28xx 4-1:0.132: Registering V4L2 extension
[  229.981139][ T5858] usb 4-1: USB disconnect, device number 11
[  230.011473][ T5858] em28xx 4-1:0.132: Disconnecting em28xx
[  230.127400][ T9496] loop0: detected capacity change from 0 to 64
[  230.231690][   T27] audit: type=1800 audit(1757284367.979:14): pid=9496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1056" name="file1" dev="loop0" ino=5 res=0 errno=0
[  230.339464][ T9500] loop5: detected capacity change from 0 to 1024
[  230.372498][ T5835] em28xx 4-1:0.132: Config register raw data: 0xffffffed
[  230.416070][ T5835] em28xx 4-1:0.132: AC97 chip type couldn't be determined
[  230.444584][ T5835] em28xx 4-1:0.132: No AC97 audio processor
[  230.497088][ T5835] usb 4-1: Decoder not found
[  230.508197][ T5835] em28xx 4-1:0.132: failed to create media graph
[  230.516438][ T5835] em28xx 4-1:0.132: V4L2 device video103 deregistered
[  230.517404][ T3471] hfsplus: b-tree write err: -5, ino 4
[  230.533854][ T5835] em28xx 4-1:0.132: Remote control support is not available for this card.
[  230.563290][ T5858] em28xx 4-1:0.132: Closing input extension
[  230.602461][ T5858] em28xx 4-1:0.132: Freeing device
[  230.972051][ T9510] loop5: detected capacity change from 0 to 40427
[  230.980821][ T9510] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  230.988704][ T9510] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  231.007542][ T9510] F2FS-fs (loop5): invalid crc value
[  231.035527][ T9510] F2FS-fs (loop5): Found nat_bits in checkpoint
[  231.099371][ T9510] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  231.106464][ T9510] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  231.185320][ T9510] syz.5.1062: attempt to access beyond end of device
[  231.185320][ T9510] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  231.229588][ T9510] syz.5.1062: attempt to access beyond end of device
[  231.229588][ T9510] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  231.296928][ T8699] syz-executor: attempt to access beyond end of device
[  231.296928][ T8699] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  231.349884][ T8699] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  231.378650][ T5858] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  231.502213][ T9534] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1070'.
[  231.931225][ T9537] loop0: detected capacity change from 0 to 32768
[  231.988144][ T9537] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  232.098050][ T9549] loop3: detected capacity change from 0 to 512
[  232.105939][ T9549] EXT4-fs: Ignoring removed nobh option
[  232.117902][ T9549] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  232.146435][ T9549] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802e02c, mo2=0002]
[  232.164908][ T5784] ocfs2: Unmounting device (7,0) on (node local)
[  232.174737][ T9549] EXT4-fs (loop3): orphan cleanup on readonly fs
[  232.193008][ T9549] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.1077: attempt to clear invalid blocks 1024 len 1
[  232.255937][ T9549] EXT4-fs (loop3): Remounting filesystem read-only
[  232.337756][ T9549] EXT4-fs (loop3): 1 truncate cleaned up
[  232.344973][ T9549] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  232.366434][ T9555] loop0: detected capacity change from 0 to 64
[  232.460366][ T5798] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  232.471990][ T5798] CPU: 0 PID: 5798 Comm: kworker/u5:8 Not tainted syzkaller #0
[  232.479614][ T5798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  232.489671][ T5798] Workqueue: hci0 hci_rx_work
[  232.494364][ T5798] Call Trace:
[  232.497639][ T5798]  <TASK>
[  232.500563][ T5798]  dump_stack_lvl+0x16c/0x230
[  232.505274][ T5798]  ? show_regs_print_info+0x20/0x20
[  232.510468][ T5798]  ? load_image+0x3b0/0x3b0
[  232.514996][ T5798]  sysfs_create_dir_ns+0x256/0x280
[  232.520121][ T5798]  ? hci_rx_work+0x43a/0xd80
[  232.524733][ T5798]  ? sysfs_warn_dup+0xa0/0xa0
[  232.529436][ T5798]  ? do_raw_spin_unlock+0x121/0x230
[  232.534664][ T5798]  kobject_add_internal+0x6b8/0xc70
[  232.539888][ T5798]  kobject_add+0x156/0x220
[  232.544316][ T5798]  ? __rwlock_init+0x150/0x150
[  232.549100][ T5798]  ? kobject_init+0x1e0/0x1e0
[  232.553789][ T5798]  ? _raw_spin_unlock+0x28/0x40
[  232.558637][ T5798]  ? get_device_parent+0x366/0x390
[  232.563745][ T5798]  device_add+0x408/0xc20
[  232.568086][ T5798]  hci_conn_add_sysfs+0xd5/0x1e0
[  232.573042][ T5798]  le_conn_complete_evt+0xc37/0x1220
[  232.578328][ T5798]  ? hci_event_packet+0x4a7/0x1210
[  232.583454][ T5798]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[  232.589690][ T5798]  ? __copy_skb_header+0xa7/0x550
[  232.594717][ T5798]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  232.600347][ T5798]  ? skb_pull_data+0xfb/0x200
[  232.605039][ T5798]  hci_le_enh_conn_complete_evt+0x189/0x460
[  232.610953][ T5798]  ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0
[  232.617368][ T5798]  ? hci_remote_host_features_evt+0x160/0x160
[  232.623429][ T5798]  hci_event_packet+0x795/0x1210
[  232.628374][ T5798]  ? bis_list+0x290/0x290
[  232.632730][ T5798]  ? lockdep_hardirqs_on+0x98/0x150
[  232.637926][ T5798]  ? hci_send_to_monitor+0xd7/0x4f0
[  232.643125][ T5798]  hci_rx_work+0x43a/0xd80
[  232.647561][ T5798]  ? process_scheduled_works+0x957/0x15b0
[  232.653295][ T5798]  process_scheduled_works+0xa45/0x15b0
[  232.658861][ T5798]  ? assign_work+0x400/0x400
[  232.663459][ T5798]  ? assign_work+0x39e/0x400
[  232.668079][ T5798]  worker_thread+0xa55/0xfc0
[  232.672692][ T5798]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  232.678595][ T5798]  ? _raw_spin_unlock+0x40/0x40
[  232.683464][ T5798]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  232.689361][ T5798]  kthread+0x2fa/0x390
[  232.693420][ T5798]  ? pr_cont_work+0x560/0x560
[  232.698087][ T5798]  ? kthread_blkcg+0xd0/0xd0
[  232.702666][ T5798]  ret_from_fork+0x48/0x80
[  232.707069][ T5798]  ? kthread_blkcg+0xd0/0xd0
[  232.711647][ T5798]  ret_from_fork_asm+0x11/0x20
[  232.716407][ T5798]  </TASK>
[  232.722144][ T5798] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  232.736336][ T5798] Bluetooth: hci0: failed to register connection device
[  232.834918][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  233.008879][ T9561] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1081'.
[  233.601845][ T9589] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1092'.
[  234.210880][ T9603] loop4: detected capacity change from 0 to 64
[  234.433921][ T9608] block device autoloading is deprecated and will be removed.
[  234.575531][ T9594] loop3: detected capacity change from 0 to 32768
[  234.602699][ T9610] binder: 9609:9610 ioctl c0306201 0 returned -14
[  234.636009][ T9594] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  234.700735][ T9618] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1105'.
[  234.815704][ T9615] loop5: detected capacity change from 0 to 4096
[  234.832823][ T9615] ntfs3: loop5: ino=3, Correct links count -> 2.
[  234.912177][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[  234.982657][ T9615] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  235.597997][ T9627] loop4: detected capacity change from 0 to 32768
[  235.616119][ T9627] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1110 (9627)
[  235.641169][ T9627] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  235.651478][ T9627] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  235.660352][ T9627] BTRFS info (device loop4): enabling auto defrag
[  235.666812][ T9627] BTRFS info (device loop4): doing ref verification
[  235.673842][ T9627] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  235.684861][ T9627] BTRFS info (device loop4): trying to use backup root at mount time
[  235.693138][ T9627] BTRFS info (device loop4): enabling ssd optimizations
[  235.700253][ T9627] BTRFS info (device loop4): using spread ssd allocation scheme
[  235.707913][ T9627] BTRFS info (device loop4): using free space tree
[  235.800464][ T9649] binder: 9648:9649 ioctl c0306201 0 returned -14
[  235.914143][ T9627] BTRFS info (device loop4): auto enabling async discard
[  235.961908][   T27] audit: type=1800 audit(1757284373.719:15): pid=9627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1110" name="file1" dev="loop4" ino=260 res=0 errno=0
[  235.983440][ T9660] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1115'.
[  236.221893][ T7254] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  236.356384][ T9663] loop5: detected capacity change from 0 to 8192
[  236.472384][ T5891] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop4 scanned by udevd (5891)
[  237.184672][ T9676] loop4: detected capacity change from 0 to 4096
[  237.226357][ T9664] loop0: detected capacity change from 0 to 32768
[  237.258602][ T9676] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  237.262915][ T9664] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  237.317970][ T9680] binder: 9678:9680 ioctl c0306201 0 returned -14
[  237.376340][ T9664] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  237.466781][ T9676] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[  237.567897][ T9683] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  237.584133][ T9683] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  237.597789][ T9683] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  237.621559][ T5784] ocfs2: Unmounting device (7,0) on (node local)
[  237.653088][ T9683] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  237.689233][ T9683] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  237.728705][ T9683] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  237.735461][ T9683] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  237.838646][ T9683] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  237.845167][ T9683] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  237.868433][ T9687] loop4: detected capacity change from 0 to 64
[  237.890776][ T9683] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  237.934440][ T9683] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  237.988653][ T9683] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  238.030154][ T9687] Trying to free block not in datazone
[  238.037941][ T9690] loop0: detected capacity change from 0 to 16
[  238.066361][ T9690] erofs: (device loop0): mounted with root inode @ nid 36.
[  238.297356][ T9694] fuse: Bad value for 'group_id'
[  238.648778][ T9704] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1133'.
[  239.032359][ T9710] loop0: detected capacity change from 0 to 8192
[  239.251193][ T9717] fuse: Bad value for 'group_id'
[  239.543671][ T9706] loop4: detected capacity change from 0 to 32768
[  239.647549][ T9706] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  239.894842][ T7254] ocfs2: Unmounting device (7,4) on (node local)
[  239.996982][ T9743] fuse: Bad value for 'group_id'
[  240.187936][ T9752] loop3: detected capacity change from 0 to 512
[  240.229504][ T9752] EXT4-fs: Ignoring removed mblk_io_submit option
[  240.257839][ T9752] EXT4-fs: Ignoring removed mblk_io_submit option
[  240.284062][ T9752] EXT4-fs (loop3): Test dummy encryption mode enabled
[  240.330640][ T9752] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  240.410256][ T9752] EXT4-fs (loop3): 1 truncate cleaned up
[  240.439583][ T9752] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.470927][ T9758] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1157'.
[  240.570621][ T9766] loop0: detected capacity change from 0 to 64
[  240.829183][ T5835] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  240.902270][ T9752] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  240.994984][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.315221][ T9770] loop5: detected capacity change from 0 to 32768
[  241.404601][ T9770] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  241.637321][ T8699] ocfs2: Unmounting device (7,5) on (node local)
[  241.856558][ T9800] loop0: detected capacity change from 0 to 64
[  241.940224][ T9800] syz.0.1172: attempt to access beyond end of device
[  241.940224][ T9800] loop0: rw=2049, sector=268435468, nr_sectors = 2 limit=64
[  242.014737][ T9800] Buffer I/O error on dev loop0, logical block 134217734, lost async page write
[  242.090930][ T9798] loop5: detected capacity change from 0 to 40427
[  242.099697][ T9798] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  242.107467][ T9798] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  242.118158][ T9798] F2FS-fs (loop5): invalid crc value
[  242.136802][ T9798] F2FS-fs (loop5): Found nat_bits in checkpoint
[  242.195123][ T9798] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  242.202595][ T9798] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  242.264382][ T9798] syz.5.1170: attempt to access beyond end of device
[  242.264382][ T9798] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  242.281456][ T9798] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  242.288460][ T9798] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  242.645682][ T5835] usb 5-1: unable to get BOS descriptor or descriptor too short
[  242.671883][ T5835] usb 5-1: unable to read config index 0 descriptor/start: -71
[  242.689243][ T5835] usb 5-1: can't read configurations, error -71
[  242.900159][ T9793] loop3: detected capacity change from 0 to 32768
[  242.957177][ T9793] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  243.061214][ T9793] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  243.279569][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[  243.743514][ T9817] loop0: detected capacity change from 0 to 32768
[  243.757711][ T9829] loop4: detected capacity change from 0 to 4096
[  243.896840][ T9829] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  244.038635][ T9833] loop5: detected capacity change from 0 to 32768
[  244.076165][ T9817] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  244.120605][ T9829] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[  244.274466][ T5784] ocfs2: Unmounting device (7,0) on (node local)
[  244.669904][ T9842] loop4: detected capacity change from 0 to 32768
[  245.243949][ T9857] binder: 9856:9857 ioctl c0306201 0 returned -14
[  245.435227][ T9844] loop0: detected capacity change from 0 to 32768
[  245.498160][ T9859] loop5: detected capacity change from 0 to 8192
[  245.523313][ T9844] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  245.601908][ T9844] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  245.826919][ T5784] ocfs2: Unmounting device (7,0) on (node local)
[  246.139823][ T9866] loop3: detected capacity change from 0 to 32768
[  246.184264][ T9866] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  246.437586][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[  246.626511][ T9886] binder: 9885:9886 ioctl c0306201 0 returned -14
[  246.648070][ T9884] loop0: detected capacity change from 0 to 40427
[  246.656063][ T5844] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  246.663664][ T9884] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  246.671446][ T9884] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  246.704976][ T9884] F2FS-fs (loop0): invalid crc value
[  246.731499][ T9884] F2FS-fs (loop0): Found nat_bits in checkpoint
[  246.786315][ T9884] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  246.793531][ T9884] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  246.868721][ T5844] usb 6-1: Using ep0 maxpacket: 16
[  246.895902][ T5844] usb 6-1: config index 0 descriptor too short (expected 16456, got 72)
[  246.930029][ T5844] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  246.948608][ T5844] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  246.967387][ T5844] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[  246.977580][ T5844] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  246.987932][ T5844] usb 6-1: config 0 has no interface number 0
[  246.997289][ T5844] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  247.033591][ T5844] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  247.071754][ T5844] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  247.114744][ T5844] usb 6-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  247.171853][ T5844] usb 6-1: config 0 interface 125 has no altsetting 0
[  247.207853][ T5844] usb 6-1: config 0 interface 125 has no altsetting 2
[  247.250271][ T5844] usb 6-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  247.262163][ T9892] loop3: detected capacity change from 0 to 40427
[  247.292529][ T5844] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.294793][ T9896] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1208'.
[  247.314995][ T9896] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1208'.
[  247.322918][ T5844] usb 6-1: Product: syz
[  247.353267][ T9892] F2FS-fs (loop3): invalid crc value
[  247.358555][ T5844] usb 6-1: Manufacturer: syz
[  247.369750][ T5844] usb 6-1: SerialNumber: syz
[  247.402330][ T9892] F2FS-fs (loop3): Found nat_bits in checkpoint
[  247.405190][ T5844] usb 6-1: config 0 descriptor??
[  247.435483][ T5844] usb 6-1: selecting invalid altsetting 2
[  247.447585][ T9892] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  247.477388][ T9892] netlink: 'syz.3.1205': attribute type 10 has an invalid length.
[  247.485369][ T9892] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1205'.
[  247.510186][ T9892] team0: Port device geneve0 added
[  247.843845][    C1] usb 6-1: async_complete: urb error -71
[  247.849677][    C1] usb 6-1: async_complete: urb error -71
[  247.855475][    C1] usb 6-1: async_complete: urb error -71
[  247.885006][ T5844] get_1284_register: usb error -71
[  247.890396][ T5844] uss720: probe of 6-1:0.125 failed with error -71
[  247.916552][ T5844] usb 6-1: USB disconnect, device number 5
[  248.148772][ T5855] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  248.359127][ T5855] usb 5-1: Using ep0 maxpacket: 16
[  248.370844][ T5855] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  248.388592][ T5855] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  248.401455][ T5855] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  248.416034][ T5855] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.425741][ T5855] usb 5-1: Product: syz
[  248.431125][ T5855] usb 5-1: Manufacturer: syz
[  248.468661][ T5855] usb 5-1: SerialNumber: syz
[  248.625696][ T9914] loop0: detected capacity change from 0 to 32768
[  248.651517][ T9914] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  248.704436][ T5855] usb 5-1: 0:2 : does not exist
[  248.767299][ T5855] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  248.782796][ T9914] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  248.815561][ T5855] usb 5-1: USB disconnect, device number 7
[  248.904817][ T5778] udevd[5778]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  248.957378][ T5784] ocfs2: Unmounting device (7,0) on (node local)
[  249.390855][ T9948] netlink: 'syz.5.1227': attribute type 3 has an invalid length.
[  249.412616][ T9948] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.1227'.
[  249.565468][ T9952] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1228'.
[  249.591446][ T9952] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1228'.
[  249.878698][ T5875] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  249.960622][ T9960] loop0: detected capacity change from 0 to 8192
[  250.027177][ T9954] loop3: detected capacity change from 0 to 32768
[  250.064393][ T5875] usb 5-1: Using ep0 maxpacket: 16
[  250.080018][ T5875] usb 5-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  250.095919][ T9954] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  250.096704][ T5875] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.113206][ T5875] usb 5-1: Product: syz
[  250.117401][ T5875] usb 5-1: Manufacturer: syz
[  250.122522][ T5875] usb 5-1: SerialNumber: syz
[  250.134117][ T5875] usb 5-1: config 0 descriptor??
[  250.150012][ T5875] ssu100 5-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  250.193591][ T9954] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  250.363599][ T9969] fuse: Unknown parameter 'group_i00000000000000000000'
[  250.405910][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[  251.360284][ T9986] loop5: detected capacity change from 0 to 32768
[  251.407720][ T9989] loop0: detected capacity change from 0 to 4096
[  251.416502][ T5875] usb 5-1: Quatech SSU-100 USB to Serial Driver converter now attached to ttyUSB0
[  251.445519][ T9989] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  251.556649][ T9989] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  251.602404][ T5875] usb 5-1: USB disconnect, device number 8
[  251.641489][ T5875] ssu100 ttyUSB0: Quatech SSU-100 USB to Serial Driver converter now disconnected from ttyUSB0
[  251.680324][ T5875] ssu100 5-1:0.0: device disconnected
[  251.856746][ T9997] fuse: Unknown parameter 'group_i00000000000000000000'
[  251.884762][ T9998] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1246'.
[  251.910947][ T9998] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1246'.
[  252.368327][T10009] loop4: detected capacity change from 0 to 8192
[  252.378703][ T5844] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  252.408012][T10016] loop3: detected capacity change from 0 to 4096
[  252.419560][T10016] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  252.570199][ T5844] usb 6-1: Using ep0 maxpacket: 32
[  252.597192][T10018] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1254'.
[  252.607940][ T5844] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  252.613150][T10018] bond0: Unable to set down delay as MII monitoring is disabled
[  252.624234][ T5844] usb 6-1: config 0 has no interface number 0
[  252.630929][T10016] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  252.668012][ T5844] usb 6-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  252.697613][ T5844] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.728172][ T5844] usb 6-1: Product: syz
[  252.732770][ T5844] usb 6-1: Manufacturer: syz
[  252.737406][ T5844] usb 6-1: SerialNumber: syz
[  252.775197][ T5844] usb 6-1: config 0 descriptor??
[  252.797464][ T5844] usb 6-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  252.826904][ T5844] usb 6-1: selecting invalid altsetting 1
[  252.841494][ T5844] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  252.878313][ T5844] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  252.910568][ T5844] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  252.937517][ T5844] usb 6-1: media controller created
[  252.957084][ T5844] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  253.052292][T10025] fuse: Unknown parameter 'group_i00000000000000000000'
[  253.548265][T10031] loop4: detected capacity change from 0 to 40427
[  253.557474][T10031] F2FS-fs (loop4): build fault injection attr: rate: 14, type: 0x7ffff
[  253.620727][ T5891] I/O error, dev loop4, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  253.874127][T10042] loop0: detected capacity change from 0 to 64
[  254.084223][T10044] tipc: Started in network mode
[  254.092092][ T5844] usb 6-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  254.107448][T10044] tipc: Node identity 068e9a5d5b89, cluster identity 4711
[  254.108465][ T5844] zl10353_read_register: readreg error (reg=127, ret==-110)
[  254.120523][T10044] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  254.158991][ T5844] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  254.168957][T10044] syzkaller0: entered promiscuous mode
[  254.185860][T10044] syzkaller0: entered allmulticast mode
[  254.241505][T10044] tipc: Resetting bearer <eth:syzkaller0>
[  254.264461][ T5844] usb 6-1: USB disconnect, device number 6
[  254.330467][T10044] tipc: Disabling bearer <eth:syzkaller0>
[  254.851369][T10061] loop4: detected capacity change from 0 to 40427
[  254.859342][T10061] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  254.867107][T10061] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  254.884335][T10061] F2FS-fs (loop4): invalid crc value
[  254.906903][T10061] F2FS-fs (loop4): Found nat_bits in checkpoint
[  254.964732][T10061] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  254.971918][T10061] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  255.020325][T10061] syz.4.1270: attempt to access beyond end of device
[  255.020325][T10061] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  255.034304][T10061] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  255.202452][T10075] fuse: Unknown parameter 'group_id00000000000000000000'
[  255.742709][   T11] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.780343][ T5858] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  255.895967][   T11] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.988921][ T5858] usb 4-1: Using ep0 maxpacket: 16
[  256.004233][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  256.011185][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  256.022933][ T5858] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  256.033795][ T5858] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  256.045343][ T5858] usb 4-1: config 0 has no interface number 0
[  256.057877][ T5858] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  256.077708][ T5858] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  256.087992][ T5858] usb 4-1: Product: syz
[  256.095063][   T11] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.106527][ T5858] usb 4-1: SerialNumber: syz
[  256.117728][ T5858] usb 4-1: config 0 descriptor??
[  256.144072][ T5858] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  256.207498][   T11] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.228634][    T8] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  256.247595][ T5858] snd-usb-audio: probe of 4-1:0.2 failed with error -2
[  256.336885][ T5891] udevd[5891]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  256.381067][ T5858] usb 4-1: USB disconnect, device number 13
[  256.453394][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.485037][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.496364][    T8] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  256.523425][    T8] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  256.541793][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.547718][   T50] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  256.561196][   T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  256.575317][    T8] usb 1-1: config 0 descriptor??
[  256.580831][   T50] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  256.618061][   T50] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  256.630580][   T50] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  256.640832][   T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  256.905677][T10096] chnl_net:caif_netlink_parms(): no params data found
[  256.997686][    T8] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x2
[  257.033382][    T8] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x6
[  257.046509][    T8] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  257.102089][    T8] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  257.224780][ T5855] usb 1-1: USB disconnect, device number 20
[  257.261061][T10096] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.278865][T10096] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.286206][T10096] bridge_slave_0: entered allmulticast mode
[  257.449562][T10096] bridge_slave_0: entered promiscuous mode
[  257.577710][T10109] loop3: detected capacity change from 0 to 32768
[  257.597520][T10096] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.620681][T10096] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.627990][T10096] bridge_slave_1: entered allmulticast mode
[  257.635548][T10096] bridge_slave_1: entered promiscuous mode
[  257.642726][T10109] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  257.690144][T10109] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  257.713625][T10109] XFS (loop3): Starting recovery (logdev: internal)
[  257.730053][T10109] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xd0, xfs_bnobt block 0x8 
[  257.741132][T10109] XFS (loop3): Unmount and run xfs_repair
[  257.746873][T10109] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  257.754345][T10109] 00000000: 41 42 54 42 00 00 00 02 ff ff ff ff ff ff ff ff  ABTB............
[  257.763747][T10109] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  257.772682][T10109] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  257.781610][T10109] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[  257.790694][T10109] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  257.799627][T10109] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  257.808700][T10109] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  257.817605][T10109] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  257.827585][T10109] XFS (loop3): Filesystem has been shut down due to log error (0x2).
[  257.835744][T10109] XFS (loop3): Please unmount the filesystem and rectify the problem(s).
[  257.845058][T10109] XFS (loop3): log mount/recovery failed: error -74
[  257.865959][T10109] XFS (loop3): log mount failed
[  257.972750][T10127] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1291'.
[  258.061793][T10096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  258.098202][T10096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  258.249556][T10096] team0: Port device team_slave_0 added
[  258.320348][T10096] team0: Port device team_slave_1 added
[  258.409273][   T11] hsr_slave_0: left promiscuous mode
[  258.415143][   T11] hsr_slave_1: left promiscuous mode
[  258.424230][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.431979][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.440738][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.448211][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.456149][   T11] bridge_slave_1: left allmulticast mode
[  258.461897][   T11] bridge_slave_1: left promiscuous mode
[  258.467593][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.477355][   T11] bridge_slave_0: left allmulticast mode
[  258.483125][   T11] bridge_slave_0: left promiscuous mode
[  258.492969][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.521249][   T11] veth1_macvtap: left promiscuous mode
[  258.528402][   T11] veth0_macvtap: left promiscuous mode
[  258.535497][   T11] veth1_vlan: left promiscuous mode
[  258.540935][   T11] veth0_vlan: left promiscuous mode
[  258.648949][ T5844] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  258.720032][ T5798] Bluetooth: hci2: command tx timeout
[  258.849185][ T5844] usb 1-1: Using ep0 maxpacket: 32
[  258.867902][ T5844] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  258.920482][ T5844] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  258.934004][ T5844] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.944373][ T5844] usb 1-1: config 0 descriptor??
[  258.955840][T10140] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  258.971865][ T5844] hub 1-1:0.0: bad descriptor, ignoring hub
[  258.977872][ T5844] hub: probe of 1-1:0.0 failed with error -5
[  259.085639][ T5844] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  259.490062][T10150] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1302'.
[  259.763508][   T11] team0 (unregistering): Port device team_slave_1 removed
[  259.822174][   T11] team0 (unregistering): Port device team_slave_0 removed
[  259.891069][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  259.953162][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  260.602509][   T11] bond0 (unregistering): Released all slaves
[  260.715104][T10096] batman_adv: batadv0: Adding interface: batadv_slave_0
[  260.722512][T10096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.750363][T10096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  260.798962][ T5798] Bluetooth: hci2: command tx timeout
[  260.825458][T10096] batman_adv: batadv0: Adding interface: batadv_slave_1
[  260.833838][T10096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.861337][T10096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  261.250391][T10167] loop4: detected capacity change from 0 to 32768
[  261.310763][T10167] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  261.324465][T10096] hsr_slave_0: entered promiscuous mode
[  261.352850][T10096] hsr_slave_1: entered promiscuous mode
[  261.377204][T10167] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  261.423002][T10096] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  261.455610][T10096] Cannot create hsr debugfs directory
[  261.465658][T10167] XFS (loop4): Starting recovery (logdev: internal)
[  261.490072][T10167] XFS (loop4): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xd0, xfs_bnobt block 0x8 
[  261.501405][T10167] XFS (loop4): Unmount and run xfs_repair
[  261.507142][T10167] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  261.514603][T10167] 00000000: 41 42 54 42 00 00 00 02 ff ff ff ff ff ff ff ff  ABTB............
[  261.523587][T10167] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  261.532532][T10167] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  261.541868][T10167] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[  261.551770][T10167] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  261.560802][T10167] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  261.569860][T10167] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  261.578856][T10167] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  261.588814][T10167] XFS (loop4): Filesystem has been shut down due to log error (0x2).
[  261.596966][T10167] XFS (loop4): Please unmount the filesystem and rectify the problem(s).
[  261.605727][T10167] XFS (loop4): log mount/recovery failed: error -74
[  261.612843][    T8] usb 1-1: USB disconnect, device number 21
[  261.626836][T10167] XFS (loop4): log mount failed
[  262.131272][T10183] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1312'.
[  262.268077][T10181] loop0: detected capacity change from 0 to 32768
[  262.275469][T10181] XFS: ikeep mount option is deprecated.
[  262.281237][T10181] XFS: noikeep mount option is deprecated.
[  262.362027][T10181] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  262.430560][T10181] XFS (loop0): Ending clean mount
[  262.439860][T10181] XFS (loop0): Quotacheck needed: Please wait.
[  262.527773][T10181] XFS (loop0): Quotacheck: Done.
[  262.601958][ T5784] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  262.722119][T10096] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  262.733346][T10096] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  262.747212][T10096] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  262.757157][T10096] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  262.852387][T10096] 8021q: adding VLAN 0 to HW filter on device bond0
[  262.875950][T10096] 8021q: adding VLAN 0 to HW filter on device team0
[  262.882704][   T50] Bluetooth: hci2: command tx timeout
[  262.902622][ T1102] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.909844][ T1102] bridge0: port 1(bridge_slave_0) entered forwarding state
[  262.928265][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.935459][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  263.199508][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  263.323694][T10096] 8021q: adding VLAN 0 to HW filter on device batadv0
[  263.819705][T10096] veth0_vlan: entered promiscuous mode
[  263.824643][T10215] loop3: detected capacity change from 0 to 32768
[  263.862186][T10096] veth1_vlan: entered promiscuous mode
[  263.953077][T10215] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  263.995676][T10096] veth0_macvtap: entered promiscuous mode
[  264.032646][T10215] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  264.036476][T10096] veth1_macvtap: entered promiscuous mode
[  264.088691][T10096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  264.099929][T10096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.111727][T10096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  264.112939][T10215] XFS (loop3): Starting recovery (logdev: internal)
[  264.123145][T10096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.139393][T10096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  264.150425][T10096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.177992][T10096] batman_adv: batadv0: Interface activated: batadv_slave_0
[  264.199465][T10215] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xd0, xfs_bnobt block 0x8 
[  264.210917][T10096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  264.210939][T10096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.210948][T10096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  264.210960][T10096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.210971][T10096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  264.210983][T10096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.212330][T10096] batman_adv: batadv0: Interface activated: batadv_slave_1
[  264.297434][T10096] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  264.301848][T10215] XFS (loop3): Unmount and run xfs_repair
[  264.326205][T10096] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  264.333869][T10215] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  264.341709][T10096] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  264.352985][T10096] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.358592][T10215] 00000000: 41 42 54 42 00 00 00 02 ff ff ff ff ff ff ff ff  ABTB............
[  264.405057][T10215] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  264.414991][T10215] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  264.424482][T10215] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[  264.443384][T10215] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  264.481293][T10215] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  264.494586][T10215] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  264.545712][T10215] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  264.573722][T10215] XFS (loop3): Filesystem has been shut down due to log error (0x2).
[  264.598578][T10215] XFS (loop3): Please unmount the filesystem and rectify the problem(s).
[  264.621020][T10215] XFS (loop3): log mount/recovery failed: error -74
[  264.648442][T10215] XFS (loop3): log mount failed
[  264.667608][T10242] ax25_connect(): syz.0.1323 uses autobind, please contact jreuter@yaina.de
[  264.724329][T10242] syz.0.1323 uses old SIOCAX25GETINFO
[  264.778466][ T3489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.804411][T10240] loop4: detected capacity change from 0 to 32768
[  264.816606][ T3489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.827488][T10240] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  264.837791][T10240] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  264.846565][T10240] BTRFS info (device loop4): enabling auto defrag
[  264.853055][T10240] BTRFS info (device loop4): disabling tree log
[  264.859468][T10240] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  264.870159][T10240] BTRFS info (device loop4): trying to use backup root at mount time
[  264.878296][T10240] BTRFS info (device loop4): max_inline at 4096
[  264.884879][T10240] BTRFS info (device loop4): force clearing of disk cache
[  264.892098][T10240] BTRFS info (device loop4): enabling ssd optimizations
[  264.899109][T10240] BTRFS info (device loop4): using spread ssd allocation scheme
[  264.906771][T10240] BTRFS info (device loop4): using free space tree
[  264.933590][T10242] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1323'.
[  264.968784][ T5798] Bluetooth: hci2: command tx timeout
[  264.986551][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  265.005374][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  265.117427][T10240] BTRFS info (device loop4): auto enabling async discard
[  265.129304][T10240] BTRFS info (device loop4): rebuilding free space tree
[  265.205938][   T27] audit: type=1800 audit(1757284402.939:16): pid=10240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1322" name="file1" dev="loop4" ino=260 res=0 errno=0
[  265.230234][T10240] BTRFS warning (device loop4): this kernel does not support the compat:0 feature bit
[  265.373907][ T7254] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  265.788232][T10275] fuse: Bad value for 'fd'
[  265.875761][T10277] loop0: detected capacity change from 0 to 4096
[  265.983316][T10277] ntfs3: loop0: ino=21, "file1" fallocate(0x41) is not supported
[  266.486294][T10283] loop0: detected capacity change from 0 to 8192
[  266.531709][T10282] loop4: detected capacity change from 0 to 40427
[  266.549411][T10282] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  266.557240][T10282] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  266.586547][T10282] F2FS-fs (loop4): invalid crc value
[  266.612781][T10282] F2FS-fs (loop4): Found nat_bits in checkpoint
[  266.672150][T10282] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  266.679350][T10282] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  266.741884][T10282] syz.4.1332: attempt to access beyond end of device
[  266.741884][T10282] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  266.756493][T10282] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  267.228431][T10301] fuse: Bad value for 'fd'
[  267.564856][T10291] loop3: detected capacity change from 0 to 32768
[  267.800945][T10291] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  267.879043][T10312] loop0: detected capacity change from 0 to 32768
[  267.887331][T10312] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.1340 (10312)
[  267.958053][T10291] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  268.065910][T10291] XFS (loop3): Starting recovery (logdev: internal)
[  268.107779][T10291] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xd0, xfs_bnobt block 0x8 
[  268.130829][T10291] XFS (loop3): Unmount and run xfs_repair
[  268.136770][T10291] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  268.151020][T10291] 00000000: 41 42 54 42 00 00 00 02 ff ff ff ff ff ff ff ff  ABTB............
[  268.163635][T10291] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  268.186285][T10291] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  268.196983][T10291] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[  268.216738][T10291] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  268.241497][T10291] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  268.256438][T10291] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  268.265930][T10291] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  268.282231][T10291] XFS (loop3): Filesystem has been shut down due to log error (0x2).
[  268.293127][T10291] XFS (loop3): Please unmount the filesystem and rectify the problem(s).
[  268.304634][T10291] XFS (loop3): log mount/recovery failed: error -74
[  268.347261][T10291] XFS (loop3): log mount failed
[  268.421417][T10320] loop4: detected capacity change from 0 to 65536
[  268.445299][T10312] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  268.455814][T10312] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  268.464611][T10312] BTRFS info (device loop0): enabling auto defrag
[  268.471143][T10312] BTRFS info (device loop0): turning off barriers
[  268.477598][T10312] BTRFS info (device loop0): turning on barriers
[  268.484219][T10312] BTRFS info (device loop0): max_inline at 0
[  268.490406][T10312] BTRFS info (device loop0): force clearing of disk cache
[  268.497560][T10312] BTRFS info (device loop0): turning on sync discard
[  268.504418][T10312] BTRFS info (device loop0): using free space tree
[  268.578053][T10320] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  268.682280][T10312] BTRFS info (device loop0): enabling ssd optimizations
[  268.702384][T10312] BTRFS info (device loop0): rebuilding free space tree
[  268.706050][T10320] XFS (loop4): Ending clean mount
[  268.853916][ T7254] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  269.071320][ T5784] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  269.173465][T10353] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1346'.
[  270.103696][T10374] loop4: detected capacity change from 0 to 32768
[  270.111602][T10374] XFS: ikeep mount option is deprecated.
[  270.117281][T10374] XFS: noikeep mount option is deprecated.
[  270.186827][T10374] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  270.246043][T10374] XFS (loop4): Ending clean mount
[  270.270666][T10374] XFS (loop4): Quotacheck needed: Please wait.
[  270.328123][T10378] loop6: detected capacity change from 0 to 8192
[  270.413922][T10374] XFS (loop4): Quotacheck: Done.
[  270.506570][ T7254] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  273.128665][ T5844] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  273.335366][ T5844] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  273.346216][ T5844] usb 7-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xBA, skipping
[  273.377436][ T5844] usb 7-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  273.387187][ T5844] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.399748][ T5844] usb 7-1: Product: syz
[  273.404209][ T5844] usb 7-1: Manufacturer: syz
[  273.409652][ T5844] usb 7-1: SerialNumber: syz
[  273.445978][ T5844] usb 7-1: config 0 descriptor??
[  273.465412][T10434] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  273.476771][T10434] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  273.516299][ T5844] usb 7-1: ucan: probing device on interface #0
[  273.535258][ T5844] usb 7-1: ucan: invalid EP count (1)
[  273.556761][T10446] loop4: detected capacity change from 0 to 8192
[  273.567877][ T5844] usb 7-1: ucan: probe failed; try to update the device firmware
[  274.532674][T10454] loop3: detected capacity change from 0 to 40427
[  274.548638][T10454] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  274.556754][T10454] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  274.581303][T10454] F2FS-fs (loop3): invalid crc value
[  274.594808][T10454] F2FS-fs (loop3): Found nat_bits in checkpoint
[  274.645683][T10454] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  274.653054][T10454] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  274.735131][T10454] syz.3.1378: attempt to access beyond end of device
[  274.735131][T10454] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  274.749149][T10454] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  274.756022][T10454] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  275.422260][T10471] ax25_connect(): syz.3.1383 uses autobind, please contact jreuter@yaina.de
[  275.868273][ T5858] usb 7-1: USB disconnect, device number 2
[  276.046016][T10492] fuse: Bad value for 'fd'
[  276.332292][T10500] ax25_connect(): syz.6.1393 uses autobind, please contact jreuter@yaina.de
[  279.585723][T10545] Bluetooth: MGMT ver 1.22
[  280.505738][T10557] ax25_connect(): syz.0.1412 uses autobind, please contact jreuter@yaina.de
[  281.490505][   T27] audit: type=1326 audit(1757284419.239:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7fc00000
[  281.554587][   T27] audit: type=1326 audit(1757284419.239:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb6e138ebe9 code=0x7fc00000
[  281.644455][   T27] audit: type=1326 audit(1757284419.239:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7fc00000
[  281.693520][ T5798] Bluetooth: hci0: command 0x0406 tx timeout
[  281.713027][   T27] audit: type=1326 audit(1757284419.239:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7fc00000
[  281.824348][   T27] audit: type=1326 audit(1757284419.239:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7fc00000
[  281.863314][   T27] audit: type=1326 audit(1757284419.239:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7fc00000
[  281.901055][   T27] audit: type=1326 audit(1757284419.239:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7fc00000
[  281.945560][   T27] audit: type=1326 audit(1757284419.239:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7fc00000
[  281.974100][   T27] audit: type=1326 audit(1757284419.239:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7fc00000
[  282.000696][   T27] audit: type=1326 audit(1757284419.239:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10562 comm="syz.0.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7fc00000
[  282.255111][T10585] ax25_connect(): syz.6.1422 uses autobind, please contact jreuter@yaina.de
[  285.182032][T10594] loop0: detected capacity change from 0 to 32768
[  285.214255][T10594] XFS: ikeep mount option is deprecated.
[  285.224812][T10594] XFS: noikeep mount option is deprecated.
[  285.288757][T10594] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  285.447281][T10594] XFS (loop0): Ending clean mount
[  285.458926][T10625] fuse: Bad value for 'fd'
[  285.488933][T10594] XFS (loop0): Quotacheck needed: Please wait.
[  285.608899][T10594] XFS (loop0): Quotacheck: Done.
[  285.748203][ T5784] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  285.806799][T10627] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1434'.
[  287.274369][T10650] fuse: Bad value for 'fd'
[  287.433495][T10653] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1443'.
[  287.614934][T10642] loop6: detected capacity change from 0 to 40427
[  287.640365][T10642] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  287.652310][T10642] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  287.661344][T10657] ax25_connect(): syz.0.1445 uses autobind, please contact jreuter@yaina.de
[  287.680984][T10642] F2FS-fs (loop6): invalid crc value
[  287.705957][T10657] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1445'.
[  287.726470][T10642] F2FS-fs (loop6): Found nat_bits in checkpoint
[  287.884869][T10642] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  287.920804][T10642] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  288.034804][T10642] syz.6.1440: attempt to access beyond end of device
[  288.034804][T10642] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  288.069874][T10642] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  288.108586][T10642] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  289.586694][T10677] fuse: Bad value for 'fd'
[  289.906677][T10684] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1454'.
[  290.003376][T10686] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1455'.
[  292.708655][ T5844] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  292.878706][ T5835] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  292.902708][ T5844] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  292.922225][ T5844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.932374][ T5844] usb 1-1: Product: syz
[  292.936584][ T5844] usb 1-1: Manufacturer: syz
[  292.942566][ T5844] usb 1-1: SerialNumber: syz
[  293.069185][ T5835] usb 4-1: Using ep0 maxpacket: 16
[  293.090677][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  293.132637][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  293.143616][ T5835] usb 4-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00
[  293.152838][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.167766][ T5835] usb 4-1: config 0 descriptor??
[  293.932175][ T5844] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71
[  294.011216][ T5844] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71
[  294.039735][ T5835] aquacomputer_d5next 0003:0C70:F0B6.0006: hidraw0: USB HID v0.05 Device [HID 0c70:f0b6] on usb-dummy_hcd.3-1/input0
[  294.066019][ T5844] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71
[  294.103389][ T5844] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  294.493389][ T5844] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  294.573566][ T5844] lan78xx: probe of 1-1:1.0 failed with error -71
[  294.589540][ T5844] usb 1-1: USB disconnect, device number 22
[  294.641965][ T5835] usb 4-1: USB disconnect, device number 14
[  295.026720][T10730] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1471'.
[  297.028068][T10738] loop0: detected capacity change from 0 to 32768
[  297.048948][T10738] XFS: ikeep mount option is deprecated.
[  297.054650][T10738] XFS: noikeep mount option is deprecated.
[  297.134789][T10768] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1482'.
[  297.170941][T10738] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  297.302025][T10738] XFS (loop0): Ending clean mount
[  297.378013][T10738] XFS (loop0): Quotacheck needed: Please wait.
[  297.475370][T10738] XFS (loop0): Quotacheck: Done.
[  297.545840][ T5784] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  298.071932][T10783] ax25_connect(): syz.0.1486 uses autobind, please contact jreuter@yaina.de
[  298.141975][T10775] loop3: detected capacity change from 0 to 40427
[  298.153359][T10783] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1486'.
[  298.167606][T10775] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  298.198820][T10775] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  298.219988][T10775] F2FS-fs (loop3): invalid crc value
[  298.271489][T10775] F2FS-fs (loop3): Found nat_bits in checkpoint
[  298.485897][T10775] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  298.551029][T10775] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  298.645201][T10775] syz.3.1483: attempt to access beyond end of device
[  298.645201][T10775] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  298.669872][T10775] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  298.759438][ T5835] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  298.948624][ T5835] usb 1-1: Using ep0 maxpacket: 32
[  298.959678][ T5835] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  298.996713][ T5835] usb 1-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  299.024430][ T5835] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.058143][ T5835] usb 1-1: Product: syz
[  299.064191][ T5835] usb 1-1: Manufacturer: syz
[  299.078647][ T5835] usb 1-1: SerialNumber: syz
[  299.094717][ T5835] usb 1-1: config 0 descriptor??
[  299.110839][ T5835] usb 1-1: bad CDC descriptors
[  299.126442][ T5835] usb 1-1: unsupported MDLM descriptors
[  299.341312][ T5835] usb 1-1: USB disconnect, device number 23
[  302.020476][T10830] virt_wifi0 speed is unknown, defaulting to 1000
[  302.027656][T10830] virt_wifi0 speed is unknown, defaulting to 1000
[  302.052001][T10830] virt_wifi0 speed is unknown, defaulting to 1000
[  302.071058][T10831] misc userio: No port type given on /dev/userio
[  302.153078][T10830] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  302.254151][T10830] virt_wifi0 speed is unknown, defaulting to 1000
[  302.262406][T10830] virt_wifi0 speed is unknown, defaulting to 1000
[  302.272004][T10830] virt_wifi0 speed is unknown, defaulting to 1000
[  302.280854][T10830] virt_wifi0 speed is unknown, defaulting to 1000
[  302.671005][T10838] virt_wifi0 speed is unknown, defaulting to 1000
[  302.730830][T10842] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1505'.
[  303.016635][T10847] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1506'.
[  303.095946][T10849] netlink: set zone limit has 8 unknown bytes
[  305.227787][T10874] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1515'.
[  305.732135][T10884] netlink: set zone limit has 8 unknown bytes
[  306.317321][T10891] netlink: set zone limit has 8 unknown bytes
[  306.992327][T10896] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1523'.
[  308.190104][T10909] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1527'.
[  308.568089][T10915] siw: device registration error -23
[  308.586807][T10915] misc userio: No port type given on /dev/userio
[  309.427899][T10921] virt_wifi0 speed is unknown, defaulting to 1000
[  310.057171][T10922] loop0: detected capacity change from 0 to 40427
[  310.065285][T10922] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  310.087153][T10922] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  310.126610][T10922] F2FS-fs (loop0): invalid crc value
[  310.159940][T10922] F2FS-fs (loop0): Found nat_bits in checkpoint
[  310.192466][T10922] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  310.200940][T10922] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  311.605675][T10950] overlay: Unknown parameter 'euid'
[  311.951189][T10953] netlink: set zone limit has 8 unknown bytes
[  312.608964][   T28] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  312.798655][   T28] usb 4-1: Using ep0 maxpacket: 8
[  312.872059][   T28] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  312.926017][   T28] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.938652][   T28] usb 4-1: Product: syz
[  312.942876][   T28] usb 4-1: Manufacturer: syz
[  312.961199][   T28] usb 4-1: SerialNumber: syz
[  312.988182][   T28] usb 4-1: config 0 descriptor??
[  313.248793][   T28] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  314.578156][T10979] binder: BINDER_SET_CONTEXT_MGR already set
[  314.591162][T10979] binder: 10978:10979 ioctl 4018620d 200000004a80 returned -16
[  314.733919][   T28] dvb_usb_rtl28xxu: probe of 4-1:0.0 failed with error -71
[  314.752100][   T28] usb 4-1: USB disconnect, device number 15
[  315.367844][T10985] fuse: Unknown parameter '0x0000000000000003'
[  317.786810][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  317.809776][T11004] virt_wifi0 speed is unknown, defaulting to 1000
[  318.000007][T11013] 
: renamed from bridge_slave_0 (while UP)
[  318.041988][T11017] fuse: Unknown parameter '0x0000000000000003'
[  318.242244][T11019] virt_wifi0 speed is unknown, defaulting to 1000
[  318.528597][ T5844] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  318.840382][ T5844] usb 1-1: config 0 has no interfaces?
[  318.849332][ T5844] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  318.864261][ T5844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.882399][ T5844] usb 1-1: Product: syz
[  318.896231][ T5844] usb 1-1: Manufacturer: syz
[  318.902359][ T5844] usb 1-1: SerialNumber: syz
[  318.915232][ T5844] usb 1-1: config 0 descriptor??
[  318.938898][T11031] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1567'.
[  319.233592][    T8] usb 1-1: USB disconnect, device number 24
[  323.014268][T11059] fuse: Unknown parameter '0xffffffffffffffff'
[  323.292488][T11062] ax25_connect(): syz.0.1574 uses autobind, please contact jreuter@yaina.de
[  323.402579][T11062] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1574'.
[  324.805794][ T5835] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  325.290139][ T5835] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  325.298295][ T5835] usb 1-1: config 0 has no interface number 0
[  325.307451][ T5835] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  325.323698][ T5835] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  325.349435][ T5835] usb 1-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  325.363348][ T5835] usb 1-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[  325.373297][ T5835] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.394257][ T5835] usb 1-1: config 0 descriptor??
[  326.094982][ T5835] input: HID 28bd:0042 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.1/0003:28BD:0042.0007/input/input8
[  326.154064][ T5835] uclogic 0003:28BD:0042.0007: input,hidraw0: USB HID v0.00 Keypad [HID 28bd:0042] on usb-dummy_hcd.0-1/input1
[  326.229464][ T5835] usb 1-1: USB disconnect, device number 25
[  327.794565][T11083] fido_id[11083]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  328.766799][T11101] 
: renamed from bridge_slave_0 (while UP)
[  328.933899][T11100] loop6: detected capacity change from 0 to 40427
[  328.978401][T11100] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  328.994667][T11100] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  329.055287][T11100] F2FS-fs (loop6): invalid crc value
[  329.136368][T11100] F2FS-fs (loop6): Found nat_bits in checkpoint
[  329.273878][T11110] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1588'.
[  329.299626][T11100] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  329.313614][T11100] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  332.038023][T11140] virt_wifi0 speed is unknown, defaulting to 1000
[  332.131592][T11144] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1599'.
[  334.495891][T11161] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1604'.
[  334.703027][T11163] nvme_fabrics: unknown parameter or missing value '�' in ctrl creation request
[  334.920185][T11167] virt_wifi0 speed is unknown, defaulting to 1000
[  335.208760][ T5844] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  335.694655][ T5844] usb 4-1: config 0 has no interfaces?
[  335.710492][ T5844] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  335.725629][ T5844] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.739379][ T5844] usb 4-1: Product: syz
[  335.743595][ T5844] usb 4-1: Manufacturer: syz
[  335.748400][ T5844] usb 4-1: SerialNumber: syz
[  335.772587][ T5844] usb 4-1: config 0 descriptor??
[  336.099064][    T9] usb 4-1: USB disconnect, device number 16
[  336.999410][T11190] netlink: 108 bytes leftover after parsing attributes in process `syz.6.1614'.
[  340.127425][T11225] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1625'.
[  340.268207][T11221] 
: renamed from bridge_slave_0 (while UP)
[  341.668949][   T28] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  341.909124][   T28] usb 4-1: Using ep0 maxpacket: 16
[  342.034647][   T28] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.094765][   T28] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  342.298746][   T28] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.316356][   T28] usb 4-1: config 0 descriptor??
[  342.953176][   T28] mcp2221 0003:04D8:00DD.0008: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  343.538755][   T27] kauditd_printk_skb: 56 callbacks suppressed
[  343.538794][   T27] audit: type=1326 audit(1757284481.109:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11253 comm="syz.0.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7ffc0000
[  343.940473][ T5858] usb 4-1: USB disconnect, device number 17
[  344.054683][   T27] audit: type=1326 audit(1757284481.109:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11253 comm="syz.0.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7fb6e138ebe9 code=0x7ffc0000
[  344.126928][   T27] audit: type=1326 audit(1757284481.109:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11253 comm="syz.0.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7ffc0000
[  344.146799][T11260] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1637'.
[  344.231514][   T27] audit: type=1326 audit(1757284481.109:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11253 comm="syz.0.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fb6e138ebe9 code=0x7ffc0000
[  344.446245][   T27] audit: type=1326 audit(1757284481.109:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11253 comm="syz.0.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7ffc0000
[  344.469791][   T27] audit: type=1326 audit(1757284481.119:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11253 comm="syz.0.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fb6e138ebe9 code=0x7ffc0000
[  344.496098][   T27] audit: type=1326 audit(1757284481.119:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11253 comm="syz.0.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6e138ebe9 code=0x7ffc0000
[  344.524323][   T27] audit: type=1326 audit(1757284481.119:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11253 comm="syz.0.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb6e138d550 code=0x7ffc0000
[  344.598606][   T27] audit: type=1326 audit(1757284481.119:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11253 comm="syz.0.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fb6e1390417 code=0x7ffc0000
[  344.628364][   T27] audit: type=1326 audit(1757284481.119:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11253 comm="syz.0.1635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb6e138ebe9 code=0x7ffc0000
[  345.544163][T11271] Process accounting resumed
[  345.891394][T11283] binder: 11275:11283 ioctl c0306201 200000000480 returned -14
[  346.780806][T11289] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1647'.
[  346.810404][T11285] virt_wifi0 speed is unknown, defaulting to 1000
[  350.325251][T11333] virt_wifi0 speed is unknown, defaulting to 1000
[  351.777253][T11360] mkiss: ax0: crc mode is auto.
[  352.546689][T11373] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1673'.
[  352.909465][T11379] virt_wifi0 speed is unknown, defaulting to 1000
[  352.993721][T11383] lo speed is unknown, defaulting to 1000
[  353.018150][T11383] lo speed is unknown, defaulting to 1000
[  353.039020][T11383] lo speed is unknown, defaulting to 1000
[  353.110725][T11383] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  353.144094][T11383] lo speed is unknown, defaulting to 1000
[  353.160172][T11383] lo speed is unknown, defaulting to 1000
[  353.169658][T11383] lo speed is unknown, defaulting to 1000
[  353.321164][T11383] lo speed is unknown, defaulting to 1000
[  353.328320][T11383] lo speed is unknown, defaulting to 1000
[  354.000233][   T50] Bluetooth: hci2: command tx timeout
[  354.128602][T11397] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1680'.
[  354.177280][T11397] geneve2: entered promiscuous mode
[  354.197018][T11397] geneve2: entered allmulticast mode
[  354.625765][T11405] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1684'.
[  354.778647][  T787] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  354.910787][T11396] loop3: detected capacity change from 0 to 40427
[  354.926936][T11396] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  355.007239][T11396] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  355.051509][T11396] F2FS-fs (loop3): invalid crc value
[  355.063921][T11396] F2FS-fs (loop3): Found nat_bits in checkpoint
[  355.735681][  T787] usb 7-1: config 0 has no interfaces?
[  355.779085][T11396] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  355.795129][T11396] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  355.841907][  T787] usb 7-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[  355.851113][  T787] usb 7-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  355.860720][  T787] usb 7-1: Manufacturer: syz
[  355.865349][  T787] usb 7-1: SerialNumber: syz
[  355.876665][  T787] usb 7-1: config 0 descriptor??
[  355.899701][T11396] syz.3.1681: attempt to access beyond end of device
[  355.899701][T11396] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  355.940964][T11396] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  356.159135][T11423] siw: device registration error -23
[  356.174368][    T8] usb 7-1: USB disconnect, device number 3
[  356.511677][T11432] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1694'.
[  356.867834][T11441] kvm: pic: single mode not supported
[  356.868083][T11441] kvm: pic: level sensitive irq not supported
[  356.893017][T11441] kvm: pic: single mode not supported
[  356.899337][T11441] kvm: pic: level sensitive irq not supported
[  356.920929][T11441] kvm: pic: single mode not supported
[  356.927053][T11441] kvm: pic: level sensitive irq not supported
[  356.933164][T11441] kvm: pic: single mode not supported
[  356.939378][T11441] kvm: pic: level sensitive irq not supported
[  356.945122][T11441] kvm: pic: single mode not supported
[  356.951284][T11441] kvm: pic: level sensitive irq not supported
[  356.958346][T11441] kvm: pic: single mode not supported
[  356.964673][T11441] kvm: pic: level sensitive irq not supported
[  356.970528][T11441] kvm: pic: single mode not supported
[  356.976644][T11441] kvm: pic: level sensitive irq not supported
[  356.982697][T11441] kvm: pic: single mode not supported
[  356.988857][T11441] kvm: pic: level sensitive irq not supported
[  356.994672][T11441] kvm: pic: single mode not supported
[  357.000828][T11441] kvm: pic: level sensitive irq not supported
[  357.006394][T11441] kvm: pic: single mode not supported
[  357.012527][T11441] kvm: pic: level sensitive irq not supported
[  358.479824][T11449] loop0: detected capacity change from 0 to 40427
[  358.513631][T11461] siw: device registration error -23
[  358.621025][T11449] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  358.660267][T11449] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  358.693721][T11449] F2FS-fs (loop0): invalid crc value
[  358.726239][T11449] F2FS-fs (loop0): Found nat_bits in checkpoint
[  358.742441][T11465] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1704'.
[  358.872253][T11449] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  358.892409][T11449] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  358.944599][T11449] syz.0.1698: attempt to access beyond end of device
[  358.944599][T11449] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  358.977625][T11449] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  359.619796][T11479] overlayfs: failed to clone upperpath
[  360.121191][    T9] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  360.595610][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  360.618583][    T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  360.643664][    T9] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  360.664034][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  360.674683][    T9] usb 1-1: SerialNumber: syz
[  360.901500][    T9] usb 1-1: 0:2 : does not exist
[  360.944975][    T9] usb 1-1: USB disconnect, device number 26
[  362.143892][T11518] overlayfs: failed to clone upperpath
[  362.193327][T11520] overlayfs: failed to clone upperpath
[  362.250037][T11522] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1727'.
[  363.939898][T11538] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1734'.
[  363.942831][T11541] overlayfs: failed to clone upperpath
[  365.023636][T11548] mkiss: ax0: crc mode is auto.
[  366.350809][T11562] virt_wifi0 speed is unknown, defaulting to 1000
[  366.366265][T11562] lo speed is unknown, defaulting to 1000
[  366.495762][T11567] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1741'.
[  366.509807][T11567] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1741'.
[  367.678434][T11580] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1746'.
[  368.907567][T11599] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1751'.
[  369.167424][T11601] virt_wifi0 speed is unknown, defaulting to 1000
[  369.183098][T11601] lo speed is unknown, defaulting to 1000
[  372.243032][T11629] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  372.255227][T11629] overlayfs: missing 'lowerdir'
[  372.307983][T11637] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1762'.
[  372.318668][   T28] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  372.456032][T11641] syzkaller0: entered promiscuous mode
[  372.466465][T11641] syzkaller0: entered allmulticast mode
[  372.476323][T11639] virt_wifi0 speed is unknown, defaulting to 1000
[  372.502229][T11639] lo speed is unknown, defaulting to 1000
[  372.509729][T11644] overlayfs: failed to clone upperpath
[  372.538594][   T28] usb 7-1: Using ep0 maxpacket: 8
[  372.686627][   T28] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  372.706821][   T28] usb 7-1: config 0 has no interface number 0
[  372.713801][   T28] usb 7-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping
[  372.728253][   T28] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 17056, setting to 1024
[  373.485868][   T28] usb 7-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping
[  373.562121][   T28] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  373.623244][   T28] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  373.656438][   T28] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.742477][   T28] usb 7-1: config 0 descriptor??
[  373.757834][   T28] ldusb 7-1:0.55: Interrupt in endpoint not found
[  373.926124][T11661] overlayfs: failed to clone upperpath
[  374.001436][    T8] usb 7-1: USB disconnect, device number 4
[  376.016254][T11682] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  376.027097][T11682] ubi31: attaching mtd0
[  376.034877][T11682] ubi31: scanning is finished
[  376.039666][T11682] ubi31: empty MTD device detected
[  376.323173][T11682] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  376.527398][T11688] syzkaller0: entered promiscuous mode
[  376.533106][T11688] syzkaller0: entered allmulticast mode
[  378.963109][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  379.604578][T11719] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  379.613385][T11719] overlayfs: missing 'lowerdir'
[  379.867877][T11730] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1789'.
[  383.197927][T11753] virt_wifi0 speed is unknown, defaulting to 1000
[  383.224291][T11753] lo speed is unknown, defaulting to 1000
[  384.409449][ T5844] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  385.238641][ T5844] usb 1-1: Using ep0 maxpacket: 16
[  385.260440][ T5844] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  385.312602][ T5844] usb 1-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  385.928623][ T5844] usb 1-1: config 0 interface 0 has no altsetting 0
[  385.935344][ T5844] usb 1-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00
[  386.011547][ T5844] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.077044][ T5844] usb 1-1: config 0 descriptor??
[  389.349892][ T5844] usb 1-1: can't set config #0, error -71
[  389.364533][ T5844] usb 1-1: USB disconnect, device number 27
[  389.530611][ T5798] Bluetooth: hci1: Malformed LE Event: 0x0b
[  390.508836][ T5875] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  390.740093][ T5875] usb 7-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  390.820050][ T5875] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  390.833607][ T5875] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  390.864162][ T5875] usb 7-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  390.880399][ T5875] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.892654][ T5875] usb 7-1: Product: syz
[  390.896928][ T5875] usb 7-1: Manufacturer: syz
[  390.905774][ T5875] usb 7-1: SerialNumber: syz
[  390.944431][ T5875] usb 7-1: config 0 descriptor??
[  390.981096][ T5875] usb-storage 7-1:0.0: USB Mass Storage device detected
[  390.993366][ T5875] usb-storage 7-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  391.186245][ T5875] usb 7-1: USB disconnect, device number 5
[  391.297079][T11833] virt_wifi0 speed is unknown, defaulting to 1000
[  391.345781][T11833] lo speed is unknown, defaulting to 1000
[  391.768740][    T9] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  391.960217][    T9] usb 4-1: config 1 interface 0 has no altsetting 0
[  391.975824][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  391.995102][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.001884][T11850] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1824'.
[  392.004183][    T9] usb 4-1: Product: syz
[  392.019521][    T9] usb 4-1: Manufacturer: syz
[  392.024336][    T9] usb 4-1: SerialNumber: syz
[  392.088647][ T5858] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  392.268585][ T5858] usb 7-1: Using ep0 maxpacket: 16
[  392.280264][ T5858] usb 7-1: config index 0 descriptor too short (expected 65, got 36)
[  392.291159][ T5858] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  392.302888][ T5858] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  392.317113][ T5858] usb 7-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  392.327160][ T5858] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  392.363685][ T5858] usb 7-1: config 0 descriptor??
[  392.374538][ T5858] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input10
[  392.594413][T11856] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1827'.
[  392.623730][ T5858] usb 7-1: USB disconnect, device number 6
[  392.693818][    T9] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  392.772159][T11856] syz.4.1827 (11856) used greatest stack depth: 16936 bytes left
[  393.112794][T11864] loop2: detected capacity change from 0 to 7
[  393.155932][T11864]  loop2: p1 p4
[  393.162314][T11864] loop2: partition table partially beyond EOD, truncated
[  393.171449][T11864] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  393.194275][T11864] loop2: p4 start 2495 is beyond EOD, truncated
[  393.408843][T11868] virt_wifi0 speed is unknown, defaulting to 1000
[  393.417102][T11868] lo speed is unknown, defaulting to 1000
[  395.088799][ T5855] usb 4-1: USB disconnect, device number 18
[  395.129014][ T5855] usblp0: removed
[  396.696798][T11889] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1838'.
[  397.688725][T11905] virt_wifi0 speed is unknown, defaulting to 1000
[  397.696874][T11905] lo speed is unknown, defaulting to 1000
[  399.307994][T11921] netlink: 108 bytes leftover after parsing attributes in process `syz.6.1849'.
[  401.326989][T11944] virt_wifi0 speed is unknown, defaulting to 1000
[  401.349039][T11944] lo speed is unknown, defaulting to 1000
[  401.598616][T11951] netlink: 'syz.4.1857': attribute type 10 has an invalid length.
[  401.606543][T11951] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1857'.
[  401.621075][T11951] netlink: 'syz.4.1857': attribute type 10 has an invalid length.
[  401.629552][T11951] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1857'.
[  402.403942][T11960] overlayfs: failed to clone upperpath
[  403.420523][T11895] Set syz1 is full, maxelem 65536 reached
[  403.684063][T11973] syzkaller0: entered promiscuous mode
[  403.686521][T11971] syz.3.1861: attempt to access beyond end of device
[  403.686521][T11971] loop7: rw=0, sector=0, nr_sectors = 8 limit=0
[  403.702968][T11971] F2FS-fs (loop7): Unable to read 1th superblock
[  403.710886][T11971] syz.3.1861: attempt to access beyond end of device
[  403.710886][T11971] loop7: rw=0, sector=8, nr_sectors = 8 limit=0
[  403.721964][T11973] syzkaller0: entered allmulticast mode
[  403.725912][T11971] F2FS-fs (loop7): Unable to read 2th superblock
[  404.827683][T11971] loop7: detected capacity change from 0 to 7
[  404.883732][ T5891] Dev loop7: unable to read RDB block 7
[  404.896028][ T5891]  loop7: unable to read partition table
[  404.918037][   T42] loop: Write error at byte offset 4, length 3584.
[  404.943577][ T5891] loop7: partition table beyond EOD, truncated
[  404.971181][    C0] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  404.980769][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  405.028329][T11971] Dev loop7: unable to read RDB block 7
[  405.035207][T11971]  loop7: unable to read partition table
[  405.084529][T11971] loop7: partition table beyond EOD, truncated
[  405.102143][T11971] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  405.306284][ T5161] Dev loop7: unable to read RDB block 7
[  405.316266][ T5161]  loop7: unable to read partition table
[  405.331301][ T5161] loop7: partition table beyond EOD, truncated
[  405.332968][T11991] netlink: 108 bytes leftover after parsing attributes in process `syz.6.1866'.
[  405.373307][T11988] virt_wifi0 speed is unknown, defaulting to 1000
[  405.396351][T11988] lo speed is unknown, defaulting to 1000
[  405.730251][T11999] overlayfs: failed to clone upperpath
[  407.436914][T12016] syzkaller0: entered promiscuous mode
[  407.438236][T12022] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1878'.
[  407.445697][T12016] syzkaller0: entered allmulticast mode
[  408.022669][T12030] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  409.521500][T12043] fuse: Bad value for 'fd'
[  410.074583][T12053] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1889'.
[  411.691570][T12065] syzkaller0: entered promiscuous mode
[  411.697252][T12065] syzkaller0: entered allmulticast mode
[  411.699998][T12063] overlayfs: failed to clone upperpath
[  414.284366][T12089] overlayfs: failed to clone upperpath
[  417.358307][T12119] random: crng reseeded on system resumption
[  419.518091][T12138] virt_wifi0 speed is unknown, defaulting to 1000
[  419.543642][T12138] lo speed is unknown, defaulting to 1000
[  422.142849][T12170] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1926'.
[  422.152141][T12170] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1926'.
[  422.161749][T12170] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1926'.
[  422.352371][T12175] syz.0.1925: attempt to access beyond end of device
[  422.352371][T12175] loop1: rw=0, sector=0, nr_sectors = 8 limit=0
[  422.366873][T12175] F2FS-fs (loop1): Unable to read 1th superblock
[  422.384910][T12179] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1928'.
[  422.424831][T12175] syz.0.1925: attempt to access beyond end of device
[  422.424831][T12175] loop1: rw=0, sector=8, nr_sectors = 8 limit=0
[  422.446772][T12175] F2FS-fs (loop1): Unable to read 2th superblock
[  422.447068][T12180] loop7: detected capacity change from 0 to 7
[  422.462137][ T5778] Dev loop7: unable to read RDB block 7
[  422.467820][ T5778]  loop7: unable to read partition table
[  422.498830][ T5778] loop7: partition table beyond EOD, truncated
[  422.519595][T12180] Dev loop7: unable to read RDB block 7
[  422.531449][T12180]  loop7: unable to read partition table
[  422.543064][T12180] loop7: partition table beyond EOD, truncated
[  422.562250][T12180] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  422.596511][T12182] syzkaller0: entered promiscuous mode
[  422.615139][T12182] syzkaller0: entered allmulticast mode
[  422.704658][T12187] virt_wifi0 speed is unknown, defaulting to 1000
[  422.712843][T12187] lo speed is unknown, defaulting to 1000
[  422.998150][ T3471] loop: Write error at byte offset 4, length 3584.
[  423.238567][    C1] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  423.248018][    C1] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  425.226642][T12210] autofs4:pid:12210:autofs_fill_super: called with bogus options
[  425.522984][T12213] netlink: 108 bytes leftover after parsing attributes in process `syz.6.1940'.
[  426.160360][T12234] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1950'.
[  426.717952][T12236] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.728721][T12236] bridge0: port 1(
) entered disabled state
[  427.322183][T12236] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  427.423998][T12236] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  427.569040][T12280] IPVS: starting estimator thread 0...
[  427.698792][T12283] IPVS: using max 25 ests per chain, 60000 per kthread
[  428.476208][T12236] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  428.488880][T12236] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  428.517025][T12236] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  428.623528][T12236] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  428.696270][T12241] virt_wifi0 speed is unknown, defaulting to 1000
[  428.751412][T12241] lo speed is unknown, defaulting to 1000
[  428.935390][T12304] fuse: Bad value for 'fd'
[  429.101405][T12309] netlink: set zone limit has 4 unknown bytes
[  431.223501][T12327] syzkaller0: entered promiscuous mode
[  431.259078][T12327] syzkaller0: entered allmulticast mode
[  431.298646][    T8] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  431.538925][    T8] usb 7-1: Using ep0 maxpacket: 16
[  432.028899][    T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  432.366944][    T8] usb 7-1: New USB device found, idVendor=1b1c, idProduct=1b25, bcdDevice= 0.00
[  432.376895][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.392132][    T8] usb 7-1: config 0 descriptor??
[  432.438164][T12343] fuse: Bad value for 'fd'
[  432.838438][    T8] hid-generic 0003:1B1C:1B25.0009: unknown main item tag 0x2
[  432.859145][    T8] hid-generic 0003:1B1C:1B25.0009: hidraw0: USB HID v0.09 Device [HID 1b1c:1b25] on usb-dummy_hcd.6-1/input0
[  433.036969][    T8] usb 7-1: USB disconnect, device number 7
[  435.671784][T12416] syzkaller0: entered promiscuous mode
[  435.677789][T12416] syzkaller0: entered allmulticast mode
[  438.293490][T12460] virt_wifi0 speed is unknown, defaulting to 1000
[  438.322064][T12460] lo speed is unknown, defaulting to 1000
[  438.424578][   T27] kauditd_printk_skb: 18 callbacks suppressed
[  438.424594][   T27] audit: type=1326 audit(1757284576.179:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12467 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  438.489727][   T27] audit: type=1326 audit(1757284576.179:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12467 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  438.524594][   T27] audit: type=1326 audit(1757284576.189:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12467 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  438.549876][   T27] audit: type=1326 audit(1757284576.189:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12467 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  438.595087][   T27] audit: type=1326 audit(1757284576.189:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12467 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  438.624656][   T27] audit: type=1326 audit(1757284576.189:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12467 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  438.653362][   T27] audit: type=1326 audit(1757284576.189:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12467 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  438.747592][   T27] audit: type=1326 audit(1757284576.189:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12467 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  438.924270][   T27] audit: type=1326 audit(1757284576.189:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12467 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  439.456964][   T27] audit: type=1326 audit(1757284576.189:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12467 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  439.479336][    C0] vkms_vblank_simulate: vblank timer overrun
[  439.623089][T12488] netlink: 108 bytes leftover after parsing attributes in process `syz.6.2013'.
[  440.326828][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  443.653759][T12537] overlayfs: failed to clone upperpath
[  444.134312][T12541] virt_wifi0 speed is unknown, defaulting to 1000
[  444.144498][T12541] lo speed is unknown, defaulting to 1000
[  444.267711][T12544] siw: device registration error -23
[  447.504050][T12598] syzkaller0: entered promiscuous mode
[  447.509745][T12598] syzkaller0: entered allmulticast mode
[  448.280439][T12610] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2052'.
[  448.289670][T12610] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  448.391833][T12610] batman_adv: batadv0: Removing interface: batadv_slave_1
[  448.508311][T12616] fuse: Bad value for 'fd'
[  448.992765][T12631] virt_wifi0 speed is unknown, defaulting to 1000
[  449.001214][T12631] lo speed is unknown, defaulting to 1000
[  450.446993][T12652] fuse: Bad value for 'fd'
[  451.656465][T12670] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2073'.
[  451.784186][T12666] virt_wifi0 speed is unknown, defaulting to 1000
[  452.001712][T12666] lo speed is unknown, defaulting to 1000
[  452.025870][T12679] fuse: Bad value for 'fd'
[  452.941264][T12687] syzkaller0: entered promiscuous mode
[  452.952117][T12687] syzkaller0: entered allmulticast mode
[  453.078902][T12281] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[  453.270510][T12281] usb 1-1: config 1 interface 0 has no altsetting 0
[  453.281466][T12281] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  453.292177][T12281] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  453.301931][T12281] usb 1-1: Product: syz
[  453.306338][T12281] usb 1-1: Manufacturer: syz
[  453.311205][T12281] usb 1-1: SerialNumber: syz
[  454.279969][T12281] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 28 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  455.642943][T12723] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2093'.
[  455.840968][ T5819] usb 1-1: USB disconnect, device number 28
[  455.917307][T12731] random: crng reseeded on system resumption
[  456.017219][ T5819] usblp0: removed
[  458.480603][T12754] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2105'.
[  458.560821][ T5798] Bluetooth: hci3: unexpected event for opcode 0x0c14
[  458.768255][T12760] syzkaller0: entered promiscuous mode
[  458.776237][T12760] syzkaller0: entered allmulticast mode
[  460.164835][T12785] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2117'.
[  460.194459][T12789] overlayfs: failed to clone upperpath
[  462.861916][T12815] syzkaller0: entered promiscuous mode
[  462.867513][T12815] syzkaller0: entered allmulticast mode
[  463.415194][T12827] netlink: 108 bytes leftover after parsing attributes in process `syz.6.2130'.
[  463.576614][T12833] overlayfs: failed to clone upperpath
[  464.619722][T12843] random: crng reseeded on system resumption
[  466.503772][T12854] syzkaller0: entered promiscuous mode
[  466.511711][T12854] syzkaller0: entered allmulticast mode
[  466.926983][T12870] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2145'.
[  466.944139][T12870] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  467.062104][T12870] batman_adv: batadv0: Removing interface: batadv_slave_1
[  468.600762][T12886] random: crng reseeded on system resumption
[  469.933908][T12893] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2155'.
[  470.416236][T12912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2159'.
[  471.958663][T12939] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2170'.
[  471.989468][T12939] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.187180][T12939] batman_adv: batadv0: Removing interface: batadv_slave_1
[  472.237162][T12948] overlayfs: failed to clone upperpath
[  472.779221][T12954] overlayfs: failed to clone upperpath
[  474.886203][T12969] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=4256666564 (8513333128 ns) > initial count (5988996366 ns). Using initial count to start timer.
[  474.904073][    C0] vkms_vblank_simulate: vblank timer overrun
[  475.460474][T12983] overlayfs: failed to clone upperpath
[  477.111463][T13001] virt_wifi0 speed is unknown, defaulting to 1000
[  477.136991][T13001] lo speed is unknown, defaulting to 1000
[  477.748652][ T5858] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  477.950291][ T5858] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[  477.965037][ T5858] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  477.983286][ T5858] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  478.002434][ T5858] usb 7-1: config 220 has no interface number 2
[  478.035837][ T5858] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  478.066792][ T5858] usb 7-1: config 220 interface 0 has no altsetting 0
[  478.079286][ T5858] usb 7-1: config 220 interface 76 has no altsetting 0
[  478.093419][ T5858] usb 7-1: config 220 interface 1 has no altsetting 0
[  478.107495][ T5858] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  478.132030][ T5858] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  478.149343][ T5858] usb 7-1: Product: syz
[  478.154870][ T5858] usb 7-1: Manufacturer: syz
[  478.163758][ T5858] usb 7-1: SerialNumber: syz
[  478.401844][ T5858] usb 7-1: Found UVC 7.01 device syz (8086:0b07)
[  478.420414][ T5858] usb 7-1: No valid video chain found.
[  478.426013][ T5858] usb 7-1: selecting invalid altsetting 0
[  478.449946][ T5858] usb 7-1: selecting invalid altsetting 0
[  478.455749][ T5858] usbtest: probe of 7-1:220.1 failed with error -22
[  478.477207][ T5858] usb 7-1: USB disconnect, device number 8
[  478.926512][T13028] random: crng reseeded on system resumption
[  480.008951][T13036] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2202'.
[  480.123268][T13036] batman_adv: batadv0: Removing interface: batadv_slave_1
[  483.139708][T13083] overlayfs: failed to clone upperpath
[  483.890162][    T8] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[  484.114317][    T8] usb 7-1: config 1 interface 0 has no altsetting 0
[  484.165249][    T8] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  484.176315][    T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.185030][    T8] usb 7-1: Product: syz
[  484.189613][    T8] usb 7-1: Manufacturer: syz
[  484.204365][    T8] usb 7-1: SerialNumber: syz
[  484.731128][T13109] overlayfs: failed to clone upperpath
[  484.748742][ T5875] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  484.904595][    T8] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  484.993179][ T5875] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  485.010207][ T5875] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  485.031988][ T5875] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  485.050065][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  485.058308][ T5875] usb 1-1: Product: syz
[  485.062901][ T5875] usb 1-1: Manufacturer: syz
[  485.067867][ T5875] usb 1-1: SerialNumber: syz
[  485.079431][ T5875] cdc_mbim 1-1:1.0: skipping garbage
[  485.086759][ T5875] usb 1-1: selecting invalid altsetting 1
[  485.519693][ T5875] cdc_mbim 1-1:1.0: failed GET_NTB_PARAMETERS
[  485.551361][ T5875] cdc_mbim 1-1:1.0: bind() failure
[  486.582886][    T8] usb 7-1: USB disconnect, device number 9
[  486.609066][    T8] usblp0: removed
[  486.630454][ T5819] usb 1-1: USB disconnect, device number 29
[  487.908598][T12281] usb 1-1: new full-speed USB device number 30 using dummy_hcd
[  488.427104][T12281] usb 1-1: config 1 interface 0 has no altsetting 0
[  488.544188][T12281] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  488.593430][   T50] Bluetooth: hci2: command 0x0406 tx timeout
[  488.656106][T12281] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  488.666408][T12281] usb 1-1: Product: syz
[  488.671792][T12281] usb 1-1: Manufacturer: syz
[  488.690095][T12281] usb 1-1: SerialNumber: syz
[  489.435322][T12281] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 30 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  491.633995][ T5819] usb 1-1: USB disconnect, device number 30
[  491.689727][ T5819] usblp0: removed
[  493.815868][T13219] tmpfs: Unknown parameter 'grpquota/#/msr'
[  495.361635][T13232] overlayfs: failed to clone upperpath
[  496.572028][   T27] audit: type=1326 audit(1757284634.329:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  496.660679][T13253] random: crng reseeded on system resumption
[  497.414391][   T27] audit: type=1326 audit(1757284634.349:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  497.477364][   T27] audit: type=1326 audit(1757284634.359:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  497.508670][   T27] audit: type=1326 audit(1757284634.359:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ad5d8d550 code=0x7ffc0000
[  497.531667][   T27] audit: type=1326 audit(1757284634.359:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  497.563351][   T27] audit: type=1326 audit(1757284635.129:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  497.598762][   T27] audit: type=1326 audit(1757284635.129:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  497.692971][   T27] audit: type=1326 audit(1757284635.129:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.6.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ad5d8ebe9 code=0x7ffc0000
[  498.304077][ T5819] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[  499.203281][T13267] sched: RT throttling activated
[  500.667590][ T5819] usb 4-1: config 1 interface 0 has no altsetting 0
[  500.697041][ T5819] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  500.712538][ T5819] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.744282][ T5819] usb 4-1: Product: syz
[  500.758866][ T5819] usb 4-1: Manufacturer: syz
[  500.763534][ T5819] usb 4-1: SerialNumber: syz
[  500.822756][ T5819] usb 4-1: can't set config #1, error -71
[  500.851681][ T5819] usb 4-1: USB disconnect, device number 19
[  501.212177][T13283] random: crng reseeded on system resumption
[  501.992563][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  502.747088][T13293] overlayfs: failed to clone upperpath
[  504.010363][T13312] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2294'.
[  504.599772][T13324] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  504.683169][T13325] random: crng reseeded on system resumption
[  504.828661][   T28] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  504.937827][T13327] 9pnet_fd: Insufficient options for proto=fd
[  506.840373][   T28] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  506.862147][   T28] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  506.915884][   T28] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  506.930081][   T28] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.958938][   T28] usb 7-1: Product: syz
[  506.968673][   T28] usb 7-1: Manufacturer: syz
[  506.973762][   T28] usb 7-1: SerialNumber: syz
[  506.991982][   T28] cdc_mbim 7-1:1.0: skipping garbage
[  507.005547][   T28] usb 7-1: selecting invalid altsetting 1
[  507.616801][   T28] cdc_mbim 7-1:1.0: bind() failure
[  507.655365][   T28] usb 7-1: USB disconnect, device number 10
[  507.927599][T13354] virt_wifi0 speed is unknown, defaulting to 1000
[  507.967644][T13354] lo speed is unknown, defaulting to 1000
[  508.169342][T13361] 9pnet_fd: Insufficient options for proto=fd
[  508.758985][T13376] nbd: must specify a size in bytes for the device
[  508.902420][T13380] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  509.581413][T13387] virt_wifi0 speed is unknown, defaulting to 1000
[  509.886802][T13393] 9pnet_fd: Insufficient options for proto=fd
[  510.023861][T13387] lo speed is unknown, defaulting to 1000
[  510.779590][T13401] random: crng reseeded on system resumption
[  511.679697][T13405] syz.6.2325 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  512.352627][T13405] virt_wifi0 speed is unknown, defaulting to 1000
[  512.360634][T13405] lo speed is unknown, defaulting to 1000
[  512.799141][T13411] nbd: must specify a size in bytes for the device
[  512.983368][T13415] overlayfs: failed to clone upperpath
[  517.356032][T13441] random: crng reseeded on system resumption
[  518.532185][T13444] nbd: must specify a size in bytes for the device
[  520.430006][T13478] virt_wifi0 speed is unknown, defaulting to 1000
[  520.438367][T13478] lo speed is unknown, defaulting to 1000
[  520.759941][T13480] can0: slcan on ttyS3.
[  520.769365][T13480] loop7: detected capacity change from 0 to 7
[  520.778627][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  520.787935][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  520.826816][T13482] 
[  520.829194][T13482] ================================================
[  520.835699][T13482] WARNING: lock held when returning to user space!
[  520.842207][T13482] syzkaller #0 Not tainted
[  520.846621][T13482] ------------------------------------------------
[  520.853117][T13482] syz.0.2349/13482 is leaving the kernel with locks still held!
[  520.860745][T13482] 1 lock held by syz.0.2349/13482:
[  520.865855][T13482]  #0: ffff88814228e360 (&lo->lo_mutex){+.+.}-{3:3}, at: loop_set_block_size+0x7c/0x480
[  520.875714][    C1] vkms_vblank_simulate: vblank timer overrun
[  520.876830][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  520.890884][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  520.899078][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  520.908271][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  520.925891][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  520.935106][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  520.943513][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  520.952720][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  520.969770][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  520.978975][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  520.987717][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  520.996889][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  521.004816][T13480] ldm_validate_partition_table(): Disk read failed.
[  521.018647][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  521.027814][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  521.035993][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  521.045196][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  521.053205][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  521.062416][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  521.074200][T13480] Dev loop7: unable to read RDB block 0
[  521.080530][T13480]  loop7: unable to read partition table
[  521.086374][T13480] loop7: partition table beyond EOD, truncated
[  521.092647][T13480] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  521.279552][T13477] can0 (unregistered): slcan off ttyS3.