last executing test programs:

7.463878038s ago: executing program 2 (id=1003):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x7fd, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r5=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x3a, &(0x7f0000000580)={&(0x7f0000000680)=ANY=[@ANYBLOB="8c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000005000128009000100766c616e0000000040000280060001000000000004000480280003800c00010040000000060000000c0001000004000000000000d8fd010006000000090000000600050088a8000008000a00", @ANYRES32=r5, @ANYBLOB="08000500", @ANYRES32=r5], 0x8c}, 0x1, 0xba01, 0x0, 0x4004001}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$kcm(0x2, 0x200000000000001, 0x106)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000002c0)=0x19)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000100)=0x2)
setsockopt$sock_attach_bpf(r7, 0x1, 0x7, &(0x7f0000000040), 0x4)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa7}, 0x30004001)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000001c0)={'xfrm0\x00', &(0x7f0000000140)=@ethtool_gstrings={0x1b, 0x4}})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720a20fef8ffffff71a400fe00000000711010000000000040300200000000004704000001ed00000f030000000000001d44000000000000730a06fe0000000072030000000a0000b500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef77997e344e61482808c02b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)

5.256700849s ago: executing program 0 (id=1011):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000100)=0x4, 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000340)={0xa, 0x4e20, 0x1000, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}, 0x1c)

5.03958512s ago: executing program 2 (id=1012):
openat$pfkey(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

4.987734067s ago: executing program 4 (id=1013):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50)
syz_io_uring_setup(0xb7f, &(0x7f0000000180)={0x0, 0x38ab, 0x80, 0x0, 0x801e6}, &(0x7f0000000340)=<r0=>0x0, &(0x7f0000000600))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x7, 0x0, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xeb7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x6c, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x761, 0xc8f02)
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
pwritev(r5, &(0x7f00000000c0)=[{0x0}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
pwritev2(r5, &(0x7f0000000100)=[{&(0x7f0000000380)}, {&(0x7f0000000480)="a8a90d1bc4094f27e1711de6a70364e44753947cc348d2747aa816c1a960eb380b5349ffcd075335b2725b701d5f03da16e9cf7d56a11cf9771b9ab850d4440f89e7fc477b06d086dc05ee717680fcb28ce12213ba10b7075c087b237b2a48990cc9e537677d0b4a8af3af7cd75c78b67e", 0x71}, {&(0x7f0000000580)="c29d96efe4fd82632576f3a1691abbb4b6774c301fcc5fee84ea123ded062989552ac36aec84ada503cd89c7104864e8d55b4e883e774b5995b0cd7d8f35f83515cd3f28abf1d8f241a4329b8e705ab324a1940f9721cb2bc04f976273a3716510ce", 0x62}, {&(0x7f0000000040)}], 0x4, 0x2, 0x1, 0x10)
sendfile(r4, r4, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x0, 0x3, 0x1}, 0x20)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
io_setup(0x1, &(0x7f0000000b80)=<r6=>0x0)
io_submit(r6, 0x0, &(0x7f0000001d00))
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x8, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000003800)=@newtaction={0x488, 0x30, 0x12f, 0x0, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x4, 0xfea7, 0xfffffffe, 0xffff8000, 0x90, 0x9fd, 0x200002, 0xb8, 0xca2, 0x0, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0xff, 0x7, 0x3, 0x1ff, 0xe5, 0x2f, 0xd, 0x3, 0xa, 0x3, 0xfffffffe, 0x9, 0x11, 0x188, 0x2, 0x3ff, 0x7, 0xd, 0x5, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xcf, 0xbffffffe, 0x8fc, 0x89e0, 0x9, 0x3, 0x9, 0x80000001, 0x6, 0x2, 0x8, 0x800, 0x9, 0x1, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x401, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x1000004, 0x8000, 0x0, 0xb, 0x80, 0x7, 0x5, 0x1, 0x0, 0x5, 0xeb22, 0xf, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400002, 0x10, 0x7, 0xffffffff, 0x10000, 0x5, 0x1, 0x0, 0x1000, 0x6, 0x5, 0x6, 0x5, 0x4, 0x2, 0x5d4, 0x0, 0x10, 0x6, 0x7fff, 0x804, 0xfffffff4, 0x10000, 0x5, 0x8, 0x7, 0x4, 0x89, 0x2, 0xf, 0x100, 0x9, 0xffffa3e0, 0x86b9, 0xff, 0x1, 0x40002, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb7, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x6d0, 0x10000001, 0xc001, 0x100, 0xb, 0x8, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0xfffffffd, 0x4, 0x7, 0x4, 0xb, 0x80, 0x0, 0x5, 0x0, 0x5, 0x7, 0x65, 0x4, 0xfffffa0c, 0x3, 0x0, 0x5, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x3, 0x3, 0x0, 0x6, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0xffffffff, 0x1, 0x723, 0x0, 0x5, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x3, 0xe, 0x2, 0x7f, 0x2, 0x80000002, 0x0, 0x9, 0x1ff, 0xfffffffe, 0x928, 0x4, 0xffffffff, 0x5, 0x6042, 0xb87, 0x6, 0xd8d, 0x55, 0x101, 0x3, 0x64e8, 0x8, 0x82f, 0x772, 0x400080a, 0xffe, 0x6, 0x7fffffff, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x4]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0xa, 0x8, 0x0, 0x7, 0x3, {0x7, 0x2, 0x91, 0x791a, 0x1, 0x2}, {0xa, 0x1, 0x7, 0xb, 0x7}, 0x1, 0x8, 0x8}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3, 0x3}}}}]}]}, 0x488}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x4)
close(r8)
close(0xffffffffffffffff)
socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)="6000000068007f089e", 0x59}, {&(0x7f0000000640)="68cabf2dfb58fc021d6b689866f05d480004fbffffffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae24f89a565ee52dcd729cd39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc36024aa400", 0x57}], 0x2}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="20000000030701020000000000000000050000200900010073797a3000000000"], 0x20}, 0x1, 0x0, 0x0, 0x8040}, 0x10)

4.780581297s ago: executing program 0 (id=1015):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000002300)={@val={0x0, 0x86dd}, @val={0x0, 0x0, 0x12}, @mpls={[], @ipv6=@dccp_packet={0xa, 0x6, "052bc4", 0x10, 0x21, 0x1, @local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[], {{0x4e21, 0x4e24, 0x4, 0x1, 0x7, 0x0, 0x0, 0x5, 0x5, "7f2d6e", 0xb, "1cf7d7"}}}}}}, 0x46)

4.208329053s ago: executing program 4 (id=1017):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000021c0)=0x1, 0x4)
setsockopt(r0, 0x1, 0x10000000000009, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @remote, 0x2}, 0x1c)

4.140109948s ago: executing program 1 (id=1018):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x3, 0x3f}, @jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r3 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001600)={r2, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

4.011975784s ago: executing program 3 (id=1019):
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
gettid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket$unix(0x1, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffa, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd, 0x6, 0x0, 0x0, 0x2, 0x1})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff})
ioctl$int_in(r2, 0x5452, &(0x7f0000000080)=0x8000000ffffffff)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
splice(r2, 0x0, r3, 0x0, 0x7, 0x0)

3.940556344s ago: executing program 2 (id=1020):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000180)=0xffff7b6e, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000000240)=""/25, &(0x7f0000000640)=0x19)

3.37773627s ago: executing program 4 (id=1021):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101005, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6364, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

3.308428391s ago: executing program 1 (id=1022):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x7fd, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r5=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x3a, &(0x7f0000000580)={&(0x7f0000000680)=ANY=[@ANYBLOB="8c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000005000128009000100766c616e0000000040000280060001000000000004000480280003800c00010040000000060000000c0001000004000000000000d8fd010006000000090000000600050088a8000008000a00", @ANYRES32=r5, @ANYBLOB="08000500", @ANYRES32=r5], 0x8c}, 0x1, 0xba01, 0x0, 0x4004001}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000002c0)=0x19)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000100)=0x2)

3.188135545s ago: executing program 0 (id=1023):
r0 = syz_open_dev$usbfs(0x0, 0x204, 0x2581)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0xf, 0x0, 0x0, 0x7995}, 0x10007, 0x0, 0x0, 0x48000000, 0x0, 0x40000000, 0x0})
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4004550c, 0x0)

3.060005514s ago: executing program 2 (id=1024):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_usb_connect$cdc_ncm(0x6, 0xf3, &(0x7f0000000540)=ANY=[], 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r2, 0xffffffffffffffff, 0x100000000000000)

2.688315789s ago: executing program 0 (id=1025):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000100)=0x4, 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000340)={0xa, 0x4e20, 0x1000, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}, 0x1c)

2.588128514s ago: executing program 3 (id=1026):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x6000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x5}, 0x18)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)

2.358068131s ago: executing program 4 (id=1027):
r0 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4000, 0x0, @remote, 0x5}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)

2.341679576s ago: executing program 1 (id=1028):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80002, 0x0)
dup3(r3, r2, 0x80000)

2.101841457s ago: executing program 0 (id=1029):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r0}, 0x18)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x94)
recvmmsg(r1, &(0x7f0000003d40)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.896423332s ago: executing program 3 (id=1030):
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)

1.740208064s ago: executing program 4 (id=1031):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000021c0)=0x1, 0x4)
setsockopt(r0, 0x1, 0x10000000000009, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @remote, 0x2}, 0x1c)

1.706119924s ago: executing program 1 (id=1032):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x3, 0x3f}, @jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r3 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001600)={r2, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

1.412580601s ago: executing program 2 (id=1033):
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f0000000480)={&(0x7f0000000000)={0x2, 0x4e21, @multicast2}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x880}, 0x4000000)

1.202994983s ago: executing program 3 (id=1034):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r2, 0x7}}, 0x48)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x20, 0x10, 0x1, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, 0x60830, 0x44a03}}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)

1.099451098s ago: executing program 4 (id=1035):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r2, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000003c0), 0x4)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd1, 0x0, 0x0)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect={0x4})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000800)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffbf}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, 0x0, 0xec35, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_setup(0x6, &(0x7f0000000540))
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xc, &(0x7f0000000b40)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r5, 0x84, 0x16, 0x0, 0x0)
write$binfmt_misc(r4, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000b80)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESDEC], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001140)=ANY=[@ANYBLOB="5c000000240001052abd7000fedbdf2509000000060003", @ANYBLOB="81d4285da3b339a5fd071be848a327f6ef63f3ac8797fb640b8d99ad759a1c66e1e5353eef0084ecac66a562c9fb92c53f3fef97466e9c4cc952d18541f995a52244f3d7ab99f0f4bfd0ef8d78ea827e03061c4f6b87b834557e5eee70e06311eab0f2f9a21bc8ecab0aa4de623acba0d5916d86f35f873cf29ac7260b496d4fd7391484ba6816fdcdc2d8e3c5b7d8568a6937bd45c8319331f2592d4c7c349e39b50a8cce394bf2199c903134211df0b8425ccbdf83b6f748f2b4255189cae4d8bcea84b31b0d68aeefaa4960daf0af1102b69a9cb40ef365e5f12c49e28c6521b45f0eec72f0c64ffa07f4ba74aaf595274f"], 0x5c}, 0x1, 0x0, 0x0, 0x8880}, 0x800)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r9}, 0x18)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
close(r10)

928.374337ms ago: executing program 1 (id=1036):
r0 = syz_open_dev$usbfs(0x0, 0x204, 0x2581)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0xf, 0x0, 0x0, 0x7995}, 0x10007, 0x0, 0x0, 0x48000000, 0x0, 0x40000000, 0x0})
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4004550c, 0x0)

569.892642ms ago: executing program 2 (id=1037):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)

506.433789ms ago: executing program 3 (id=1038):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x3f)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x19)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

493.580584ms ago: executing program 0 (id=1039):
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1, 0x0, 0x9}, 0x18)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r3}, 0x9)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r4)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r4, @ANYRES16=r3], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000000400000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r6}, 0x18)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x20000023896)
close(r7)
r9 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc)=<r10=>0x0)
timer_settime(r10, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

364.383284ms ago: executing program 1 (id=1040):
ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x4)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r2=>0x0})
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$can_j1939(r3, &(0x7f0000000080)={0x1d, r2, 0x0, {0x0, 0x0, 0x4}}, 0x18)
sendmsg$can_j1939(r3, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x101, 0x70bd25, 0x100000, {0x0, 0x0, 0x74, r2, {0x5, 0xb}, {0x5, 0xfff3}, {0xfff1, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4014}, 0xc4)

0s ago: executing program 3 (id=1041):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x5, &(0x7f0000001cc0)=0x7699c824, 0x4)

kernel console output (not intermixed with test programs):

itmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  544.924079][ T8304]   allowing incompatible features above 0.0: (unknown version)
[  544.924214][ T8304]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  544.970120][ T8304] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  544.978710][ T8304] bcachefs (loop1): initializing new filesystem
[  545.001535][ T8304] bcachefs (loop1): going read-write
[  545.039240][ T8304] bcachefs (loop1): marking superblocks
[  545.091869][ T8304] bcachefs (loop1): initializing freespace
[  545.128651][ T8294] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  545.132605][ T8304] bcachefs (loop1): done initializing freespace
[  545.156390][ T8304] bcachefs (loop1): reading snapshots table
[  545.162716][ T8304] bcachefs (loop1): reading snapshots done
[  545.390464][ T8304] bcachefs (loop1): done starting filesystem
[  545.474661][ T8310] tmpfs: Bad value for 'huge'
[  545.525074][ T5825] syz-executor: attempt to access beyond end of device
[  545.525074][ T5825] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  545.540584][ T5825] CPU: 1 UID: 0 PID: 5825 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  545.540762][ T5825] Tainted: [W]=WARN
[  545.540813][ T5825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  545.540896][ T5825] Call Trace:
[  545.540950][ T5825]  <TASK>
[  545.541000][ T5825]  __dump_stack+0x26/0x30
[  545.541175][ T5825]  dump_stack_lvl+0x1df/0x270
[  545.541356][ T5825]  dump_stack+0x1e/0x25
[  545.541526][ T5825]  f2fs_handle_critical_error+0xa6f/0xc20
[  545.541768][ T5825]  f2fs_stop_checkpoint+0x65/0x80
[  545.541966][ T5825]  f2fs_write_end_io+0x101c/0x1bc0
[  545.542208][ T5825]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  545.542431][ T5825]  bio_endio+0xe24/0xf80
[  545.542594][ T5825]  submit_bio_noacct+0x214/0x2710
[  545.542802][ T5825]  submit_bio+0x57c/0x630
[  545.542974][ T5825]  f2fs_submit_write_bio+0x92/0x250
[  545.543161][ T5825]  __submit_merged_bio+0x16f/0x6a0
[  545.543347][ T5825]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  545.543517][ T5825]  __submit_merged_write_cond+0x458/0x9a0
[  545.543721][ T5825]  f2fs_write_data_pages+0x4bb2/0x5480
[  545.544037][ T5825]  ? __msan_warning+0x1b/0x30
[  545.544198][ T5825]  ? filter_irq_stacks+0x13f/0x190
[  545.544398][ T5825]  ? kmsan_get_metadata+0xfb/0x160
[  545.544557][ T5825]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  545.544723][ T5825]  ? kmsan_get_metadata+0xfb/0x160
[  545.544881][ T5825]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  545.545061][ T5825]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  545.545218][ T5825]  ? kmsan_get_metadata+0xfb/0x160
[  545.545376][ T5825]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  545.545549][ T5825]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  545.545748][ T5825]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  545.545958][ T5825]  do_writepages+0x3f2/0x860
[  545.546119][ T5825]  ? _raw_spin_unlock+0x30/0x50
[  545.546266][ T5825]  ? wbc_attach_and_unlock_inode+0x131/0x680
[  545.546502][ T5825]  filemap_fdatawrite+0x207/0x260
[  545.546765][ T5825]  f2fs_sync_dirty_inodes+0x2ab/0x9e0
[  545.546955][ T5825]  f2fs_write_checkpoint+0xfe2/0x2b00
[  545.547248][ T5825]  kill_f2fs_super+0x2ff/0x970
[  545.547423][ T5825]  ? __pfx_kill_f2fs_super+0x10/0x10
[  545.547578][ T5825]  deactivate_locked_super+0xcb/0x3c0
[  545.547761][ T5825]  deactivate_super+0x12f/0x140
[  545.547918][ T5825]  cleanup_mnt+0x6fb/0x780
[  545.548107][ T5825]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  545.548288][ T5825]  ? __pfx___cleanup_mnt+0x10/0x10
[  545.548493][ T5825]  __cleanup_mnt+0x22/0x30
[  545.548681][ T5825]  task_work_run+0x206/0x2b0
[  545.548867][ T5825]  exit_to_user_mode_loop+0x2a6/0x330
[  545.549040][ T5825]  do_syscall_64+0x1e3/0x210
[  545.549210][ T5825]  ? irqentry_exit+0x16/0x60
[  545.549419][ T5825]  ? clear_bhb_loop+0x40/0x90
[  545.549621][ T5825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.549765][ T5825] RIP: 0033:0x7f26db38ff17
[  545.549862][ T5825] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  545.549996][ T5825] RSP: 002b:00007ffc491fab18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  545.550130][ T5825] RAX: 0000000000000000 RBX: 00007f26db411c05 RCX: 00007f26db38ff17
[  545.550226][ T5825] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc491fabd0
[  545.550313][ T5825] RBP: 00007ffc491fabd0 R08: 0000000000000000 R09: 0000000000000000
[  545.550404][ T5825] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc491fbc60
[  545.550504][ T5825] R13: 00007f26db411c05 R14: 0000000000084fed R15: 00007ffc491fbca0
[  545.550636][ T5825]  </TASK>
[  545.902537][ T5825] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  546.885342][ T5823] bcachefs (loop1): shutting down
[  546.890590][ T5823] bcachefs (loop1): going read-only
[  547.029817][ T5823] bcachefs (loop1): finished waiting for writes to stop
[  547.088181][ T3555] ntfs3(loop3): ino=9, ntfs3_write_inode failed, -22.
[  547.152999][ T5810] ntfs3(loop3): ino=9, ntfs_sync_fs failed, -22.
[  547.303283][ T5823] bcachefs (loop1): flushing journal and stopping allocators, journal seq 4
[  547.872489][ T5823] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 5
[  547.917575][ T8326] FAULT_INJECTION: forcing a failure.
[  547.917575][ T8326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  547.932021][ T8326] CPU: 0 UID: 0 PID: 8326 Comm: syz.0.595 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  547.932206][ T8326] Tainted: [W]=WARN
[  547.932259][ T8326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  547.932346][ T8326] Call Trace:
[  547.932394][ T8326]  <TASK>
[  547.932448][ T8326]  __dump_stack+0x26/0x30
[  547.932625][ T8326]  dump_stack_lvl+0x1df/0x270
[  547.932807][ T8326]  dump_stack+0x1e/0x25
[  547.932970][ T8326]  should_fail_ex+0x7dc/0x8a0
[  547.933203][ T8326]  should_fail+0x2a/0x40
[  547.933396][ T8326]  should_fail_usercopy+0x2e/0x40
[  547.933542][ T8326]  _copy_to_iter+0x1d9/0x33f0
[  547.933736][ T8326]  ? seq_write+0x17a/0x1f0
[  547.933894][ T8326]  ? kmsan_get_metadata+0xfb/0x160
[  547.934064][ T8326]  ? kmsan_get_metadata+0xfb/0x160
[  547.934228][ T8326]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  547.934397][ T8326]  ? kmsan_get_metadata+0xfb/0x160
[  547.934577][ T8326]  seq_read_iter+0x1cb4/0x2200
[  547.934764][ T8326]  vfs_read+0x8ea/0xf90
[  547.934935][ T8326]  ? __pfx_seq_read_iter+0x10/0x10
[  547.935097][ T8326]  __x64_sys_read+0x1fb/0x4d0
[  547.935282][ T8326]  x64_sys_call+0x2f9c/0x3e20
[  547.935508][ T8326]  do_syscall_64+0xd9/0x210
[  547.935687][ T8326]  ? irqentry_exit+0x16/0x60
[  547.935844][ T8326]  ? clear_bhb_loop+0x40/0x90
[  547.936004][ T8326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.936159][ T8326] RIP: 0033:0x7f7d4f58ebe9
[  547.936268][ T8326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  547.936399][ T8326] RSP: 002b:00007f7d5032c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  547.936535][ T8326] RAX: ffffffffffffffda RBX: 00007f7d4f7b5fa0 RCX: 00007f7d4f58ebe9
[  547.936644][ T8326] RDX: 000000000000ff2c RSI: 0000200000000980 RDI: 0000000000000003
[  547.936739][ T8326] RBP: 00007f7d5032c090 R08: 0000000000000000 R09: 0000000000000000
[  547.936823][ T8326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  547.936909][ T8326] R13: 00007f7d4f7b6038 R14: 00007f7d4f7b5fa0 R15: 00007ffea4061e88
[  547.937129][ T8326]  </TASK>
[  548.313416][ T5823] bcachefs (loop1): clean shutdown complete, journal seq 6
[  548.323666][ T5823] bcachefs (loop1): marking filesystem clean
[  548.611101][ T5823] bcachefs (loop1): shutdown complete
[  548.718837][ T8328] loop4: detected capacity change from 0 to 16
[  548.936334][ T8328] erofs (device loop4): unidentified incompatible feature 78a00, please upgrade kernel
[  548.989265][ T8332] overlay: ./file0 is not a directory
[  549.344410][ T5866] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  549.564373][ T5866] usb 1-1: device descriptor read/64, error -71
[  549.727494][ T8336] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.737902][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.747329][ T8336] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.834936][ T5866] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  549.994342][ T5866] usb 1-1: device descriptor read/64, error -71
[  550.110221][ T5866] usb usb1-port1: attempt power cycle
[  550.663895][ T5866] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  550.784409][ T5866] usb 1-1: device descriptor read/8, error -71
[  550.862946][ T8341] loop2: detected capacity change from 0 to 512
[  550.959672][ T8341] EXT4-fs: Ignoring removed mblk_io_submit option
[  551.017740][ T8341] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  551.030475][ T8341] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (1846!=33349)
[  551.042794][ T8341] EXT4-fs (loop2): group descriptors corrupted!
[  551.064346][ T5866] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  551.116847][ T5866] usb 1-1: device descriptor read/8, error -71
[  551.194898][ T8344] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  551.205485][ T8344] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  551.235486][ T5866] usb usb1-port1: unable to enumerate USB device
[  551.356088][ T8344] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  551.370150][ T8344] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  551.434472][ T5873] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  551.472661][ T8348] netlink: 'syz.4.602': attribute type 1 has an invalid length.
[  551.604895][ T5873] usb 5-1: device descriptor read/64, error -71
[  551.654530][ T8348] 8021q: adding VLAN 0 to HW filter on device bond1
[  551.894292][ T5873] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  551.936534][ T8352] comedi comedi3: das16m1: I/O port conflict (0x1,16)
[  552.876312][ T8355] netlink: 4 bytes leftover after parsing attributes in process `syz.0.605'.
[  553.183586][ T8357] netlink: 44 bytes leftover after parsing attributes in process `syz.0.605'.
[  553.193482][ T8357] netlink: 44 bytes leftover after parsing attributes in process `syz.0.605'.
[  553.680262][ T8356] loop2: detected capacity change from 0 to 40427
[  553.712052][ T8356] F2FS-fs (loop2): build fault injection rate: 14
[  553.722910][ T8356] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[  553.746714][ T8356] F2FS-fs (loop2): invalid crc value
[  553.774593][    C0] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of bio_endio+0xe24/0xf80
[  553.793061][    C1] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of bio_endio+0xe24/0xf80
[  554.160949][ T8356] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  554.170576][ T8356] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_get_tmp_folio+0x38/0x50
[  554.214625][ T8356] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  554.255380][ T8356] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x831/0x19b0
[  554.425343][ T8366] F2FS-fs (loop2): inject dquot initialize in f2fs_dquot_initialize of f2fs_convert_inline_inode+0x7f8/0x1360
[  554.657482][ T8360] loop4: detected capacity change from 0 to 32768
[  554.913331][ T8360] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  554.913503][ T8360]   allowing incompatible features above 0.0: (unknown version)
[  554.913598][ T8360]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  554.967572][ T8360] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  554.976130][ T8360] bcachefs (loop4): initializing new filesystem
[  554.997202][ T8360] bcachefs (loop4): going read-write
[  555.036879][ T8360] bcachefs (loop4): marking superblocks
[  555.098629][ T8360] bcachefs (loop4): initializing freespace
[  555.128635][ T8360] bcachefs (loop4): done initializing freespace
[  555.159730][ T8360] bcachefs (loop4): reading snapshots table
[  555.168093][ T8360] bcachefs (loop4): reading snapshots done
[  555.212932][ T8337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  555.224561][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  555.337424][ T8360] bcachefs (loop4): done starting filesystem
[  555.371694][ T8337] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  555.600941][ T5816] bcachefs (loop4): shutting down
[  555.606334][ T5816] bcachefs (loop4): going read-only
[  555.611753][ T5816] bcachefs (loop4): finished waiting for writes to stop
[  555.621232][ T8374] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x831/0x19b0
[  555.723389][ T8381] tmpfs: Bad value for 'huge'
[  555.902893][ T5816] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  556.649925][ T8385] loop1: detected capacity change from 0 to 32768
[  556.681567][ T5825] F2FS-fs (loop2): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0x129f/0x2fc0
[  556.697866][ T5825] F2FS-fs (loop2): inconsistent node block, node_type:0, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[  556.799321][ T8387] loop3: detected capacity change from 0 to 4096
[  556.817312][ T5816] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 4
[  556.846679][    C0] F2FS-fs (loop2): inject write IO error in f2fs_write_end_io of bio_endio+0xe24/0xf80
[  556.847999][ T5816] bcachefs (loop4): clean shutdown complete, journal seq 5
[  556.856886][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  556.857069][    C0] Tainted: [W]=WARN
[  556.857119][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  556.857213][    C0] Call Trace:
[  556.857284][    C0]  <TASK>
[  556.857343][    C0]  __dump_stack+0x26/0x30
[  556.857544][    C0]  dump_stack_lvl+0x1df/0x270
[  556.857772][    C0]  dump_stack+0x1e/0x25
[  556.857959][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  556.858239][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  556.858470][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  556.858759][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  556.858989][    C0]  bio_endio+0xe24/0xf80
[  556.859164][    C0]  blk_update_request+0xf4c/0x1a90
[  556.859453][    C0]  blk_mq_end_request+0x50/0xb0
[  556.859689][    C0]  lo_complete_rq+0x188/0x3a0
[  556.859871][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  556.860052][    C0]  blk_done_softirq+0x10f/0x1f0
[  556.860251][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  556.860450][    C0]  handle_softirqs+0x166/0x6e0
[  556.860635][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  556.860813][    C0]  run_ksoftirqd+0x29/0x50
[  556.860985][    C0]  smpboot_thread_fn+0x569/0xa30
[  556.861245][    C0]  kthread+0xd59/0xf00
[  556.861400][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  556.861647][    C0]  ? __pfx_kthread+0x10/0x10
[  556.861808][    C0]  ret_from_fork+0x1e3/0x310
[  556.861966][    C0]  ? __pfx_kthread+0x10/0x10
[  556.862125][    C0]  ret_from_fork_asm+0x1a/0x30
[  556.862366][    C0]  </TASK>
[  556.862425][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  557.025598][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  557.025802][    C0] Tainted: [W]=WARN
[  557.025854][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  557.025938][    C0] Call Trace:
[  557.025992][    C0]  <TASK>
[  557.026046][    C0]  __dump_stack+0x26/0x30
[  557.026235][    C0]  dump_stack_lvl+0x1df/0x270
[  557.026421][    C0]  dump_stack+0x1e/0x25
[  557.026586][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  557.026834][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  557.027046][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  557.027292][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  557.027504][    C0]  bio_endio+0xe24/0xf80
[  557.027681][    C0]  blk_update_request+0xf4c/0x1a90
[  557.027938][    C0]  blk_mq_end_request+0x50/0xb0
[  557.028134][    C0]  lo_complete_rq+0x188/0x3a0
[  557.028294][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  557.028455][    C0]  blk_done_softirq+0x10f/0x1f0
[  557.028673][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  557.028860][    C0]  handle_softirqs+0x166/0x6e0
[  557.029028][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  557.029189][    C0]  run_ksoftirqd+0x29/0x50
[  557.029340][    C0]  smpboot_thread_fn+0x569/0xa30
[  557.029568][    C0]  kthread+0xd59/0xf00
[  557.029706][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  557.029921][    C0]  ? __pfx_kthread+0x10/0x10
[  557.030086][    C0]  ret_from_fork+0x1e3/0x310
[  557.030232][    C0]  ? __pfx_kthread+0x10/0x10
[  557.030384][    C0]  ret_from_fork_asm+0x1a/0x30
[  557.030624][    C0]  </TASK>
[  557.030681][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  557.079558][ T5816] bcachefs (loop4): marking filesystem clean
[  557.081852][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  557.082031][    C0] Tainted: [W]=WARN
[  557.082093][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  557.082192][    C0] Call Trace:
[  557.082253][    C0]  <TASK>
[  557.082312][    C0]  __dump_stack+0x26/0x30
[  557.082533][    C0]  dump_stack_lvl+0x1df/0x270
[  557.082745][    C0]  dump_stack+0x1e/0x25
[  557.082930][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  557.083264][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  557.083502][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  557.083796][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  557.084026][    C0]  bio_endio+0xe24/0xf80
[  557.084198][    C0]  blk_update_request+0xf4c/0x1a90
[  557.084487][    C0]  blk_mq_end_request+0x50/0xb0
[  557.084720][    C0]  lo_complete_rq+0x188/0x3a0
[  557.084906][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  557.085096][    C0]  blk_done_softirq+0x10f/0x1f0
[  557.085300][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  557.085512][    C0]  handle_softirqs+0x166/0x6e0
[  557.085710][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  557.085890][    C0]  run_ksoftirqd+0x29/0x50
[  557.086067][    C0]  smpboot_thread_fn+0x569/0xa30
[  557.086324][    C0]  kthread+0xd59/0xf00
[  557.086486][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  557.086738][    C0]  ? __pfx_kthread+0x10/0x10
[  557.086911][    C0]  ret_from_fork+0x1e3/0x310
[  557.087091][    C0]  ? __pfx_kthread+0x10/0x10
[  557.087226][    C0]  ret_from_fork_asm+0x1a/0x30
[  557.087449][    C0]  </TASK>
[  557.087647][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  557.358936][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  557.359119][    C0] Tainted: [W]=WARN
[  557.359185][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  557.359272][    C0] Call Trace:
[  557.359338][    C0]  <TASK>
[  557.359387][    C0]  __dump_stack+0x26/0x30
[  557.359572][    C0]  dump_stack_lvl+0x1df/0x270
[  557.359759][    C0]  dump_stack+0x1e/0x25
[  557.359920][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  557.360160][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  557.360356][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  557.360624][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  557.360840][    C0]  bio_endio+0xe24/0xf80
[  557.360998][    C0]  blk_update_request+0xf4c/0x1a90
[  557.361248][    C0]  blk_mq_end_request+0x50/0xb0
[  557.361473][    C0]  lo_complete_rq+0x188/0x3a0
[  557.361633][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  557.361791][    C0]  blk_done_softirq+0x10f/0x1f0
[  557.361965][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  557.362139][    C0]  handle_softirqs+0x166/0x6e0
[  557.362310][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  557.362484][    C0]  run_ksoftirqd+0x29/0x50
[  557.362634][    C0]  smpboot_thread_fn+0x569/0xa30
[  557.362858][    C0]  kthread+0xd59/0xf00
[  557.363002][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  557.363266][    C0]  ? __pfx_kthread+0x10/0x10
[  557.363419][    C0]  ret_from_fork+0x1e3/0x310
[  557.363573][    C0]  ? __pfx_kthread+0x10/0x10
[  557.363736][    C0]  ret_from_fork_asm+0x1a/0x30
[  557.363952][    C0]  </TASK>
[  557.516308][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  557.523478][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  557.523669][    C0] Tainted: [W]=WARN
[  557.523717][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  557.523800][    C0] Call Trace:
[  557.523849][    C0]  <TASK>
[  557.523900][    C0]  __dump_stack+0x26/0x30
[  557.524082][    C0]  dump_stack_lvl+0x1df/0x270
[  557.524269][    C0]  dump_stack+0x1e/0x25
[  557.524436][    C0]  f2fs_handle_critical_error+0xa6f/0xc20
[  557.524674][    C0]  f2fs_stop_checkpoint+0x65/0x80
[  557.524887][    C0]  f2fs_write_end_io+0x101c/0x1bc0
[  557.525126][    C0]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  557.525318][    C0]  bio_endio+0xe24/0xf80
[  557.525478][    C0]  blk_update_request+0xf4c/0x1a90
[  557.525740][    C0]  blk_mq_end_request+0x50/0xb0
[  557.525949][    C0]  lo_complete_rq+0x188/0x3a0
[  557.526114][    C0]  ? __pfx_lo_complete_rq+0x10/0x10
[  557.526284][    C0]  blk_done_softirq+0x10f/0x1f0
[  557.526476][    C0]  ? __pfx_blk_done_softirq+0x10/0x10
[  557.526666][    C0]  handle_softirqs+0x166/0x6e0
[  557.526841][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  557.527009][    C0]  run_ksoftirqd+0x29/0x50
[  557.527172][    C0]  smpboot_thread_fn+0x569/0xa30
[  557.527402][    C0]  kthread+0xd59/0xf00
[  557.527554][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  557.527775][    C0]  ? __pfx_kthread+0x10/0x10
[  557.527917][    C0]  ret_from_fork+0x1e3/0x310
[  557.528054][    C0]  ? __pfx_kthread+0x10/0x10
[  557.528183][    C0]  ret_from_fork_asm+0x1a/0x30
[  557.528375][    C0]  </TASK>
[  557.680516][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  557.716823][ T5825] F2FS-fs (loop2): do_checkpoint failed err:-5, stop checkpoint
[  557.765033][ T5816] bcachefs (loop4): shutdown complete
[  558.310873][ T8389] loop0: detected capacity change from 0 to 1024
[  558.463129][ T8389] EXT4-fs: Ignoring removed bh option
[  558.515940][ T8387] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  558.800726][ T8389] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  559.338515][ T8391] loop1: detected capacity change from 0 to 32768
[  559.425013][ T8391] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,wide_macs,recovery_pass_last=snapshots_read,noexcl,read_only
[  559.425158][ T8391]   allowing incompatible features above 0.0: (unknown version)
[  559.425251][ T8391]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  559.473854][ T8391] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  559.483052][ T8391] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  559.492796][ T8391] bcachefs (loop1): Version upgrade required:
[  559.492796][ T8391] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  559.492796][ T8391] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  559.492796][ T8391]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  559.641794][ T8391] bcachefs (loop1): btree node read error at btree freespace level 0/0
[  559.641903][ T8391]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0
[  559.642018][ T8391]   loop1 node offset 16/32 bset u64s 13: checksum error, type none: got  should be 
[  559.642106][ T8391]   loop1 btree validate error
[  559.642173][ T8391]   flagging btree freespace lost data
[  559.642246][ T8391]   running recovery pass check_topology (2), currently at recovery_pass_empty (0)
[  559.642332][ T8391]   ret fsck_errors_not_fixed
[  559.709459][ T8391] bcachefs (loop1): error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[  559.732635][ T8391] bcachefs (loop1): check_topology... done
[  559.747870][ T8391] bcachefs (loop1): accounting_read... done
[  559.830079][ T8391] bcachefs (loop1): alloc_read... done
[  559.843428][ T8391] bcachefs (loop1): snapshots_read... done
[  559.868995][ T8391] bcachefs (loop1): Fixed errors, running fsck a second time to verify fs is clean
[  559.920764][ T8391] bcachefs (loop1): done starting filesystem
[  559.922910][ T3698] ntfs3(loop3): ino=9, ntfs3_write_inode failed, -22.
[  559.949555][ T8391] FAULT_INJECTION: forcing a failure.
[  559.949555][ T8391] name failslab, interval 1, probability 0, space 0, times 0
[  559.966410][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  559.981412][ T8391] CPU: 0 UID: 0 PID: 8391 Comm: syz.1.612 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  559.981586][ T8391] Tainted: [W]=WARN
[  559.981640][ T8391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  559.981728][ T8391] Call Trace:
[  559.981777][ T8391]  <TASK>
[  559.981827][ T8391]  __dump_stack+0x26/0x30
[  559.982013][ T8391]  dump_stack_lvl+0x1df/0x270
[  559.982191][ T8391]  dump_stack+0x1e/0x25
[  559.982351][ T8391]  should_fail_ex+0x7dc/0x8a0
[  559.982564][ T8391]  should_failslab+0x15b/0x200
[  559.982750][ T8391]  __kmalloc_node_track_caller_noprof+0x187/0x12f0
[  559.982996][ T8391]  ? bch2_prt_printf+0x898/0xc90
[  559.983174][ T8391]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  559.983355][ T8391]  ? kmsan_get_metadata+0xfb/0x160
[  559.983520][ T8391]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  559.983708][ T8391]  krealloc_noprof+0x268/0xde0
[  559.983911][ T8391]  bch2_prt_printf+0x898/0xc90
[  559.984107][ T8391]  ? kmsan_get_metadata+0xfb/0x160
[  559.984316][ T8391]  ? kmsan_get_metadata+0xfb/0x160
[  559.984481][ T8391]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  559.984664][ T8391]  bch2_opt_to_text+0x10e/0x5a0
[  559.984840][ T8391]  bch2_opts_to_text+0x62a/0x790
[  559.985056][ T8391]  bch2_show_options+0x155/0x460
[  559.985302][ T8391]  ? __pfx_bch2_show_options+0x10/0x10
[  559.985474][ T8391]  show_vfsmnt+0x8ca/0x970
[  559.985634][ T8391]  ? __pfx_show_vfsmnt+0x10/0x10
[  559.985774][ T8391]  m_show+0x66/0x80
[  559.985915][ T8391]  ? __pfx_m_show+0x10/0x10
[  559.986047][ T8391]  seq_read_iter+0x1736/0x2200
[  559.986238][ T8391]  vfs_read+0x8ea/0xf90
[  559.986407][ T8391]  ? __pfx_seq_read_iter+0x10/0x10
[  559.986571][ T8391]  __x64_sys_read+0x1fb/0x4d0
[  559.986755][ T8391]  x64_sys_call+0x2f9c/0x3e20
[  559.986953][ T8391]  do_syscall_64+0xd9/0x210
[  559.987140][ T8391]  ? irqentry_exit+0x16/0x60
[  559.987294][ T8391]  ? clear_bhb_loop+0x40/0x90
[  559.987455][ T8391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.987615][ T8391] RIP: 0033:0x7f5a1b78ebe9
[  559.987728][ T8391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  559.987856][ T8391] RSP: 002b:00007f5a1c5f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  559.988003][ T8391] RAX: ffffffffffffffda RBX: 00007f5a1b9b5fa0 RCX: 00007f5a1b78ebe9
[  559.988108][ T8391] RDX: 000000000000ff2c RSI: 0000200000000980 RDI: 0000000000000004
[  559.988213][ T8391] RBP: 00007f5a1c5f7090 R08: 0000000000000000 R09: 0000000000000000
[  559.988302][ T8391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  559.988388][ T8391] R13: 00007f5a1b9b6038 R14: 00007f5a1b9b5fa0 R15: 00007ffde765f998
[  559.988520][ T8391]  </TASK>
[  560.015839][ T5810] ntfs3(loop3): ino=9, ntfs_sync_fs failed, -22.
[  560.289869][ T5823] bcachefs (loop1): shutting down
[  560.549680][ T5823] bcachefs (loop1): shutdown complete
[  561.250208][ T8400] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  562.126734][ T8406] sctp: [Deprecated]: syz.0.617 (pid 8406) Use of int in maxseg socket option.
[  562.126734][ T8406] Use struct sctp_assoc_value instead
[  562.141478][ T8406] FAULT_INJECTION: forcing a failure.
[  562.141478][ T8406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  562.155436][ T8406] CPU: 0 UID: 0 PID: 8406 Comm: syz.0.617 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  562.155625][ T8406] Tainted: [W]=WARN
[  562.155682][ T8406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  562.155763][ T8406] Call Trace:
[  562.155816][ T8406]  <TASK>
[  562.155871][ T8406]  __dump_stack+0x26/0x30
[  562.156066][ T8406]  dump_stack_lvl+0x1df/0x270
[  562.156255][ T8406]  dump_stack+0x1e/0x25
[  562.156424][ T8406]  should_fail_ex+0x7dc/0x8a0
[  562.156665][ T8406]  should_fail+0x2a/0x40
[  562.156840][ T8406]  should_fail_usercopy+0x2e/0x40
[  562.156992][ T8406]  _copy_to_user+0x35/0x120
[  562.157143][ T8406]  simple_read_from_buffer+0x1b2/0x340
[  562.157337][ T8406]  proc_fail_nth_read+0x1e0/0x2d0
[  562.157508][ T8406]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  562.157667][ T8406]  vfs_read+0x279/0xf90
[  562.157821][ T8406]  ? stack_depot_save_flags+0x35/0x7b0
[  562.158025][ T8406]  ? kmsan_get_metadata+0xfb/0x160
[  562.158193][ T8406]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  562.158365][ T8406]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  562.158553][ T8406]  __x64_sys_read+0x1fb/0x4d0
[  562.158750][ T8406]  x64_sys_call+0x2f9c/0x3e20
[  562.158952][ T8406]  do_syscall_64+0xd9/0x210
[  562.159149][ T8406]  ? irqentry_exit+0x16/0x60
[  562.159310][ T8406]  ? clear_bhb_loop+0x40/0x90
[  562.159470][ T8406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.159625][ T8406] RIP: 0033:0x7f7d4f58d5fc
[  562.159733][ T8406] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  562.159857][ T8406] RSP: 002b:00007f7d5032c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  562.159999][ T8406] RAX: ffffffffffffffda RBX: 00007f7d4f7b5fa0 RCX: 00007f7d4f58d5fc
[  562.160103][ T8406] RDX: 000000000000000f RSI: 00007f7d5032c0a0 RDI: 0000000000000004
[  562.160193][ T8406] RBP: 00007f7d5032c090 R08: 0000000000000000 R09: 0000000000000000
[  562.160281][ T8406] R10: 9999999999999999 R11: 0000000000000246 R12: 0000000000000001
[  562.160371][ T8406] R13: 00007f7d4f7b6038 R14: 00007f7d4f7b5fa0 R15: 00007ffea4061e88
[  562.160506][ T8406]  </TASK>
[  562.723364][ T8410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  562.733875][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  562.747808][ T8410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  562.814192][ T5873] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  563.084679][ T5873] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  563.095277][ T5873] usb 2-1: config 0 interface 0 has no altsetting 0
[  563.253589][ T5873] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  563.263602][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  563.272196][ T5873] usb 2-1: Product: syz
[  563.276685][ T5873] usb 2-1: Manufacturer: syz
[  563.281504][ T5873] usb 2-1: SerialNumber: syz
[  563.687045][ T8413] loop0: detected capacity change from 0 to 32768
[  563.797785][ T5873] usb 2-1: config 0 descriptor??
[  563.834984][ T5873] usb 2-1: selecting invalid altsetting 0
[  563.968974][ T8413] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  563.969146][ T8413]   allowing incompatible features above 0.0: (unknown version)
[  563.969240][ T8413]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  564.015073][ T8413] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  564.023514][ T8413] bcachefs (loop0): initializing new filesystem
[  564.044022][ T8413] bcachefs (loop0): going read-write
[  564.078655][ T8413] bcachefs (loop0): marking superblocks
[  564.132208][ T8413] bcachefs (loop0): initializing freespace
[  564.165680][ T8413] bcachefs (loop0): done initializing freespace
[  564.186756][ T8413] bcachefs (loop0): reading snapshots table
[  564.193098][ T8413] bcachefs (loop0): reading snapshots done
[  564.208122][ T5873] usb 2-1: USB disconnect, device number 18
[  564.351636][ T8413] bcachefs (loop0): done starting filesystem
[  564.565397][ T5809] bcachefs (loop0): shutting down
[  564.577219][ T5809] bcachefs (loop0): going read-only
[  564.582685][ T5809] bcachefs (loop0): finished waiting for writes to stop
[  564.721997][ T5809] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[  564.731868][ T6013] udevd[6013]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  565.262193][ T5809] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[  565.474951][ T5809] bcachefs (loop0): clean shutdown complete, journal seq 4
[  565.657258][ T5809] bcachefs (loop0): marking filesystem clean
[  565.851853][ T8432] comedi comedi3: das16m1: I/O port conflict (0x1,16)
[  565.908811][ T5809] bcachefs (loop0): shutdown complete
[  566.095274][ T8410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  566.114155][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  566.166871][ T8410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  566.934800][   T24] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  567.141029][   T24] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  567.150599][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.251128][   T24] usb 2-1: config 0 descriptor??
[  567.299602][ T8440] loop3: detected capacity change from 0 to 512
[  567.306980][   T24] cp210x 2-1:0.0: cp210x converter detected
[  567.372511][ T8440] EXT4-fs (loop3): unsupported inode size: 0
[  567.378922][ T8440] EXT4-fs (loop3): blocksize: 1024
[  567.637469][ T8444] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  567.685518][ T8442] loop2: detected capacity change from 0 to 8
[  567.718452][   T24] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  567.725139][ T8442] SQUASHFS error: lzo decompression failed, data probably corrupt
[  567.725291][ T8442] SQUASHFS error: Failed to read block 0x91: -5
[  567.725368][ T8442] SQUASHFS error: Unable to read metadata cache entry [8f]
[  567.725444][ T8442] SQUASHFS error: Unable to read inode 0x11f
[  567.782253][   T24] usb 2-1: cp210x converter now attached to ttyUSB0
[  567.852776][ T8442] loop2: detected capacity change from 0 to 1024
[  567.961272][ T8442] hfsplus: request for non-existent node 3 in B*Tree
[  567.968479][ T8442] hfsplus: request for non-existent node 3 in B*Tree
[  567.994474][ T8437] netlink: 12 bytes leftover after parsing attributes in process `syz.1.625'.
[  568.067648][ T3734] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  568.087257][ T8437] netlink: 12 bytes leftover after parsing attributes in process `syz.1.625'.
[  568.100621][ T3734] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  568.173359][ T3734] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  568.183074][ T5873] usb 2-1: USB disconnect, device number 19
[  568.226389][ T5873] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  568.253152][ T3734] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  568.284250][ T5884] usb 3-1: new full-speed USB device number 12 using dummy_hcd
[  568.316851][ T5873] cp210x 2-1:0.0: device disconnected
[  568.480503][ T5884] usb 3-1: unable to get BOS descriptor or descriptor too short
[  568.516959][ T5884] usb 3-1: not running at top speed; connect to a high speed hub
[  568.556786][ T5884] usb 3-1: config 14 has an invalid interface number: 18 but max is 0
[  568.571609][ T5884] usb 3-1: config 14 has no interface number 0
[  568.580299][ T5884] usb 3-1: config 14 interface 18 has no altsetting 0
[  568.687340][ T5884] usb 3-1: New USB device found, idVendor=3980, idProduct=0003, bcdDevice=de.62
[  568.696969][ T5884] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  568.705471][ T5884] usb 3-1: Product: syz
[  568.709836][ T5884] usb 3-1: Manufacturer: syz
[  568.714797][ T5884] usb 3-1: SerialNumber: syz
[  569.084534][ T3082] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  569.153074][ T8442] sctp: [Deprecated]: syz.2.628 (pid 8442) Use of int in maxseg socket option.
[  569.153074][ T8442] Use struct sctp_assoc_value instead
[  569.198139][ T5884] rtl8150 3-1:14.18: couldn't find required endpoints
[  569.206189][ T5884] rtl8150 3-1:14.18: probe with driver rtl8150 failed with error -5
[  569.331574][ T5884] usb 3-1: USB disconnect, device number 12
[  569.349790][ T3082] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  569.362516][ T3082] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  569.372918][ T3082] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  569.388848][ T3082] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  569.399375][ T3082] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.633544][ T3082] usb 4-1: config 0 descriptor??
[  569.803070][ T5873] usb 2-1: new full-speed USB device number 20 using dummy_hcd
[  570.044987][ T5873] usb 2-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  570.056420][ T5873] usb 2-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  570.066637][ T5873] usb 2-1: config 0 interface 0 has no altsetting 0
[  570.073546][ T5873] usb 2-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  570.083043][ T5873] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.150417][ T3082] plantronics 0003:047F:FFFF.000C: reserved main item tag 0xe
[  570.158723][ T3082] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  570.330775][ T3082] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  570.387690][ T5873] usb 2-1: config 0 descriptor??
[  570.437356][ T3082] usb 4-1: USB disconnect, device number 16
[  570.704815][ T8454] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  570.717641][ T8454] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  570.818139][   T24] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  571.040568][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  571.052223][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  571.062496][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  571.076020][   T24] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  571.085532][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  571.217530][ T5873] uclogic 0003:5543:0042.000D: unknown main item tag 0x0
[  571.235351][ T5873] uclogic 0003:5543:0042.000D: unknown main item tag 0x0
[  571.242712][ T5873] uclogic 0003:5543:0042.000D: unknown main item tag 0x0
[  571.357820][   T24] usb 3-1: config 0 descriptor??
[  571.446004][ T5873] uclogic 0003:5543:0042.000D: hidraw0: USB HID v0.00 Device [HID 5543:0042] on usb-dummy_hcd.1-1/input0
[  571.554064][ T5873] usb 2-1: USB disconnect, device number 20
[  571.589397][ T8457] fido_id[8457]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  571.826068][   T24] plantronics 0003:047F:FFFF.000E: reserved main item tag 0xe
[  571.834149][   T24] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  571.988427][ T8459] loop4: detected capacity change from 0 to 2048
[  572.006276][   T24] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  572.162256][   T24] usb 3-1: USB disconnect, device number 13
[  572.227544][ T8459] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  572.569866][ T8463] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  572.999323][ T8462] fido_id[8462]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  573.047923][ T8471] netlink: 408 bytes leftover after parsing attributes in process `syz.3.636'.
[  573.088638][ T8467] tmpfs: Bad value for 'huge'
[  573.135793][ T8471] vxcan3: entered promiscuous mode
[  573.141163][ T8471] vxcan3: entered allmulticast mode
[  574.510441][ T8483] 9pnet_fd: Insufficient options for proto=fd
[  574.680264][ T8485] loop2: detected capacity change from 0 to 512
[  574.788844][ T8485] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  574.791812][ T8478] loop3: detected capacity change from 0 to 40427
[  574.859711][ T8488] loop4: detected capacity change from 0 to 64
[  574.875381][ T8478] F2FS-fs (loop3): build fault injection rate: 14
[  574.882165][ T8478] F2FS-fs (loop3): build fault injection type: 0x3bfe8c
[  574.909210][ T8478] F2FS-fs (loop3): invalid crc value
[  574.962584][    C0] F2FS-fs (loop3): inject read IO error in f2fs_read_end_io of bio_endio+0xe24/0xf80
[  575.028748][    C0] F2FS-fs (loop3): inject read IO error in f2fs_read_end_io of bio_endio+0xe24/0xf80
[  575.327070][ T8478] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  575.336495][ T8478] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_folio of f2fs_get_tmp_folio+0x38/0x50
[  575.365875][ T8478] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  575.482108][ T8478] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x831/0x19b0
[  575.651315][ T8493] F2FS-fs (loop3): inject dquot initialize in f2fs_dquot_initialize of f2fs_convert_inline_inode+0x7f8/0x1360
[  575.664116][   T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  575.879337][ T8494] netlink: 4 bytes leftover after parsing attributes in process `syz.1.644'.
[  575.931033][ T8486] fido_id[8486]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  575.967167][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  575.977962][   T24] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  576.072422][   T24] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a2, bcdDevice= 0.40
[  576.082026][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.090537][   T24] usb 5-1: Product: syz
[  576.095234][   T24] usb 5-1: Manufacturer: syz
[  576.100098][   T24] usb 5-1: SerialNumber: syz
[  576.176784][   T30] kauditd_printk_skb: 41 callbacks suppressed
[  576.176869][   T30] audit: type=1326 audit(1755779479.652:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8492 comm="syz.1.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  576.206903][   T30] audit: type=1326 audit(1755779479.672:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8492 comm="syz.1.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  576.229662][   T30] audit: type=1326 audit(1755779479.672:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8492 comm="syz.1.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  576.255002][   T30] audit: type=1326 audit(1755779479.672:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8492 comm="syz.1.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  576.278666][   T30] audit: type=1326 audit(1755779479.672:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8492 comm="syz.1.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  576.301416][   T30] audit: type=1326 audit(1755779479.682:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8492 comm="syz.1.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  576.324302][   T30] audit: type=1326 audit(1755779479.792:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8492 comm="syz.1.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  576.349363][   T30] audit: type=1326 audit(1755779479.792:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8492 comm="syz.1.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  576.511938][   T24] cdc_subset 5-1:1.0: probe with driver cdc_subset failed with error -22
[  576.523145][   T24] cdc_ncm 5-1:1.0: NCM or ECM functional descriptors missing
[  576.532375][   T24] cdc_ncm 5-1:1.0: bind() failure
[  576.557809][   T24] cdc_subset 5-1:1.1: probe with driver cdc_subset failed with error -22
[  576.567394][   T24] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  576.574702][   T24] cdc_ncm 5-1:1.1: bind() failure
[  576.760406][ T8499] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x831/0x19b0
[  576.843145][ T8504] F2FS-fs (loop3): inject inconsistent footer in sanity_check_node_footer of f2fs_get_inode_folio+0x40/0x50
[  576.858626][ T8504] F2FS-fs (loop3): inconsistent node block, node_type:1, nid:14, node_footer[nid:14,ino:14,ofs:0,cpver:0,blkaddr:0]
[  576.910090][   T24] usb 5-1: USB disconnect, device number 14
[  576.929623][   T30] audit: type=1326 audit(1755779480.212:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8498 comm="syz.2.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  576.952606][   T30] audit: type=1326 audit(1755779480.232:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8498 comm="syz.2.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  577.599552][ T5810] syz-executor: attempt to access beyond end of device
[  577.599552][ T5810] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  577.614745][ T5810] CPU: 0 UID: 0 PID: 5810 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  577.614926][ T5810] Tainted: [W]=WARN
[  577.614981][ T5810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  577.615064][ T5810] Call Trace:
[  577.615116][ T5810]  <TASK>
[  577.615166][ T5810]  __dump_stack+0x26/0x30
[  577.615355][ T5810]  dump_stack_lvl+0x1df/0x270
[  577.615549][ T5810]  dump_stack+0x1e/0x25
[  577.615721][ T5810]  f2fs_handle_critical_error+0xa6f/0xc20
[  577.615965][ T5810]  f2fs_stop_checkpoint+0x65/0x80
[  577.616173][ T5810]  f2fs_write_end_io+0x101c/0x1bc0
[  577.616454][ T5810]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  577.616661][ T5810]  bio_endio+0xe24/0xf80
[  577.616813][ T5810]  submit_bio_noacct+0x214/0x2710
[  577.617020][ T5810]  submit_bio+0x57c/0x630
[  577.617185][ T5810]  f2fs_submit_write_bio+0x92/0x250
[  577.617388][ T5810]  __submit_merged_bio+0x16f/0x6a0
[  577.617571][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  577.617761][ T5810]  __submit_merged_write_cond+0x458/0x9a0
[  577.617982][ T5810]  f2fs_write_data_pages+0x4bb2/0x5480
[  577.618321][ T5810]  ? filter_irq_stacks+0x13f/0x190
[  577.618578][ T5810]  ? kmsan_get_metadata+0xfb/0x160
[  577.618742][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  577.618928][ T5810]  ? kmsan_get_metadata+0xfb/0x160
[  577.619098][ T5810]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  577.619275][ T5810]  ? kmsan_get_metadata+0xfb/0x160
[  577.619476][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  577.619645][ T5810]  ? kmsan_get_metadata+0xfb/0x160
[  577.619804][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  577.619981][ T5810]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  577.620190][ T5810]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  577.620395][ T5810]  do_writepages+0x3f2/0x860
[  577.620554][ T5810]  ? _raw_spin_unlock+0x30/0x50
[  577.620700][ T5810]  ? wbc_attach_and_unlock_inode+0x131/0x680
[  577.620929][ T5810]  filemap_fdatawrite+0x207/0x260
[  577.621205][ T5810]  f2fs_sync_dirty_inodes+0x2ab/0x9e0
[  577.621398][ T5810]  f2fs_write_checkpoint+0xfe2/0x2b00
[  577.621692][ T5810]  kill_f2fs_super+0x2ff/0x970
[  577.621870][ T5810]  ? __pfx_kill_f2fs_super+0x10/0x10
[  577.622027][ T5810]  deactivate_locked_super+0xcb/0x3c0
[  577.622210][ T5810]  deactivate_super+0x12f/0x140
[  577.622371][ T5810]  cleanup_mnt+0x6fb/0x780
[  577.622558][ T5810]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  577.622730][ T5810]  ? __pfx___cleanup_mnt+0x10/0x10
[  577.622931][ T5810]  __cleanup_mnt+0x22/0x30
[  577.623126][ T5810]  task_work_run+0x206/0x2b0
[  577.623306][ T5810]  exit_to_user_mode_loop+0x2a6/0x330
[  577.623497][ T5810]  do_syscall_64+0x1e3/0x210
[  577.623678][ T5810]  ? irqentry_exit+0x16/0x60
[  577.623821][ T5810]  ? clear_bhb_loop+0x40/0x90
[  577.623980][ T5810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  577.624139][ T5810] RIP: 0033:0x7f85f338ff17
[  577.624250][ T5810] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  577.624388][ T5810] RSP: 002b:00007fff9e10cd98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  577.624531][ T5810] RAX: 0000000000000000 RBX: 00007f85f3411c05 RCX: 00007f85f338ff17
[  577.624625][ T5810] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff9e10ce50
[  577.624716][ T5810] RBP: 00007fff9e10ce50 R08: 0000000000000000 R09: 0000000000000000
[  577.624806][ T5810] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff9e10dee0
[  577.624905][ T5810] R13: 00007f85f3411c05 R14: 000000000008ce51 R15: 00007fff9e10df20
[  577.625036][ T5810]  </TASK>
[  577.992610][ T5810] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  578.002979][ T5810] CPU: 0 UID: 0 PID: 5810 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  578.003165][ T5810] Tainted: [W]=WARN
[  578.003218][ T5810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  578.003311][ T5810] Call Trace:
[  578.003365][ T5810]  <TASK>
[  578.003416][ T5810]  __dump_stack+0x26/0x30
[  578.003603][ T5810]  dump_stack_lvl+0x1df/0x270
[  578.003791][ T5810]  dump_stack+0x1e/0x25
[  578.003951][ T5810]  f2fs_handle_critical_error+0xa6f/0xc20
[  578.004197][ T5810]  f2fs_stop_checkpoint+0x65/0x80
[  578.004404][ T5810]  f2fs_write_end_io+0x101c/0x1bc0
[  578.004663][ T5810]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  578.004867][ T5810]  bio_endio+0xe24/0xf80
[  578.005026][ T5810]  submit_bio_noacct+0x214/0x2710
[  578.005238][ T5810]  submit_bio+0x57c/0x630
[  578.005411][ T5810]  f2fs_submit_write_bio+0x92/0x250
[  578.005612][ T5810]  __submit_merged_bio+0x16f/0x6a0
[  578.005812][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  578.006003][ T5810]  __submit_merged_write_cond+0x458/0x9a0
[  578.006220][ T5810]  f2fs_write_data_pages+0x4bb2/0x5480
[  578.006581][ T5810]  ? filter_irq_stacks+0x13f/0x190
[  578.006800][ T5810]  ? kmsan_get_metadata+0xfb/0x160
[  578.006983][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  578.007160][ T5810]  ? kmsan_get_metadata+0xfb/0x160
[  578.007334][ T5810]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  578.007520][ T5810]  ? kmsan_get_metadata+0xfb/0x160
[  578.007684][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  578.007859][ T5810]  ? kmsan_get_metadata+0xfb/0x160
[  578.008019][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  578.008191][ T5810]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  578.008407][ T5810]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  578.008612][ T5810]  do_writepages+0x3f2/0x860
[  578.008774][ T5810]  ? _raw_spin_unlock+0x30/0x50
[  578.008921][ T5810]  ? wbc_attach_and_unlock_inode+0x131/0x680
[  578.009149][ T5810]  filemap_fdatawrite+0x207/0x260
[  578.009421][ T5810]  f2fs_sync_dirty_inodes+0x2ab/0x9e0
[  578.009615][ T5810]  f2fs_write_checkpoint+0xfe2/0x2b00
[  578.009921][ T5810]  kill_f2fs_super+0x2ff/0x970
[  578.010103][ T5810]  ? __pfx_kill_f2fs_super+0x10/0x10
[  578.010256][ T5810]  deactivate_locked_super+0xcb/0x3c0
[  578.010448][ T5810]  deactivate_super+0x12f/0x140
[  578.010615][ T5810]  cleanup_mnt+0x6fb/0x780
[  578.010809][ T5810]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  578.010984][ T5810]  ? __pfx___cleanup_mnt+0x10/0x10
[  578.011184][ T5810]  __cleanup_mnt+0x22/0x30
[  578.011381][ T5810]  task_work_run+0x206/0x2b0
[  578.011557][ T5810]  exit_to_user_mode_loop+0x2a6/0x330
[  578.011733][ T5810]  do_syscall_64+0x1e3/0x210
[  578.011906][ T5810]  ? irqentry_exit+0x16/0x60
[  578.012063][ T5810]  ? clear_bhb_loop+0x40/0x90
[  578.012222][ T5810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.012385][ T5810] RIP: 0033:0x7f85f338ff17
[  578.012502][ T5810] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  578.012629][ T5810] RSP: 002b:00007fff9e10cd98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  578.012769][ T5810] RAX: 0000000000000000 RBX: 00007f85f3411c05 RCX: 00007f85f338ff17
[  578.012864][ T5810] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff9e10ce50
[  578.012950][ T5810] RBP: 00007fff9e10ce50 R08: 0000000000000000 R09: 0000000000000000
[  578.013039][ T5810] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff9e10dee0
[  578.013135][ T5810] R13: 00007f85f3411c05 R14: 000000000008ce51 R15: 00007fff9e10df20
[  578.013267][ T5810]  </TASK>
[  578.369387][ T5810] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  578.437370][ T8511] loop1: detected capacity change from 0 to 1024
[  578.448211][ T8511] EXT4-fs: Ignoring removed nobh option
[  578.454184][ T8511] EXT4-fs: inline encryption not supported
[  579.106648][ T8511] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  579.965724][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  580.077640][ T8522] random: crng reseeded on system resumption
[  581.897122][ T8544] syzkaller0: entered allmulticast mode
[  581.940146][ T8544] syzkaller0: entered promiscuous mode
[  582.059517][ T8536] syzkaller0 (unregistering): left allmulticast mode
[  582.066695][ T8536] syzkaller0 (unregistering): left promiscuous mode
[  582.872437][ T8552] loop0: detected capacity change from 0 to 128
[  582.929326][ T8552] vfat: Unknown parameter '����'
[  583.286533][ T8552] loop0: detected capacity change from 0 to 2048
[  583.416077][ T8552] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  583.676857][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  583.676943][   T30] audit: type=1800 audit(1755779487.162:120): pid=8552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.666" name="bus" dev="loop0" ino=18 res=0 errno=0
[  584.657045][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  584.800117][   T30] audit: type=1326 audit(1755779488.282:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8574 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  584.915149][   T30] audit: type=1326 audit(1755779488.322:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8574 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  584.938300][   T30] audit: type=1326 audit(1755779488.342:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8574 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  584.967046][   T30] audit: type=1326 audit(1755779488.342:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8574 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  584.991971][   T30] audit: type=1326 audit(1755779488.342:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8574 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  585.015218][   T30] audit: type=1326 audit(1755779488.362:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8574 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  585.037912][   T30] audit: type=1326 audit(1755779488.362:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8574 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  585.066367][   T30] audit: type=1326 audit(1755779488.362:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8574 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  585.091064][   T30] audit: type=1326 audit(1755779488.362:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8574 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  586.842931][ T8595] loop1: detected capacity change from 0 to 1024
[  587.531828][ T8599] loop2: detected capacity change from 0 to 164
[  587.800697][ T8599] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  588.056678][ T8595] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  588.844369][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  588.844449][   T30] audit: type=1326 audit(1755779492.302:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8603 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  588.873518][   T30] audit: type=1326 audit(1755779492.342:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8603 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  588.896353][   T30] audit: type=1326 audit(1755779492.342:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8603 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  589.464165][ T8607] loop4: detected capacity change from 0 to 512
[  589.704829][   T30] audit: type=1326 audit(1755779492.472:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8603 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  589.728137][   T30] audit: type=1326 audit(1755779492.482:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8603 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  589.750880][   T30] audit: type=1326 audit(1755779492.502:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8603 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  589.779616][   T30] audit: type=1326 audit(1755779492.502:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8603 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  589.805282][   T30] audit: type=1326 audit(1755779492.512:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8603 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  589.827938][   T30] audit: type=1326 audit(1755779492.512:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8603 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  589.850621][   T30] audit: type=1326 audit(1755779492.552:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8603 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  590.967532][ T8607] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  590.981169][ T8607] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  591.458523][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  593.428319][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  595.745376][ T8643] netlink: 'syz.2.700': attribute type 13 has an invalid length.
[  595.982776][ T8643] gretap0: refused to change device tx_queue_len
[  595.994126][ T8643] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  596.456286][ T8646] loop0: detected capacity change from 0 to 1024
[  596.666616][ T8646] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  596.679509][ T8646] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  596.884846][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  596.884925][   T30] audit: type=1800 audit(1755779500.342:148): pid=8646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="+}[@" name="file1" dev="loop0" ino=15 res=0 errno=0
[  596.892209][ T8646] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 1: comm +}[@: lblock 1 mapped to illegal pblock 1 (length 15)
[  596.964943][ T8646] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117
[  596.978025][ T8646] EXT4-fs (loop0): This should not happen!! Data will be lost
[  596.978025][ T8646] 
[  597.191858][   T30] audit: type=1326 audit(1755779500.692:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8660 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  597.327532][   T30] audit: type=1326 audit(1755779500.722:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8660 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  597.356141][   T30] audit: type=1326 audit(1755779500.722:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8660 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  597.380847][   T30] audit: type=1326 audit(1755779500.722:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8660 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  597.404265][   T30] audit: type=1326 audit(1755779500.722:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8660 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  597.427054][   T30] audit: type=1326 audit(1755779500.772:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8660 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  597.455397][   T30] audit: type=1326 audit(1755779500.772:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8660 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  597.480093][   T30] audit: type=1326 audit(1755779500.782:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8660 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  597.502735][   T30] audit: type=1326 audit(1755779500.782:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8660 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  597.678283][ T8664] loop1: detected capacity change from 0 to 512
[  597.803625][ T8664] EXT4-fs: Ignoring removed orlov option
[  597.838842][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  597.914519][ T8664] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  598.088806][ T8664] EXT4-fs (loop1): orphan cleanup on readonly fs
[  598.249909][ T8664] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.707: bg 0: block 248: padding at end of block bitmap is not set
[  598.375003][ T8664] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.707: Failed to acquire dquot type 1
[  598.409931][ T8664] EXT4-fs (loop1): 1 truncate cleaned up
[  598.508890][ T8664] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  598.715622][ T8664] EXT4-fs: Ignoring removed orlov option
[  598.721983][ T8664] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  598.827302][ T8664] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  598.952538][ T8664] EXT4-fs error (device loop1): __ext4_remount:6740: comm syz.1.707: Abort forced by user
[  599.044355][ T8664] EXT4-fs (loop1): Remounting filesystem read-only
[  599.051121][ T8664] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  599.060289][ T8664] ext4 filesystem being remounted at /151/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  599.144767][ T8680] loop9: detected capacity change from 0 to 7
[  599.156900][ T8680] Buffer I/O error on dev loop9, logical block 0, async page read
[  599.167967][ T8680] Buffer I/O error on dev loop9, logical block 0, async page read
[  599.178872][ T8680] Buffer I/O error on dev loop9, logical block 0, async page read
[  599.191939][ T8680] Buffer I/O error on dev loop9, logical block 0, async page read
[  599.201858][ T8680] Buffer I/O error on dev loop9, logical block 0, async page read
[  599.210584][ T8680] Buffer I/O error on dev loop9, logical block 0, async page read
[  599.219107][ T8680] Buffer I/O error on dev loop9, logical block 0, async page read
[  599.227646][ T8680] ldm_validate_partition_table(): Disk read failed.
[  599.234739][ T8680] Buffer I/O error on dev loop9, logical block 0, async page read
[  599.242976][ T8680] Buffer I/O error on dev loop9, logical block 0, async page read
[  599.252232][ T8680] Buffer I/O error on dev loop9, logical block 0, async page read
[  599.260802][ T8680] Dev loop9: unable to read RDB block 0
[  599.267539][ T8680]  loop9: unable to read partition table
[  599.328808][ T8682] netlink: 'syz.4.710': attribute type 4 has an invalid length.
[  599.346183][ T8680] loop9: partition table beyond EOD, truncated
[  599.352714][ T8680] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  599.352714][ T8680] 
) failed (rc=-5)
[  599.710690][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  600.848948][ T8700] loop0: detected capacity change from 0 to 512
[  601.050330][ T8700] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[  601.050474][ T8700] FAT-fs (loop0): Filesystem has been set read-only
[  601.285267][ T8707] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  601.285267][ T8707]    program syz.3.719 not setting count and/or reply_len properly
[  601.662555][ T8709] loop2: detected capacity change from 0 to 1024
[  601.826716][ T8709] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  602.475850][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  602.475935][   T30] audit: type=1326 audit(1755779505.952:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8716 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  602.504976][   T30] audit: type=1326 audit(1755779505.952:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8716 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  602.527567][   T30] audit: type=1326 audit(1755779505.952:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8716 comm="syz.1.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  602.695363][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  602.978359][ T8723] netlink: 20 bytes leftover after parsing attributes in process `syz.0.726'.
[  603.204219][ T8727] bond_slave_0: entered promiscuous mode
[  603.210340][ T8727] bond_slave_1: entered promiscuous mode
[  603.267518][ T8727] bond_slave_0: left promiscuous mode
[  603.273177][ T8727] bond_slave_1: left promiscuous mode
[  603.465959][ T8731] loop1: detected capacity change from 0 to 128
[  603.577903][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  603.587193][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  603.735860][ T8731] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  603.842557][ T8731] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  604.073203][ T8740] loop3: detected capacity change from 0 to 128
[  604.232747][   T30] audit: type=1800 audit(1755779507.722:161): pid=8740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.732" name="bus" dev="loop3" ino=1048629 res=0 errno=0
[  604.363653][ T8733] loop0: detected capacity change from 0 to 1024
[  604.456080][ T8743] syz.3.732: attempt to access beyond end of device
[  604.456080][ T8743] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[  604.468591][ T5823] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  604.576270][ T8733] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5
[  604.588617][ T8733] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  604.598662][ T8733] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.730: Failed to acquire dquot type 0
[  604.777908][ T8748] loop2: detected capacity change from 0 to 164
[  604.845749][ T8733] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  604.861384][ T8733] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.730: corrupted inode contents
[  604.944331][ T8733] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #13: comm syz.0.730: mark_inode_dirty error
[  604.962303][ T8748] rock: directory entry would overflow storage
[  604.968915][ T8748] rock: sig=0x66, size=4, remaining=3
[  605.025712][ T8733] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.730: corrupted inode contents
[  605.104251][ T8733] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.730: mark_inode_dirty error
[  605.196752][ T8733] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.730: corrupted inode contents
[  605.237616][ T8751] netlink: 48 bytes leftover after parsing attributes in process `syz.1.735'.
[  605.296439][ T8733] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  605.332323][ T8733] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.730: corrupted inode contents
[  605.378081][ T8733] EXT4-fs error (device loop0): ext4_truncate:4666: inode #13: comm syz.0.730: mark_inode_dirty error
[  605.396389][ T8733] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  605.422784][ T8733] EXT4-fs (loop0): 1 truncate cleaned up
[  605.437948][ T8733] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  605.676387][ T8755] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5
[  605.686353][ T8755] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  605.696339][ T8755] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.730: Failed to acquire dquot type 0
[  605.772855][   T30] audit: type=1326 audit(1755779509.222:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.4.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  605.796014][   T30] audit: type=1326 audit(1755779509.222:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8753 comm="syz.4.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  606.108289][ T8758] loop2: detected capacity change from 0 to 164
[  606.363033][ T8761] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  606.479388][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  608.844978][ T8786] netlink: 'syz.3.752': attribute type 13 has an invalid length.
[  609.102514][ T8788] loop0: detected capacity change from 0 to 128
[  609.158794][ T8788] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  609.275651][ T8788] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  609.757851][ T8786] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.766438][ T8786] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.109320][ T8795] loop1: detected capacity change from 0 to 256
[  610.385093][ T8799] sg_write: data in/out 63015/8 bytes for SCSI command 0x7f-- guessing data in;
[  610.385093][ T8799]    program syz.4.758 not setting count and/or reply_len properly
[  611.068522][ T8786] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  611.191357][ T8786] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  612.542605][ T8810] loop1: detected capacity change from 0 to 8192
[  612.699998][ T3734] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  612.759109][ T3734] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  612.811013][ T3734] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  612.853326][ T3734] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  614.113524][ T8821] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  614.125845][ T8821] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.211830][ T8822] loop0: detected capacity change from 0 to 1024
[  614.249898][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  614.249978][   T30] audit: type=1326 audit(1755779517.752:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  614.279674][   T30] audit: type=1326 audit(1755779517.752:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  614.354182][ T8822] ext4: Unknown parameter 'seclabel'
[  614.482669][   T30] audit: type=1326 audit(1755779517.832:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  614.506468][   T30] audit: type=1326 audit(1755779517.832:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  614.530222][   T30] audit: type=1326 audit(1755779517.832:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  614.557791][   T30] audit: type=1326 audit(1755779517.892:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  614.582167][   T30] audit: type=1326 audit(1755779517.892:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  614.604900][   T30] audit: type=1326 audit(1755779517.892:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  614.627615][   T30] audit: type=1326 audit(1755779517.902:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  614.654888][   T30] audit: type=1326 audit(1755779517.902:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26db38ebe9 code=0x7ffc0000
[  614.712387][ T8821] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  614.723239][ T8821] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.042056][ T8821] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  615.062819][ T8821] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.320349][ T8821] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  615.331239][ T8821] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.655638][ T8841] netlink: 4 bytes leftover after parsing attributes in process `syz.3.774'.
[  616.049634][ T3734] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  616.058599][ T3734] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  616.108398][ T3555] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  616.117402][ T3555] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  616.197051][ T3555] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  616.206191][ T3555] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  616.304603][ T3555] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  616.313522][ T3555] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  616.345924][ T8851] netlink: 28 bytes leftover after parsing attributes in process `syz.2.777'.
[  616.355659][ T8851] netlink: 28 bytes leftover after parsing attributes in process `syz.2.777'.
[  617.412047][ T8865] netlink: 8 bytes leftover after parsing attributes in process `syz.4.782'.
[  617.476307][ T8865] netlink: 'syz.4.782': attribute type 1 has an invalid length.
[  617.607100][ T8865] 8021q: adding VLAN 0 to HW filter on device bond2
[  618.042883][ T8870] 8021q: adding VLAN 0 to HW filter on device bond2
[  618.052485][ T8870] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  618.071285][ T8870] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  618.660874][ T8879] loop1: detected capacity change from 0 to 8192
[  618.711201][ T8865] gretap1: entered promiscuous mode
[  618.775862][ T8871] macvlan2: entered promiscuous mode
[  618.781388][ T8871] macvlan2: entered allmulticast mode
[  618.789996][ T8871] bond2: entered promiscuous mode
[  618.798063][ T8871] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  618.828184][ T8879]  loop1: p2
[  618.831701][ T8879] loop1: partition table partially beyond EOD, truncated
[  618.845259][ T8879] loop1: p2 start 150994947 is beyond EOD, truncated
[  618.931134][ T5168]  loop1: p2
[  618.934929][ T5168] loop1: partition table partially beyond EOD, truncated
[  618.946466][ T5168] loop1: p2 start 150994947 is beyond EOD, truncated
[  618.977493][ T8871] bond2: left promiscuous mode
[  620.147312][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  620.147395][   T30] audit: type=1326 audit(1755779523.652:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.4.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  620.410537][   T30] audit: type=1326 audit(1755779523.732:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.4.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  620.433602][   T30] audit: type=1326 audit(1755779523.732:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.4.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  620.456494][   T30] audit: type=1326 audit(1755779523.732:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.4.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  620.481914][   T30] audit: type=1326 audit(1755779523.732:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.4.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  620.505674][   T30] audit: type=1326 audit(1755779523.772:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.4.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  620.528467][   T30] audit: type=1326 audit(1755779523.772:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.4.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  620.551221][   T30] audit: type=1326 audit(1755779523.812:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.4.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  620.574082][   T30] audit: type=1326 audit(1755779523.812:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.4.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  620.599394][   T30] audit: type=1326 audit(1755779523.812:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.4.791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  621.065967][ T8899] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  621.072769][ T8899] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  621.081557][ T8899] vhci_hcd vhci_hcd.0: Device attached
[  621.220863][ T8900] loop2: detected capacity change from 0 to 1024
[  621.270329][ T8904] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(5)
[  621.277131][ T8904] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  621.285871][ T8904] vhci_hcd vhci_hcd.0: Device attached
[  621.366087][ T3082] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[  621.485703][ T8900] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  621.498609][ T8900] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  621.942654][ T8901] vhci_hcd: connection reset by peer
[  621.949404][ T8906] vhci_hcd: connection closed
[  621.965891][ T1139] vhci_hcd: stop threads
[  621.975494][ T1139] vhci_hcd: release socket
[  621.980212][ T1139] vhci_hcd: disconnect device
[  622.084094][ T1139] vhci_hcd: stop threads
[  622.088822][ T1139] vhci_hcd: release socket
[  622.093557][ T1139] vhci_hcd: disconnect device
[  622.188947][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  623.588137][ T8932] loop3: detected capacity change from 0 to 512
[  623.638058][ T8937] netlink: 80 bytes leftover after parsing attributes in process `syz.1.806'.
[  623.715502][ T8932] EXT4-fs (loop3): orphan cleanup on readonly fs
[  623.782176][ T8932] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.805: bg 0: block 248: padding at end of block bitmap is not set
[  623.806838][ T8932] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.805: Failed to acquire dquot type 1
[  623.909201][ T8932] EXT4-fs (loop3): 1 orphan inode deleted
[  623.936366][ T1139] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:7: Failed to release dquot type 1
[  624.046981][ T8932] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  624.651587][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  624.664420][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  626.607852][ T8968] netlink: 4 bytes leftover after parsing attributes in process `syz.3.816'.
[  626.968518][ T8968] netlink: 12 bytes leftover after parsing attributes in process `syz.3.816'.
[  627.234685][ T3082] vhci_hcd: vhci_device speed not set
[  627.747085][ T8979] loop4: detected capacity change from 0 to 512
[  627.817644][ T8979] EXT4-fs: Ignoring removed oldalloc option
[  627.861365][ T8979] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  627.997641][ T8979] EXT4-fs (loop4): 1 truncate cleaned up
[  628.006135][ T8979] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  628.082146][ T8980] loop2: detected capacity change from 0 to 1024
[  628.121711][ T8980] EXT4-fs: Ignoring removed orlov option
[  628.296694][ T8980] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  628.724305][   T30] kauditd_printk_skb: 83 callbacks suppressed
[  628.724399][   T30] audit: type=1800 audit(1755779532.162:320): pid=8980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.822" name="bus" dev="loop2" ino=18 res=0 errno=0
[  629.618550][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  629.921948][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.440886][ T9017] 9pnet_fd: Insufficient options for proto=fd
[  632.917449][ T9026] lo speed is unknown, defaulting to 1000
[  632.928500][ T9026] lo speed is unknown, defaulting to 1000
[  632.935845][ T9026] lo speed is unknown, defaulting to 1000
[  633.404746][ T9026] infiniband s
z1: set active
[  633.409693][ T9026] infiniband s
z1: added lo
[  633.439869][ T3082] lo speed is unknown, defaulting to 1000
[  633.584212][ T9026] RDS/IB: s
z1: added
[  633.592384][ T9026] smc: adding ib device s
z1 with port count 1
[  633.599016][ T9026] smc:    ib device s
z1 port 1 has pnetid 
[  633.607241][ T9026] lo speed is unknown, defaulting to 1000
[  633.758215][ T3082] lo speed is unknown, defaulting to 1000
[  634.325456][ T9026] lo speed is unknown, defaulting to 1000
[  636.889396][ T9026] lo speed is unknown, defaulting to 1000
[  637.148677][ T9038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.840'.
[  637.159336][ T9038] netlink: 'syz.1.840': attribute type 5 has an invalid length.
[  637.167945][ T9038] netlink: 20 bytes leftover after parsing attributes in process `syz.1.840'.
[  637.667305][ T9038] geneve2: entered promiscuous mode
[  637.673026][ T9038] geneve2: entered allmulticast mode
[  637.692947][ T9026] lo speed is unknown, defaulting to 1000
[  637.705189][   T58] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 256 - 0
[  637.773309][ T9041] loop0: detected capacity change from 0 to 2048
[  637.809489][   T58] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 256 - 0
[  637.828611][ T1118] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 256 - 0
[  637.877351][ T1118] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 256 - 0
[  638.088343][ T9041] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  638.170703][ T9050] loop3: detected capacity change from 0 to 128
[  638.247977][ T9041] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.842: bg 0: block 234: padding at end of block bitmap is not set
[  638.360968][ T9052] netlink: 36 bytes leftover after parsing attributes in process `syz.4.845'.
[  638.370904][ T9052] netlink: 16 bytes leftover after parsing attributes in process `syz.4.845'.
[  638.380330][ T9052] netlink: 36 bytes leftover after parsing attributes in process `syz.4.845'.
[  638.389695][ T9052] netlink: 36 bytes leftover after parsing attributes in process `syz.4.845'.
[  638.884619][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  639.074537][   T30] audit: type=1326 audit(1755779542.572:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  639.097722][   T30] audit: type=1326 audit(1755779542.572:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  639.168738][   T30] audit: type=1326 audit(1755779542.652:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  639.191879][   T30] audit: type=1326 audit(1755779542.652:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  639.214993][   T30] audit: type=1326 audit(1755779542.652:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  639.240219][   T30] audit: type=1326 audit(1755779542.662:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  639.264052][   T30] audit: type=1326 audit(1755779542.672:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  639.286914][   T30] audit: type=1326 audit(1755779542.672:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  639.431949][   T30] audit: type=1326 audit(1755779542.922:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  639.455244][   T30] audit: type=1326 audit(1755779542.922:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9058 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  639.773525][ T9066] loop3: detected capacity change from 0 to 512
[  639.806955][ T9066] EXT4-fs: Ignoring removed mblk_io_submit option
[  639.841388][ T9066] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  639.954871][ T9066] EXT4-fs (loop3): 1 truncate cleaned up
[  640.012767][ T9026] lo speed is unknown, defaulting to 1000
[  640.168474][ T9066] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  640.271252][ T9070] loop1: detected capacity change from 0 to 164
[  640.356554][ T9070] syz.1.853: attempt to access beyond end of device
[  640.356554][ T9070] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  640.371499][ T9070] syz.1.853: attempt to access beyond end of device
[  640.371499][ T9070] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  640.481749][ T9071] netlink: 64 bytes leftover after parsing attributes in process `syz.1.853'.
[  641.077729][ T9080] netlink: 224 bytes leftover after parsing attributes in process `syz.0.856'.
[  641.087286][ T9080] ksmbd: Unknown IPC event: 3, ignore.
[  641.118540][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  642.996790][ T9107] ipvlan2: entered promiscuous mode
[  643.010677][ T9107] bridge0: port 1(ipvlan2) entered blocking state
[  643.018019][ T9107] bridge0: port 1(ipvlan2) entered disabled state
[  643.025457][ T9107] ipvlan2: entered allmulticast mode
[  643.030998][ T9107] bridge0: entered allmulticast mode
[  643.076244][ T9107] ipvlan2: left allmulticast mode
[  643.081520][ T9107] bridge0: left allmulticast mode
[  643.636219][ T9118] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  643.650530][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  643.708483][ T9117] loop4: detected capacity change from 0 to 128
[  644.056241][ T9117] FAT-fs (loop4): Directory bread(block 32) failed
[  644.063273][ T9117] FAT-fs (loop4): Directory bread(block 33) failed
[  644.070537][ T9117] FAT-fs (loop4): Directory bread(block 34) failed
[  644.077735][ T9117] FAT-fs (loop4): Directory bread(block 35) failed
[  644.084801][ T9117] FAT-fs (loop4): Directory bread(block 36) failed
[  644.091527][ T9117] FAT-fs (loop4): Directory bread(block 37) failed
[  644.098756][ T9117] FAT-fs (loop4): Directory bread(block 38) failed
[  644.105781][ T9117] FAT-fs (loop4): Directory bread(block 39) failed
[  644.112823][ T9117] FAT-fs (loop4): Directory bread(block 40) failed
[  644.119811][ T9117] FAT-fs (loop4): Directory bread(block 41) failed
[  645.163237][   T30] kauditd_printk_skb: 47 callbacks suppressed
[  645.163319][   T30] audit: type=1326 audit(1755779548.662:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.1.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  645.192531][   T30] audit: type=1326 audit(1755779548.662:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.1.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  645.215199][   T30] audit: type=1326 audit(1755779548.682:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.1.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  645.238318][   T30] audit: type=1326 audit(1755779548.682:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.1.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  645.265236][   T30] audit: type=1326 audit(1755779548.712:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.1.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  645.290144][   T30] audit: type=1326 audit(1755779548.712:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.1.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  645.486624][ T9140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.883'.
[  645.777410][ T9145] loop4: detected capacity change from 0 to 512
[  645.967123][ T9145] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.880: bad orphan inode 15
[  646.053200][ T9145] ext4_test_bit(bit=14, block=5) = 0
[  646.061143][ T9145] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  646.535868][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  648.234263][   T30] audit: type=1326 audit(1755779551.712:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9164 comm="syz.4.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  648.352725][   T30] audit: type=1326 audit(1755779551.802:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9164 comm="syz.4.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  648.375863][   T30] audit: type=1326 audit(1755779551.802:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9164 comm="syz.4.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  648.399153][   T30] audit: type=1326 audit(1755779551.812:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9164 comm="syz.4.892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  648.609394][ T9168] loop4: detected capacity change from 0 to 512
[  648.636979][ T9172] loop9: detected capacity change from 0 to 7
[  648.769261][ T9172] buffer_io_error: 9 callbacks suppressed
[  648.769349][ T9172] Buffer I/O error on dev loop9, logical block 0, async page read
[  648.786028][ T9172] Buffer I/O error on dev loop9, logical block 0, async page read
[  648.794539][ T9172] Buffer I/O error on dev loop9, logical block 0, async page read
[  648.802704][ T9172] Buffer I/O error on dev loop9, logical block 0, async page read
[  648.811165][ T9172] Buffer I/O error on dev loop9, logical block 0, async page read
[  648.819527][ T9172] Buffer I/O error on dev loop9, logical block 0, async page read
[  648.828843][ T9172] Buffer I/O error on dev loop9, logical block 0, async page read
[  648.837061][ T9172] ldm_validate_partition_table(): Disk read failed.
[  648.846787][ T9172] Buffer I/O error on dev loop9, logical block 0, async page read
[  648.856234][ T9172] Buffer I/O error on dev loop9, logical block 0, async page read
[  648.864735][ T9172] Buffer I/O error on dev loop9, logical block 0, async page read
[  648.872875][ T9172] Dev loop9: unable to read RDB block 0
[  648.879180][ T9172]  loop9: unable to read partition table
[  648.996556][ T9172] loop9: partition table beyond EOD, truncated
[  649.003306][ T9172] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  649.003306][ T9172] 
) failed (rc=-5)
[  649.305800][ T9168] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  649.422944][ T9168] EXT4-fs (loop4): mount failed
[  649.821733][ T9181] netlink: 'syz.0.897': attribute type 6 has an invalid length.
[  649.931097][ T9183] netlink: 224 bytes leftover after parsing attributes in process `syz.1.898'.
[  649.940559][ T9183] ksmbd: Unknown IPC event: 4, ignore.
[  651.089818][ T9194] loop3: detected capacity change from 0 to 128
[  651.291014][ T9196] tipc: Started in network mode
[  651.298179][ T9196] tipc: Node identity ac14140f, cluster identity 4711
[  651.312899][ T9196] tipc: New replicast peer: 255.255.255.255
[  651.321253][ T9196] tipc: Enabled bearer <udp:s>, priority 10
[  651.547874][ T9196] loop0: detected capacity change from 0 to 512
[  651.576098][ T9199] loop9: detected capacity change from 0 to 7
[  651.616062][ T9199] ldm_validate_partition_table(): Disk read failed.
[  651.623256][ T9199] Dev loop9: unable to read RDB block 0
[  651.629744][ T9199]  loop9: unable to read partition table
[  651.648233][ T9196] EXT4-fs (loop0): The Hurd can't support 64-bit file systems
[  651.719365][ T9199] loop9: partition table beyond EOD, truncated
[  651.726180][ T9199] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  651.726180][ T9199] 
) failed (rc=-5)
[  652.116817][ T9202] netlink: 'syz.1.908': attribute type 21 has an invalid length.
[  652.129177][ T9202] netlink: 132 bytes leftover after parsing attributes in process `syz.1.908'.
[  652.445030][ T5873] tipc: Node number set to 2886997007
[  653.625296][ T9217] netlink: 12 bytes leftover after parsing attributes in process `syz.4.913'.
[  653.844985][ T9220] loop2: detected capacity change from 0 to 128
[  653.865399][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  654.147974][ T9220] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  654.303045][ T9220] ext4 filesystem being mounted at /184/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  654.526110][ T9226] loop4: detected capacity change from 0 to 512
[  654.627669][ T9226] EXT4-fs (loop4): orphan cleanup on readonly fs
[  654.677063][ T9226] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 248: padding at end of block bitmap is not set
[  654.699691][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  654.699767][   T30] audit: type=1326 audit(1755779558.202:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9230 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  654.730661][   T30] audit: type=1326 audit(1755779558.202:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9230 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  654.754282][   T30] audit: type=1326 audit(1755779558.212:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9230 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  654.777624][   T30] audit: type=1326 audit(1755779558.212:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9230 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  654.804268][   T30] audit: type=1326 audit(1755779558.222:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9230 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  654.854563][ T9226] Quota error (device loop4): write_blk: dquota write failed
[  654.862665][ T9226] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  654.873560][ T9226] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm +}[@: Failed to acquire dquot type 1
[  654.918228][   T30] audit: type=1326 audit(1755779558.362:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9230 comm="syz.1.919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  654.945021][ T9226] EXT4-fs (loop4): 1 truncate cleaned up
[  654.978204][ T9226] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  655.069718][ T9226] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  655.082116][ T9226] EXT4-fs warning (device loop4): read_mmp_block:115: Error -117 while reading MMP block 0
[  655.117464][ T5825] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  655.579783][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  655.589901][ T9235] loop1: detected capacity change from 0 to 512
[  655.634853][ T9235] EXT4-fs: Ignoring removed i_version option
[  655.756324][ T9235] EXT4-fs (loop1): orphan cleanup on readonly fs
[  655.763419][ T9235] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.921: bg 0: block 131: padding at end of block bitmap is not set
[  655.833962][ T9235] EXT4-fs (loop1): Remounting filesystem read-only
[  655.890026][ T9235] EXT4-fs (loop1): 1 truncate cleaned up
[  655.898609][ T9235] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  656.123318][ T9242] loop4: detected capacity change from 0 to 512
[  656.329091][ T9242] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  656.342379][ T9242] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  656.430580][ T9247] netlink: 12 bytes leftover after parsing attributes in process `syz.0.924'.
[  656.439977][ T9247] netlink: 'syz.0.924': attribute type 1 has an invalid length.
[  656.448684][ T9247] netlink: 'syz.0.924': attribute type 2 has an invalid length.
[  656.456856][ T9247] netlink: 4 bytes leftover after parsing attributes in process `syz.0.924'.
[  656.608503][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  656.609733][   T30] audit: type=1326 audit(1755779560.102:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.0.924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  656.749359][   T30] audit: type=1326 audit(1755779560.162:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.0.924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d4f58ebe9 code=0x7ffc0000
[  656.944280][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  657.536369][ T9255] netlink: 32 bytes leftover after parsing attributes in process `syz.4.927'.
[  658.290424][ T9264] loop4: detected capacity change from 0 to 512
[  658.315723][ T9264] EXT4-fs: Ignoring removed orlov option
[  658.386621][ T9264] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  658.486362][ T9264] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  658.540466][ T9264] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.931: corrupted in-inode xattr: e_value size too large
[  658.654734][ T9264] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.931: couldn't read orphan inode 15 (err -117)
[  658.740493][ T9264] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  658.828204][ T9271] program syz.3.932 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  659.687143][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  660.056292][ T9282] s
z1: rxe_newlink: already configured on lo
[  662.377737][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  662.377818][   T30] audit: type=1326 audit(1755779565.882:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9290 comm="syz.1.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  662.622302][ T9285] loop3: detected capacity change from 0 to 2048
[  662.847300][   T30] audit: type=1326 audit(1755779566.052:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9290 comm="syz.1.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  662.870194][   T30] audit: type=1326 audit(1755779566.092:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9290 comm="syz.1.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  662.897290][   T30] audit: type=1326 audit(1755779566.112:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9290 comm="syz.1.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  662.922052][   T30] audit: type=1326 audit(1755779566.202:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9290 comm="syz.1.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  662.945003][   T30] audit: type=1326 audit(1755779566.202:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9290 comm="syz.1.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  662.967750][   T30] audit: type=1326 audit(1755779566.262:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9290 comm="syz.1.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  662.999408][   T30] audit: type=1326 audit(1755779566.262:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9290 comm="syz.1.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a1b78ebe9 code=0x7ffc0000
[  663.028847][ T9285] EXT4-fs warning (device loop3): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop3.
[  665.015206][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  665.024811][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  665.413037][ T9323] loop3: detected capacity change from 0 to 512
[  665.505789][ T9323] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.951: casefold flag without casefold feature
[  665.525933][ T9323] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.951: couldn't read orphan inode 15 (err -117)
[  665.672562][ T9323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  665.799685][ T9328] loop4: detected capacity change from 0 to 512
[  665.871020][ T9328] EXT4-fs: Ignoring removed mblk_io_submit option
[  665.881967][   T30] audit: type=1800 audit(1755779569.362:452): pid=9323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.951" name="file1" dev="loop3" ino=18 res=0 errno=0
[  665.929413][ T9328] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  666.016938][ T9328] EXT4-fs (loop4): 1 truncate cleaned up
[  666.025606][ T9328] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  666.140454][ T9333] bond1: entered promiscuous mode
[  666.146534][ T9333] bond1: entered allmulticast mode
[  666.160113][ T9333] 8021q: adding VLAN 0 to HW filter on device bond1
[  666.244826][   T30] audit: type=1804 audit(1755779569.742:453): pid=9328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.953" name="/newroot/173/bus/bus" dev="loop4" ino=18 res=1 errno=0
[  666.406871][ T9333] bond1 (unregistering): Released all slaves
[  666.496588][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  666.989007][ T9339] netlink: 'syz.3.957': attribute type 1 has an invalid length.
[  667.056183][ T9341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.957'.
[  667.083421][ T5816] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  667.231693][ T9339] 8021q: adding VLAN 0 to HW filter on device bond2
[  667.364906][ T9345] loop0: detected capacity change from 0 to 128
[  667.386893][ T9341] bond2 (unregistering): Released all slaves
[  668.370668][ T9360] lo speed is unknown, defaulting to 1000
[  669.399218][ T9357] netlink: 112 bytes leftover after parsing attributes in process `syz.3.964'.
[  670.315955][ T9357] binfmt_misc: register: failed to install interpreter file ./file0
[  671.217058][   T30] audit: type=1326 audit(1755779574.712:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.4.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  671.239852][   T30] audit: type=1326 audit(1755779574.712:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.4.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  671.263875][   T30] audit: type=1326 audit(1755779574.722:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.4.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  671.348701][   T30] audit: type=1326 audit(1755779574.822:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.4.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  671.375909][   T30] audit: type=1326 audit(1755779574.822:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.4.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  671.400232][   T30] audit: type=1326 audit(1755779574.902:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.4.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  671.423041][   T30] audit: type=1326 audit(1755779574.902:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.4.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  671.445706][   T30] audit: type=1326 audit(1755779574.932:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.4.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  671.468536][   T30] audit: type=1326 audit(1755779574.942:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.4.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5a4358ec23 code=0x7ffc0000
[  671.470898][ T9372] loop1: detected capacity change from 0 to 1024
[  671.637115][ T9372] EXT4-fs: Ignoring removed nobh option
[  671.642953][ T9372] EXT4-fs: Ignoring removed bh option
[  671.755738][   T30] audit: type=1326 audit(1755779575.122:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.4.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5a4358d69f code=0x7ffc0000
[  671.905339][ T9372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  672.267279][ T9380] netlink: 292 bytes leftover after parsing attributes in process `syz.0.971'.
[  672.472169][ T9380] loop0: detected capacity change from 0 to 1024
[  672.485958][ T9369] loop4: detected capacity change from 0 to 8192
[  672.527409][ T9380] EXT4-fs: Ignoring removed i_version option
[  672.546619][ T9380] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  672.640683][ T9380] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.971: Invalid block bitmap block 0 in block_group 0
[  672.708641][ T9380] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.971: Failed to acquire dquot type 0
[  672.815675][ T9380] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.971: Freeing blocks not in datazone - block = 0, count = 4096
[  672.894637][ T9380] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.971: Invalid inode bitmap blk 0 in block_group 0
[  672.939971][ T3969] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:21: Failed to release dquot type 0
[  672.978157][ T9380] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  673.052819][ T9380] EXT4-fs (loop0): 1 orphan inode deleted
[  673.062386][ T9380] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  673.567876][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  673.620917][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  674.251930][ T9398] netlink: 4 bytes leftover after parsing attributes in process `syz.0.977'.
[  674.315802][ T9398] team1: entered promiscuous mode
[  674.321114][ T9398] team1: entered allmulticast mode
[  676.061269][ T9421] loop3: detected capacity change from 0 to 512
[  676.072876][ T9421] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  676.120110][ T9421] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.989: corrupted in-inode xattr: overlapping e_value 
[  676.135986][ T9421] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.989: couldn't read orphan inode 15 (err -117)
[  676.162403][ T9421] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  676.431346][   T30] kauditd_printk_skb: 66 callbacks suppressed
[  676.431432][   T30] audit: type=1326 audit(1755779579.932:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9423 comm="syz.4.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  676.850508][ T9426] lo speed is unknown, defaulting to 1000
[  677.656562][   T30] audit: type=1326 audit(1755779580.012:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9423 comm="syz.4.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  677.679375][   T30] audit: type=1326 audit(1755779580.072:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9423 comm="syz.4.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  677.703280][   T30] audit: type=1326 audit(1755779580.072:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9423 comm="syz.4.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  677.730432][   T30] audit: type=1326 audit(1755779580.112:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9423 comm="syz.4.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  677.754502][   T30] audit: type=1326 audit(1755779580.112:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9423 comm="syz.4.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  677.777429][   T30] audit: type=1326 audit(1755779580.112:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9423 comm="syz.4.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  677.800226][   T30] audit: type=1326 audit(1755779580.252:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9423 comm="syz.4.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  677.827161][   T30] audit: type=1326 audit(1755779580.252:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9423 comm="syz.4.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  677.851437][   T30] audit: type=1326 audit(1755779580.252:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9423 comm="syz.4.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  679.009673][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  680.356948][ T9434] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  680.364427][ T9434] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  680.371162][ T9434] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  680.377733][ T9434] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  680.422110][ T9434] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  680.432029][ T9434] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  680.465940][ T9434] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  680.472520][ T9434] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  681.415484][ T9448] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  681.424868][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  682.117864][ T9456] loop9: detected capacity change from 0 to 7
[  682.184850][ T9456] buffer_io_error: 28 callbacks suppressed
[  682.184931][ T9456] Buffer I/O error on dev loop9, logical block 0, async page read
[  682.199930][ T9456] Buffer I/O error on dev loop9, logical block 0, async page read
[  682.208479][ T9456] Buffer I/O error on dev loop9, logical block 0, async page read
[  682.216802][ T9456] Buffer I/O error on dev loop9, logical block 0, async page read
[  682.231176][ T9456] Buffer I/O error on dev loop9, logical block 0, async page read
[  682.241407][ T9456] Buffer I/O error on dev loop9, logical block 0, async page read
[  682.249696][ T9456] Buffer I/O error on dev loop9, logical block 0, async page read
[  682.257967][ T9456] ldm_validate_partition_table(): Disk read failed.
[  682.265048][ T9456] Buffer I/O error on dev loop9, logical block 0, async page read
[  682.273232][ T9456] Buffer I/O error on dev loop9, logical block 0, async page read
[  682.281581][ T9456] Buffer I/O error on dev loop9, logical block 0, async page read
[  682.289900][ T9456] Dev loop9: unable to read RDB block 0
[  682.296213][ T9456]  loop9: unable to read partition table
[  682.307445][ T9456] loop9: partition table beyond EOD, truncated
[  682.314511][ T9456] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  682.314511][ T9456] 
) failed (rc=-5)
[  682.330541][ T9462] syzkaller0: refused to change device tx_queue_len
[  682.424660][   T49] Bluetooth: hci2: command 0x0406 tx timeout
[  682.434908][ T5819] Bluetooth: hci1: command 0x0406 tx timeout
[  682.506548][   T49] Bluetooth: hci4: command 0x0406 tx timeout
[  682.513032][ T5819] Bluetooth: hci3: command 0x0406 tx timeout
[  682.731646][ T9454] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1003'.
[  682.746362][ T9454] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1003'.
[  683.028047][ T9465] loop0: detected capacity change from 0 to 2048
[  683.235837][ T9465] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  683.299563][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  683.299646][   T30] audit: type=1326 audit(1755779586.802:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9468 comm="syz.4.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  683.375641][   T30] audit: type=1326 audit(1755779586.872:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9468 comm="syz.4.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  683.481978][   T30] audit: type=1326 audit(1755779586.932:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9468 comm="syz.4.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  683.505037][   T30] audit: type=1326 audit(1755779586.932:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9468 comm="syz.4.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  683.528025][   T30] audit: type=1326 audit(1755779586.932:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9468 comm="syz.4.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  683.550957][   T30] audit: type=1326 audit(1755779586.962:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9468 comm="syz.4.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  683.576645][   T30] audit: type=1326 audit(1755779586.962:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9468 comm="syz.4.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a4358ebe9 code=0x7ffc0000
[  683.806524][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  684.325329][ T9479] netlink: 26 bytes leftover after parsing attributes in process `syz.1.1014'.
[  684.348462][ T9477] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1013'.
[  684.504523][   T49] Bluetooth: hci2: command 0x0406 tx timeout
[  684.584224][   T49] Bluetooth: hci4: command 0x0406 tx timeout
[  684.590766][ T5819] Bluetooth: hci3: command 0x0406 tx timeout
[  686.164723][ T9501] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1022'.
[  686.175586][ T9501] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1022'.
[  688.406552][ T9530] loop4: detected capacity change from 0 to 164
[  688.587288][ T9530] syz.4.1035: attempt to access beyond end of device
[  688.587288][ T9530] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  688.601977][ T9530] syz.4.1035: attempt to access beyond end of device
[  688.601977][ T9530] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  688.815302][ T9538] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1035'.
[  689.348230][ T1118] =====================================================
[  689.355914][ T1118] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xafd/0x98a0
[  689.365394][ T1118]  n_tty_receive_buf_standard+0xafd/0x98a0
[  689.372175][ T1118]  n_tty_receive_buf_common+0x1a68/0x2540
[  689.380541][ T1118]  n_tty_receive_buf2+0x4c/0x60
[  689.386779][ T1118]  tty_ldisc_receive_buf+0xc6/0x2c0
[  689.401642][ T1118]  tty_port_default_receive_buf+0xd7/0x1a0
[  689.411470][ T1118]  flush_to_ldisc+0x43e/0xe30
[  689.417582][ T1118]  process_scheduled_works+0xb8e/0x1d80
[  689.425906][ T1118]  worker_thread+0xedf/0x1590
[  689.431512][ T1118]  kthread+0xd59/0xf00
[  689.436500][ T1118]  ret_from_fork+0x1e3/0x310
[  689.441920][ T1118]  ret_from_fork_asm+0x1a/0x30
[  689.447688][ T1118] 
[  689.450817][ T1118] Uninit was stored to memory at:
[  689.457772][ T1118]  n_tty_receive_buf_standard+0xaf6/0x98a0
[  689.468238][ T1118]  n_tty_receive_buf_common+0x1a68/0x2540
[  689.474996][ T1118]  n_tty_receive_buf2+0x4c/0x60
[  689.480713][ T1118]  tty_ldisc_receive_buf+0xc6/0x2c0
[  689.487044][ T1118]  tty_port_default_receive_buf+0xd7/0x1a0
[  689.493883][ T1118]  flush_to_ldisc+0x43e/0xe30
[  689.508835][ T1118]  process_scheduled_works+0xb8e/0x1d80
[  689.518232][ T1118]  worker_thread+0xedf/0x1590
[  689.524274][ T1118]  kthread+0xd59/0xf00
[  689.529195][ T1118]  ret_from_fork+0x1e3/0x310
[  689.534743][ T1118]  ret_from_fork_asm+0x1a/0x30
[  689.540450][ T1118] 
[  689.543531][ T1118] Uninit was created at:
[  689.548918][ T1118]  __kmalloc_noprof+0x95f/0x1310
[  689.554978][ T1118]  __tty_buffer_request_room+0x3d4/0x7a0
[  689.561478][ T1118]  __tty_insert_flip_string_flags+0x157/0x6f0
[  689.568584][ T1118]  uart_insert_char+0x368/0x930
[  689.574409][ T1118]  serial8250_read_char+0x1ba/0x670
[  689.580445][ T1118]  serial8250_handle_irq+0x930/0x1110
[  689.586835][ T1118]  serial8250_default_handle_irq+0x116/0x330
[  689.593833][ T1118]  serial8250_interrupt+0xcb/0x400
[  689.608810][ T1118]  __handle_irq_event_percpu+0x11c/0xbf0
[  689.618525][ T1118]  handle_irq_event+0xe0/0x2a0
[  689.626187][ T1118]  handle_edge_irq+0x2a9/0xb50
[  689.631908][ T1118]  __common_interrupt+0x9d/0x180
[  689.637876][ T1118]  common_interrupt+0x94/0xb0
[  689.643523][ T1118]  asm_common_interrupt+0x2b/0x40
[  689.649645][ T1118] 
[  689.652754][ T1118] CPU: 0 UID: 0 PID: 1118 Comm: kworker/u8:5 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[  689.664721][ T1118] Tainted: [W]=WARN
[  689.669314][ T1118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  689.680392][ T1118] Workqueue: events_unbound flush_to_ldisc
[  689.687244][ T1118] =====================================================
[  689.695046][ T1118] Disabling lock debugging due to kernel taint
[  689.710125][ T1118] Kernel panic - not syncing: kmsan.panic set ...
[  689.716693][ T1118] CPU: 0 UID: 0 PID: 1118 Comm: kworker/u8:5 Tainted: G    B   W           syzkaller #0 PREEMPT(none) 
[  689.727935][ T1118] Tainted: [B]=BAD_PAGE, [W]=WARN
[  689.733065][ T1118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  689.743271][ T1118] Workqueue: events_unbound flush_to_ldisc
[  689.749304][ T1118] Call Trace:
[  689.752711][ T1118]  <TASK>
[  689.755741][ T1118]  __dump_stack+0x26/0x30
[  689.760278][ T1118]  dump_stack_lvl+0x53/0x270
[  689.765083][ T1118]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  689.771113][ T1118]  dump_stack+0x1e/0x25
[  689.775455][ T1118]  vpanic+0x361/0xc50
[  689.779674][ T1118]  panic+0x15d/0x160
[  689.783823][ T1118]  kmsan_report+0x31c/0x320
[  689.788529][ T1118]  ? __msan_warning+0x1b/0x30
[  689.793376][ T1118]  ? n_tty_receive_buf_standard+0xafd/0x98a0
[  689.799734][ T1118]  ? n_tty_receive_buf_common+0x1a68/0x2540
[  689.805888][ T1118]  ? n_tty_receive_buf2+0x4c/0x60
[  689.811143][ T1118]  ? tty_ldisc_receive_buf+0xc6/0x2c0
[  689.816716][ T1118]  ? tty_port_default_receive_buf+0xd7/0x1a0
[  689.822909][ T1118]  ? flush_to_ldisc+0x43e/0xe30
[  689.827947][ T1118]  ? process_scheduled_works+0xb8e/0x1d80
[  689.833903][ T1118]  ? worker_thread+0xedf/0x1590
[  689.838988][ T1118]  ? kthread+0xd59/0xf00
[  689.843404][ T1118]  ? ret_from_fork+0x1e3/0x310
[  689.848364][ T1118]  ? ret_from_fork_asm+0x1a/0x30
[  689.853523][ T1118]  ? ret_from_fork_asm+0x1a/0x30
[  689.858687][ T1118]  ? stack_depot_save_flags+0x35/0x7b0
[  689.864365][ T1118]  ? kmsan_get_metadata+0xfb/0x160
[  689.869690][ T1118]  ? kmsan_get_metadata+0x150/0x160
[  689.875082][ T1118]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  689.881597][ T1118]  ? kmsan_get_metadata+0x150/0x160
[  689.887004][ T1118]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  689.893032][ T1118]  ? n_tty_receive_char+0xfae/0x1440
[  689.898574][ T1118]  ? kmsan_get_metadata+0xfb/0x160
[  689.903895][ T1118]  __msan_warning+0x1b/0x30
[  689.908572][ T1118]  n_tty_receive_buf_standard+0xafd/0x98a0
[  689.914674][ T1118]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  689.920997][ T1118]  ? kmsan_get_metadata+0xfb/0x160
[  689.926457][ T1118]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  689.932603][ T1118]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  689.939174][ T1118]  n_tty_receive_buf_common+0x1a68/0x2540
[  689.945264][ T1118]  n_tty_receive_buf2+0x4c/0x60
[  689.950384][ T1118]  ? __pfx_n_tty_receive_buf2+0x10/0x10
[  689.956181][ T1118]  tty_ldisc_receive_buf+0xc6/0x2c0
[  689.961621][ T1118]  tty_port_default_receive_buf+0xd7/0x1a0
[  689.967686][ T1118]  flush_to_ldisc+0x43e/0xe30
[  689.972602][ T1118]  ? __pfx_tty_port_default_receive_buf+0x10/0x10
[  689.979248][ T1118]  ? __pfx_flush_to_ldisc+0x10/0x10
[  689.984671][ T1118]  process_scheduled_works+0xb8e/0x1d80
[  689.990533][ T1118]  worker_thread+0xedf/0x1590
[  689.995478][ T1118]  kthread+0xd59/0xf00
[  689.999726][ T1118]  ? __pfx_worker_thread+0x10/0x10
[  690.005089][ T1118]  ? __pfx_kthread+0x10/0x10
[  690.009857][ T1118]  ret_from_fork+0x1e3/0x310
[  690.014618][ T1118]  ? __pfx_kthread+0x10/0x10
[  690.019381][ T1118]  ret_from_fork_asm+0x1a/0x30
[  690.024402][ T1118]  </TASK>
[  690.027920][ T1118] Kernel Offset: disabled
[  690.032310][ T1118] Rebooting in 86400 seconds..