last executing test programs:

35.855516366s ago: executing program 5 (id=394):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000600)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
inotify_init()
pipe(&(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0x88000cc, 0x0)
write$eventfd(r4, &(0x7f0000000240), 0xffffff14)

34.874524839s ago: executing program 5 (id=400):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, 0x6}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='veth0_macvtap\x00', 0x10)
sendmmsg$inet6(r1, &(0x7f0000003100)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000000480)="177fdf", 0x3}], 0x1}}], 0x2, 0x4001015)
r2 = fcntl$dupfd(r1, 0x0, r1)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x40001)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

34.628068106s ago: executing program 5 (id=401):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
r3 = fcntl$dupfd(r2, 0x0, r2)
read$snapshot(r3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
socket$nl_route(0x10, 0x3, 0x0)
syz_clone(0x21000011, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x8000, 0xfffffffa)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB], 0xd)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2c, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e24, 0x4e24}}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000"], 0x0)
syz_emit_vhci(&(0x7f0000000280)=ANY=[], 0x22)
r7 = syz_usb_connect$hid(0x2, 0x0, 0x0, 0x0)
syz_usb_control_io(r7, &(0x7f0000000040)={0x2c, &(0x7f0000000080)={0x20, 0x23, 0x1f, {0x1f, 0xa, "a7ea3163fd3bc518194b120c1e73d54cfc4ad2841ef4f6a3027c59ccb7"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r3)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r4, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x40, r8, 0x4, 0x70bd28, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x3ff, 0x4c}}}}, [@NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x2}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x10a8}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x200}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x64e}]}, 0x40}, 0x1, 0x0, 0x0, 0x90}, 0x4000800)

30.528313184s ago: executing program 5 (id=417):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x34, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x50a10, 0x51a23}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)

30.044858065s ago: executing program 5 (id=420):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
preadv2(r0, &(0x7f0000000000)=[{&(0x7f0000001600)=""/70, 0x46}], 0x1, 0xb, 0x7fff, 0x0)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, 0x0, 0x20000844)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
connect$qrtr(r1, &(0x7f00000001c0)={0x2a, 0xffffffff, 0x4000}, 0xc)
close_range(r0, r1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

29.630979893s ago: executing program 5 (id=425):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="2100000000000000000000000000100000040000", @ANYRES32, @ANYBLOB="fdffffff03"], 0x50)

14.48809779s ago: executing program 32 (id=425):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="2100000000000000000000000000100000040000", @ANYRES32, @ANYBLOB="fdffffff03"], 0x50)

9.056319976s ago: executing program 1 (id=561):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
symlink(&(0x7f0000000100)='./file0\x00', 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f0000000300)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000400)={0x10, 0x2, 0xf8, 0x7f, 0x5ac, 0x2, 0xd8b4, 0x2, 0x9})
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8982, &(0x7f0000000380))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r4)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000380)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x160, 0x10, 0x713, 0x70bd26, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@dev={0xac, 0x14, 0x14, 0x13}, 0x4e22, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x32}, @in6=@local, {0x0, 0x0, 0x8, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x2, 0xfffffffffffffff8}, {0xc, 0x0, 0x2}, 0x70bd29, 0x0, 0x2, 0x1, 0x0, 0x28}, [@algo_aead={0x68, 0x12, {{'rfc4543(gcm(aes))\x00'}, 0xe0, 0x80, "316f74eeac053deb73fc018493cc121927a9bca207141b9a451c00aa"}}, @tfcpad={0x8, 0x16, 0x4}]}, 0x160}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYBLOB="7f454c4600040000ff7f00000000000003003e00ecfffbff94020000000000004000000000000000e503000000000000000000002c8f3800010000000200000003"], 0x178)
close(0xffffffffffffffff)
r6 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x14, @loopback, 0xffff}], 0x1c)
setsockopt$inet_sctp_SCTP_INITMSG(r6, 0x84, 0x2, &(0x7f0000000080)={0x7ff, 0x10, 0x8, 0x2}, 0x8)
sendto$inet6(r6, &(0x7f00000000c0)='H', 0x4194, 0x44004, &(0x7f0000000040)={0xa, 0x4e24, 0x7, @loopback, 0xc5f}, 0x1c)

6.790026778s ago: executing program 0 (id=566):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
readv(r0, &(0x7f0000000ec0)=[{&(0x7f0000001380)=""/4096, 0x1000}], 0x1)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000280))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r2, 0xa, 0x13)
fcntl$setlease(r2, 0x400, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

6.229464803s ago: executing program 4 (id=568):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x40}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44880}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0xe4ff, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd25, 0x25df9bfb, {0x0, 0x0, 0x0, r2, {0xd, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x54, 0x2, [@TCA_ROUTE4_ACT={0x50, 0x6, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xa, 0x5, 0x4, 0x7, 0x8}, 0x39}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x80, 0x3}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)

5.745706525s ago: executing program 0 (id=571):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="190000000400"], 0x48)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r1, &(0x7f0000000400)=[{0x0}], 0x1)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
splice(r0, 0x0, r4, 0x0, 0x80, 0x6)
write(r2, 0x0, 0x0)

5.458146358s ago: executing program 1 (id=573):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, 0x6}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='veth0_macvtap\x00', 0x10)
sendmmsg$inet6(r1, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000100)='l', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000000480)="177fdf", 0x3}], 0x1}}], 0x2, 0x4001015)
r2 = fcntl$dupfd(r1, 0x0, r1)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r2, 0x0, 0x40001)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

5.374229914s ago: executing program 4 (id=574):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
fsopen(&(0x7f00000000c0)='jffs2\x00', 0x1)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x1, 0x9c, 0x10000}, 0x28)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000500)={'syz_tun\x00', &(0x7f0000000180)=@ethtool_link_settings={0x4d, 0x400, 0xf, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1]}})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)={0x34, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0xfc}]}, 0x34}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
memfd_secret(0x0)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="14010000350001000000000000000000010100800c0001"], 0x114}], 0x1}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004882, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

5.31631129s ago: executing program 0 (id=576):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0x4, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x40)

5.26619997s ago: executing program 1 (id=577):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10)

4.841818787s ago: executing program 3 (id=579):
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
fchdir(0xffffffffffffffff)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB], 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200)=0x1, 0x12)

4.665575505s ago: executing program 0 (id=580):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan1\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000380)={0x1d, r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$can_raw(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x2, 0x0, 0x0, 0x0, "0000000000000003"}, 0x10}, 0x1, 0x0, 0x0, 0x8001}, 0x20008084)

4.494790345s ago: executing program 1 (id=581):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000004200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000004100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

4.438248206s ago: executing program 3 (id=582):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000600)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000003695"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r3, 0x0, r5, 0x0, 0x88000cc, 0x0)
write$eventfd(r4, &(0x7f0000000240), 0xffffff14)

3.736146308s ago: executing program 1 (id=583):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
readv(r0, &(0x7f0000000ec0)=[{&(0x7f0000001380)=""/4096, 0x1000}], 0x1)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
r3 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r3, 0xa, 0x13)
fcntl$setlease(r3, 0x400, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

3.268057322s ago: executing program 0 (id=584):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sched_switch\x00'}, 0x18)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x18)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189)
write$binfmt_format(r3, &(0x7f0000000000)='1\x00', 0x2400)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)

2.124439269s ago: executing program 0 (id=585):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x40}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44880}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0xe4ff, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd25, 0x25df9bfb, {0x0, 0x0, 0x0, r2, {0xd, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x54, 0x2, [@TCA_ROUTE4_ACT={0x50, 0x6, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xa, 0x5, 0x4, 0x7, 0x8}, 0x39}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x80, 0x3}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)

1.151242242s ago: executing program 2 (id=586):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x0, &(0x7f0000000780)})
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000740)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001480), 0x0, 0x400c404)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.000338375s ago: executing program 4 (id=587):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="190000000400"], 0x48)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r1, &(0x7f0000000400)=[{0x0}], 0x1)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
splice(r0, 0x0, r4, 0x0, 0x80, 0x6)
write(r2, 0x0, 0x0)

883.657315ms ago: executing program 2 (id=588):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000100)=0x1, 0x12)

785.110694ms ago: executing program 3 (id=589):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, 0x6}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='veth0_macvtap\x00', 0x10)
sendmmsg$inet6(r1, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000100)='l', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000000480)="177fdf", 0x3}], 0x1}}], 0x2, 0x4001015)
r2 = fcntl$dupfd(r1, 0x0, r1)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r2, 0x0, 0x40001)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

762.074714ms ago: executing program 4 (id=590):
r0 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f0000000000)=0xfffffffe, 0x4)

711.451019ms ago: executing program 2 (id=591):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0x4, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x1c}}, 0x40)

624.022753ms ago: executing program 4 (id=592):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000640)='kmem_cache_free\x00', r0, 0x0, 0x80001}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
flistxattr(r1, 0x0, 0x0)

605.089829ms ago: executing program 2 (id=593):
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
fchdir(0xffffffffffffffff)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB], 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200)=0x1, 0x12)

589.355741ms ago: executing program 3 (id=594):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000004200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000004100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

416.913168ms ago: executing program 2 (id=595):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
write$nci(0xffffffffffffffff, 0x0, 0xfffffeea)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
socket$inet6(0xa, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000070601080000001e000000000a0000040500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)

407.291595ms ago: executing program 4 (id=596):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="02030003130000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af05000600000000000a004e2400000004ff010000000000000000000000000001000000000000000002000100000000000000070c0100000005000500000000000a004e2400000009000000000000000000000000000000000600000000000000020013000300"], 0x98}, 0x1, 0x7}, 0x0)

364.660795ms ago: executing program 3 (id=597):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000780)=@deltaction={0x54, 0x18, 0x1, 0x70bd2a, 0x25dfdc00, {0xa}, [@TCA_ACT_TAB={0x40, 0x1, [{0xc, 0x8f, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x37}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x44000}, 0x20040844)

222.352376ms ago: executing program 1 (id=598):
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff020400a4ffffffffffffffff1f2be82db1", 0x12)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110980000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x10, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x100000}, 0x10}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7ffff000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)

221.165232ms ago: executing program 2 (id=599):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000300)=""/57, 0x39}, {&(0x7f0000000340)=""/158, 0x5b}, {0x0}], 0x3}, 0xff}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='ext4_fallocate_exit\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8000d0, &(0x7f0000000040), 0x1, 0x588, &(0x7f0000000600)="$eJzs3U9sHFcZAPBvdh0ncU3ThEZqyiGBRKR/lNjtSk4DB8IBDhT1UiRUqRysZGOHrGNju6I2F/fGiSIBAlRRNeKABBKxxAE4VBQkDkgECYEQFmolEAf+tIBwD5QARrM7a2+8s84i27vF8/tJm33zZuzvvd18b3ffm/UEUFgn0n+SiOGIuBkRhxqbtx9wonH37cry5I3K8mQSa2tP/jWpH3e9sjzZPLT5c3dFxFJE3BcRP7occXFfe9y5hcWr47VadTbbHpmfmhmZW1g8c2VqfKI6Ub1WqTx2fmzs/Lmx0f+hN8mWez8+8/qRX08+MfHS8X89dW7q639J4kK937GpHzspr0UDScSF3QjWB+W0PxEx1OXxR6vPv7zLTaJLXzyyMpI+d/dGxKl6/h+Kcv3ZjPjAi0///VC8/1ann7258uIfe9lWAGDnrKX2b70b2JtKkX72T0pnI6JRLpXOnm18hr83hkq16bn5hy9PP3PtUmOO4J7YV7p8pVYdzeYK7ol9Sbr9SL28sf3opu1KRByOiM+WD9a3z16crl3q6UgHNA1HvPadT10cvGtT/v+h3Mh/YO9K8/+XP/7eD9Lym+V+twbopTT/v/nm1OMh/6Fw7pz/B3reJqA3vP5Dccl/KK72/N/63Flg7/D6D8Ul/6G45D8Ul/yH4pL/UFyt+S/9oZgOH39lJYmIpfcdrN9Sg9m+nD/bA+wha2uJL/lDQXnvD8U1sFE82M92AL3nMz5wp7P/O34beGbn2wL0RqnfDQD65vQx639QVOb/obgG+t0AoG+8xwfM/0PxmP+H4hrucP2vd7Rcu2s0Iu6OiJ+W9+1vXusL+P81HPHaCze/+3RE6U9J9v7/9KFTw+Ovv/rD1uMGk3/UlwgGI+LTLzz55WfH5+dnH0nr/7ZeP/+VrP7RfvUG6EYzT5t5DBTX3MLi1fFarTqroLCpEPG2aIbCLhaa48D1yvJk89arsef5hyLe+GDjJIQ07o3s1tg7kM1NHqivUQ6tJredq5DswNrl585ELD0XEffl9T/JrnfeWPkYWi23xX9ndp/ejmXzJ+kxR7uMX757e/Hvb4l/vCX+u7qMv/KxLg/cJYe/1d/4L/1mfdlrIO/xH9jmV2KP3GH/49/Y1q/ftt//rr/xTx3vb/wvTUe8ko4/o3n5V0rTcn3ls3X8+cLnG/Omg9uM/5nTG+Pfjbbxr7Q+/pU7jH8nuozzk6eqn8irL/8s4o3nIu7Pjd+Md6Aea2i11Bb/ZMv488AW8f/80V9czau/8GrE2vWI05EfvzXWyPzUzMjcwuKZK1PjE9WJ6rVK5bHzY2Pnz42NjtTnqEeaM9Xtnrh19EN59Se/1uj/UIf4zf53evzXtuhzq8WvfnL43Tn1Pz/WiP/Ayfzn/0gWv/H4D7TFf092n/4/+Xd2Lm96zFsRsT+rfzAivv/y4Yfy2vWRW434lzr0v3Rb/Pb+P9xl/+O3/3kmr/rZD3f7CwCAndR5aqDfLQMAAHZaL1Ya+91HIN/Q6mC0LgMnSy3rCksb6wpp/VvZ+kJ5KeKf2RpDWv9gtkqWlnMXGoC3naOL7/1Vv9sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUHRzC4tXx2u16uxcv1sC9Np/AwAA//8Fjv+b")
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000008000000000000000000910095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x7, 0x4, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}, 0x50)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140004"], 0xa4}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$LINK_DETACH(0x22, &(0x7f0000000140), 0x4)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000001f40)=ANY=[@ANYBLOB="000000004c900200290000000300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000020000000000000ffffffffffd9ffff00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"])

0s ago: executing program 3 (id=600):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x473, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYuiIKIo6KEeY7ItodtGmii2FpuKeBKkoGfxKPoXeBNB1JPg1ZMnKRTtpa2nyMzOpJttNrFmk4nd3w82+74z7+48T+br3ffdDaBrDWV/kogdEfFbRAw0qksbDDWerl05N3n9yrnJJBYWXv8zydtdvXJusmxavm57URlOI9KPkmIjS82eOXtiol6vnS7qo3Mn3x6dPXP2iXdPThyvHa+dGj9y5PChsaefGn+yI3lmeV3d98HM/r0vvnnxlcmjF9/66Zss3h3F+uY8OmUoS/yvhVzrukc7vbGK7WwqJ70VBsIt6YmIbHf15ef/QPTEjZ03EC98WGlwwLrK7k1b2q+eXwBuY0lUHQFQjfJGn33+LR8b1PXYFC4/2/gAlOV9rXg01vRGWrTpa/l820lDEXF0/u8vskes0zgEAECzTyY/fzl7fv/61y9lfY+BxTVp3JM//57/3VXMoQxGxJ0RsTsi7oqIPRFxd0Te9t6IuG+N8dzc/0kvrfEtV5T1/54p5raW9v/K3l8M9hS1nXn+fcmx6XrtYPE/GY6+LVl9bIVtfPf8r5+2W9fc/8se2fbLvmARx6XelgG6qYm5ibxT2gGXL0Ts610u/2RxJiCJiL0Rse/W3npXWZh+7Kv97Rqtnv8KOjDPtPBllt58lv98tORfSprnJ6dvmp8c3Rr12sHR8qi42c+/fPxau+2vKf8OuFxrPDft/9Ymg0nzfO1sZ7f/H4//tD95I59n7i+WvTcxN3d6LKI/yS9nS5eP33htWS/bZ8f/8IHlz//dxWuy/O+PiOwgfiAiHoyIh4rYH46IRyLiwAo5/vjc6vlHWtH+vxAxtez1b/H4b9n/t17oOfHDt+22/+/2/+G8NFwsya9/q1gunOxy0RrgWv53AAAA8H+R5t+BT9KRxXKajow0vsO/J+5I6zOzc48fm3nn1FTju/KD0ZeWI10DxXhofbpeG0vmi3dsjI+OF2PF5XjpoWLc+LOebXl9ZHKmPlVx7tDttrc5/zN/9FQdHbDOti27dLx/wwMBKtA6j54urZ5/NVwM4Hbl99rQvVY5/9ONigPYeO7/0L2WO//Pt9TNBcDtyf0fupfzH7pU+n3VEQAVcv+HrrSW3/WvY2Hr5gijmsJm3Sl5IaIspJsiHoV1KlR9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMfwIAAP//2wzmew==")
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x4800)
getrandom(0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x40814)
r1 = syz_open_procfs(0x0, &(0x7f00000005c0)='cgroup\x00')
lseek(r1, 0x10001, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.220' (ED25519) to the list of known hosts.
[  101.582205][  T890] cfg80211: failed to load regulatory.db
[  101.932142][ T5811] cgroup: Unknown subsys name 'net'
[  102.064892][ T5811] cgroup: Unknown subsys name 'cpuset'
[  102.074756][ T5811] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  103.884683][ T5811] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  106.876109][ T5828] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  106.899100][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  106.908326][ T5841] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  106.916646][ T5841] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  106.924828][ T5841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  106.933710][ T5841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  106.942500][ T5841] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  106.950138][ T5841] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  106.957375][ T5841] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  106.965965][ T5841] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  106.973533][ T5841] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  106.980832][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  106.988798][ T5841] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  106.999100][ T5841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  107.007979][ T5841] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  107.011404][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  107.015627][ T5841] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  107.027236][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  107.038814][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  107.039034][ T5843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  107.053258][ T5846] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  107.053838][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  107.060804][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  107.076041][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  107.080998][ T5843] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  107.092601][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  107.134296][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  107.154239][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  107.169061][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  107.178072][ T5828] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  108.077053][ T5832] chnl_net:caif_netlink_parms(): no params data found
[  108.200401][ T5831] chnl_net:caif_netlink_parms(): no params data found
[  108.326583][ T5830] chnl_net:caif_netlink_parms(): no params data found
[  108.375148][ T5824] chnl_net:caif_netlink_parms(): no params data found
[  108.420879][ T5825] chnl_net:caif_netlink_parms(): no params data found
[  108.549240][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.556713][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.564813][ T5832] bridge_slave_0: entered allmulticast mode
[  108.572960][ T5832] bridge_slave_0: entered promiscuous mode
[  108.647706][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.655275][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.664333][ T5832] bridge_slave_1: entered allmulticast mode
[  108.675358][ T5832] bridge_slave_1: entered promiscuous mode
[  108.821666][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.831099][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.838272][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.846416][ T5831] bridge_slave_0: entered allmulticast mode
[  108.854153][ T5831] bridge_slave_0: entered promiscuous mode
[  108.862916][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.870181][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.877646][ T5831] bridge_slave_1: entered allmulticast mode
[  108.885666][ T5831] bridge_slave_1: entered promiscuous mode
[  108.914710][ T5826] chnl_net:caif_netlink_parms(): no params data found
[  108.944914][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.024043][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.031378][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.038609][ T5824] bridge_slave_0: entered allmulticast mode
[  109.046469][ T5824] bridge_slave_0: entered promiscuous mode
[  109.085643][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.093003][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.100963][ T5830] bridge_slave_0: entered allmulticast mode
[  109.108588][ T5830] bridge_slave_0: entered promiscuous mode
[  109.117371][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.124660][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.132884][ T5830] bridge_slave_1: entered allmulticast mode
[  109.141080][ T5830] bridge_slave_1: entered promiscuous mode
[  109.158618][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.165998][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.173298][ T5825] bridge_slave_0: entered allmulticast mode
[  109.181297][ T5825] bridge_slave_0: entered promiscuous mode
[  109.181585][ T5828] Bluetooth: hci2: command tx timeout
[  109.192447][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.192812][ T5837] Bluetooth: hci4: command tx timeout
[  109.199682][   T53] Bluetooth: hci1: command tx timeout
[  109.205465][ T5143] Bluetooth: hci5: command tx timeout
[  109.210967][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.223664][ T5825] bridge_slave_1: entered allmulticast mode
[  109.231407][ T5825] bridge_slave_1: entered promiscuous mode
[  109.238208][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.245482][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.252896][ T5824] bridge_slave_1: entered allmulticast mode
[  109.260767][ T5824] bridge_slave_1: entered promiscuous mode
[  109.269825][ T5143] Bluetooth: hci3: command tx timeout
[  109.275672][ T5143] Bluetooth: hci0: command tx timeout
[  109.289703][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.375373][ T5832] team0: Port device team_slave_0 added
[  109.384247][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.447236][ T5832] team0: Port device team_slave_1 added
[  109.471421][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.484650][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.503968][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.516758][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.590287][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.602869][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.629174][ T5831] team0: Port device team_slave_0 added
[  109.696539][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.703730][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  109.731714][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.745858][ T5831] team0: Port device team_slave_1 added
[  109.753969][ T5830] team0: Port device team_slave_0 added
[  109.760329][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.767528][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.775295][ T5826] bridge_slave_0: entered allmulticast mode
[  109.783157][ T5826] bridge_slave_0: entered promiscuous mode
[  109.792729][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.799965][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.807441][ T5826] bridge_slave_1: entered allmulticast mode
[  109.815617][ T5826] bridge_slave_1: entered promiscuous mode
[  109.854156][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.861383][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  109.887562][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.917815][ T5830] team0: Port device team_slave_1 added
[  109.955927][ T5825] team0: Port device team_slave_0 added
[  109.964619][ T5824] team0: Port device team_slave_0 added
[  110.027023][ T5825] team0: Port device team_slave_1 added
[  110.051331][ T5824] team0: Port device team_slave_1 added
[  110.061976][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.068950][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.095034][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.108812][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.116290][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.142534][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.157009][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.210069][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.217152][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.243801][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.257074][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.264298][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.290424][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.304862][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.331797][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.338783][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.365218][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.438121][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.445303][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.472061][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.484295][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.491571][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.518341][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.551946][ T5832] hsr_slave_0: entered promiscuous mode
[  110.559220][ T5832] hsr_slave_1: entered promiscuous mode
[  110.572685][ T5826] team0: Port device team_slave_0 added
[  110.589790][ T5826] team0: Port device team_slave_1 added
[  110.596821][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.604463][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.630679][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.792832][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.800245][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.826852][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.841561][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.848515][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  110.874840][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.892431][ T5831] hsr_slave_0: entered promiscuous mode
[  110.900051][ T5831] hsr_slave_1: entered promiscuous mode
[  110.906453][ T5831] debugfs: 'hsr0' already exists in 'hsr'
[  110.912362][ T5831] Cannot create hsr debugfs directory
[  110.924137][ T5830] hsr_slave_0: entered promiscuous mode
[  110.931252][ T5830] hsr_slave_1: entered promiscuous mode
[  110.937573][ T5830] debugfs: 'hsr0' already exists in 'hsr'
[  110.944057][ T5830] Cannot create hsr debugfs directory
[  111.160551][ T5826] hsr_slave_0: entered promiscuous mode
[  111.167295][ T5826] hsr_slave_1: entered promiscuous mode
[  111.174182][ T5826] debugfs: 'hsr0' already exists in 'hsr'
[  111.181072][ T5826] Cannot create hsr debugfs directory
[  111.192643][ T5825] hsr_slave_0: entered promiscuous mode
[  111.199286][ T5825] hsr_slave_1: entered promiscuous mode
[  111.205844][ T5825] debugfs: 'hsr0' already exists in 'hsr'
[  111.211632][ T5825] Cannot create hsr debugfs directory
[  111.229531][ T5824] hsr_slave_0: entered promiscuous mode
[  111.236555][ T5824] hsr_slave_1: entered promiscuous mode
[  111.243260][ T5824] debugfs: 'hsr0' already exists in 'hsr'
[  111.249114][ T5824] Cannot create hsr debugfs directory
[  111.259917][ T5837] Bluetooth: hci5: command tx timeout
[  111.265395][ T5837] Bluetooth: hci4: command tx timeout
[  111.271142][ T5828] Bluetooth: hci2: command tx timeout
[  111.277525][ T5143] Bluetooth: hci1: command tx timeout
[  111.340480][ T5837] Bluetooth: hci3: command tx timeout
[  111.346025][ T5143] Bluetooth: hci0: command tx timeout
[  111.955177][ T5832] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  111.999233][ T5832] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  112.012932][ T5832] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  112.048991][ T5832] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  112.121248][ T5825] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  112.135136][ T5825] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  112.148019][ T5825] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  112.162821][ T5825] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  112.261693][ T5831] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  112.298784][ T5831] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  112.325512][ T5831] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  112.338289][ T5831] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  112.467178][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  112.479113][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  112.494006][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  112.507079][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  112.565976][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.618940][ T5826] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  112.668847][ T5826] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  112.690784][ T5832] 8021q: adding VLAN 0 to HW filter on device team0
[  112.712786][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.732540][ T5826] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  112.756083][ T5826] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  112.789459][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.796910][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.843678][ T3922] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.850863][ T3922] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.908562][ T5825] 8021q: adding VLAN 0 to HW filter on device team0
[  112.944892][ T3922] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.952200][ T3922] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.997747][ T3922] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.005239][ T3922] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.028324][ T5824] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  113.042016][ T5824] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  113.065295][ T5824] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  113.077622][ T5824] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  113.114052][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.159419][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[  113.274194][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.281510][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.311717][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.335558][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.342930][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.351068][ T5143] Bluetooth: hci1: command tx timeout
[  113.356555][ T5143] Bluetooth: hci4: command tx timeout
[  113.363354][ T5837] Bluetooth: hci2: command tx timeout
[  113.368784][ T5837] Bluetooth: hci5: command tx timeout
[  113.420020][ T5837] Bluetooth: hci0: command tx timeout
[  113.429688][ T5143] Bluetooth: hci3: command tx timeout
[  113.436073][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.493450][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[  113.585312][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[  113.626219][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.633499][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.676135][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.683520][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.698803][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.706125][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.718250][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.725569][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.828673][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.931487][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.992539][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.058526][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[  114.150983][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.158199][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.223186][ T5832] veth0_vlan: entered promiscuous mode
[  114.248014][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.255441][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.306362][ T5832] veth1_vlan: entered promiscuous mode
[  114.339457][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.487617][ T5832] veth0_macvtap: entered promiscuous mode
[  114.567279][ T5832] veth1_macvtap: entered promiscuous mode
[  114.618965][ T5824] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  114.660938][ T5824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  114.815859][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.844486][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[  114.865423][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.926319][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.986770][ T3922] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.034300][ T3922] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.044170][ T3922] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.091715][ T3922] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.203914][ T5826] veth0_vlan: entered promiscuous mode
[  115.252947][ T5826] veth1_vlan: entered promiscuous mode
[  115.294872][ T5825] veth0_vlan: entered promiscuous mode
[  115.307255][ T5830] veth0_vlan: entered promiscuous mode
[  115.367810][ T5825] veth1_vlan: entered promiscuous mode
[  115.385605][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  115.397551][ T5830] veth1_vlan: entered promiscuous mode
[  115.402992][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.420977][ T5837] Bluetooth: hci5: command tx timeout
[  115.426680][ T5837] Bluetooth: hci4: command tx timeout
[  115.432774][ T5143] Bluetooth: hci1: command tx timeout
[  115.432801][   T53] Bluetooth: hci2: command tx timeout
[  115.484678][ T3922] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  115.497635][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.505715][ T3922] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.514223][   T53] Bluetooth: hci0: command tx timeout
[  115.514280][   T53] Bluetooth: hci3: command tx timeout
[  115.558958][ T5826] veth0_macvtap: entered promiscuous mode
[  115.574706][ T5831] veth0_vlan: entered promiscuous mode
[  115.617274][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  115.625427][ T5826] veth1_macvtap: entered promiscuous mode
[  115.687826][ T5831] veth1_vlan: entered promiscuous mode
[  115.717477][ T5830] veth0_macvtap: entered promiscuous mode
[  115.747512][ T5825] veth0_macvtap: entered promiscuous mode
[  115.767339][ T5830] veth1_macvtap: entered promiscuous mode
[  115.801771][ T5825] veth1_macvtap: entered promiscuous mode
[  115.816810][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.855578][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.865413][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.915129][ T5824] veth0_vlan: entered promiscuous mode
[  115.932030][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.951347][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.960427][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.970950][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.011191][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.028717][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.081120][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.092453][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.114690][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.126235][ T5824] veth1_vlan: entered promiscuous mode
[  116.157072][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.173499][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.201490][ T5831] veth0_macvtap: entered promiscuous mode
[  116.237209][ T5831] veth1_macvtap: entered promiscuous mode
[  116.274711][ T5824] veth0_macvtap: entered promiscuous mode
[  116.283978][ T3922] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.293059][ T3922] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.324577][ T5973] Zero length message leads to an empty skb
[  116.347294][ T3922] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.356595][ T3922] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.372192][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.388291][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.403755][ T5824] veth1_macvtap: entered promiscuous mode
[  116.418266][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.465653][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.556226][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.566477][   T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.580158][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.580471][ T3922] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.600262][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.607673][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.613977][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.662840][ T3922] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.737231][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.748394][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.775543][ T3922] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.784695][ T3922] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.874132][ T3922] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.883204][ T3922] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.904227][ T3922] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.927319][ T3922] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.963824][ T5978] batadv_slave_1: entered promiscuous mode
[  117.016795][ T3922] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.026935][ T3922] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.047683][ T5978] batadv_slave_1: left promiscuous mode
[  117.388763][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.420173][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.544116][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.568340][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.652943][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.672206][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.794204][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.804126][ T5956] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.821672][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.843422][ T5956] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.881093][ T5988] syz.4.5 (5988) used greatest stack depth: 19720 bytes left
[  119.244050][ T6001] syz_tun: entered allmulticast mode
[  123.207843][ T6037] loop1: detected capacity change from 0 to 2048
[  123.259008][ T6041] loop4: detected capacity change from 0 to 512
[  123.261175][ T6039] bridge1: entered allmulticast mode
[  123.297039][ T6041] =======================================================
[  123.297039][ T6041] WARNING: The mand mount option has been deprecated and
[  123.297039][ T6041]          and is ignored by this kernel. Remove the mand
[  123.297039][ T6041]          option from the mount to silence this warning.
[  123.297039][ T6041] =======================================================
[  123.379698][ T6037] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.404720][ T6047] netlink: 7 bytes leftover after parsing attributes in process `syz.3.26'.
[  123.440581][ T6041] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.473982][ T6045] loop2: detected capacity change from 0 to 512
[  123.484335][ T6047] netlink: 60 bytes leftover after parsing attributes in process `syz.3.26'.
[  123.494863][ T6047] netlink: 60 bytes leftover after parsing attributes in process `syz.3.26'.
[  123.504471][ T6045] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  123.520546][ T6041] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.572995][ T6045] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  123.593205][ T6041] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.23: corrupted inode contents
[  123.607257][ T6037] EXT4-fs (loop1): Online defrag not supported with bigalloc
[  123.628951][ T6045] EXT4-fs (loop2): orphan cleanup on readonly fs
[  123.646973][ T6037] netlink: 'syz.1.21': attribute type 10 has an invalid length.
[  123.677793][ T6045] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.25: corrupted inode contents
[  123.705732][ T6041] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #2: comm syz.4.23: mark_inode_dirty error
[  123.752713][ T6058] netlink: 'syz.1.21': attribute type 10 has an invalid length.
[  123.762945][ T6045] EXT4-fs (loop2): Remounting filesystem read-only
[  123.794076][ T6045] EXT4-fs (loop2): 1 truncate cleaned up
[  123.803140][ T6041] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #2: comm syz.4.23: corrupted inode contents
[  123.833575][ T6013] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  123.846011][ T6037] team0: Port device dummy0 added
[  123.866433][ T6058] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  123.886031][ T6013] Quota error (device loop2): write_blk: dquota write failed
[  123.897037][ T6047] netlink: 7 bytes leftover after parsing attributes in process `syz.3.26'.
[  123.914035][ T6013] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  123.937298][ T6047] netlink: 60 bytes leftover after parsing attributes in process `syz.3.26'.
[  123.995676][ T6013] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  124.031901][ T6047] netlink: 60 bytes leftover after parsing attributes in process `syz.3.26'.
[  124.066229][ T6013] Quota error (device loop2): write_blk: dquota write failed
[  124.085632][ T6058] team0: Port device dummy0 removed
[  124.101684][ T6013] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  124.147335][ T6058] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  124.166443][ T6013] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  124.235316][ T6013] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  124.319824][ T6013] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  124.384128][ T6045] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  124.384546][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.486157][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.980825][ T6074] loop0: detected capacity change from 0 to 256
[  125.179341][   T30] audit: type=1800 audit(1761510242.517:2): pid=6074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.32" name="file2" dev="loop0" ino=1048610 res=0 errno=0
[  125.350407][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.617481][ T6081] loop1: detected capacity change from 0 to 256
[  125.640869][ T6081] vfat: Unknown parameter ''
[  125.866526][ T6084] loop2: detected capacity change from 0 to 512
[  126.055707][ T6084] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.128037][ T6084] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.281423][ T6100] loop4: detected capacity change from 0 to 512
[  127.354643][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.004286][   T30] audit: type=1326 audit(1761510244.797:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6097 comm="syz.4.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  128.026374][   T30] audit: type=1326 audit(1761510244.827:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6097 comm="syz.4.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  128.048480][   T30] audit: type=1326 audit(1761510244.827:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6097 comm="syz.4.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  129.862632][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  129.891123][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  130.193976][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  130.206025][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  130.218832][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  130.239658][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  130.248728][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  130.257918][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  130.266607][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  130.399858][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  130.894157][ T6158] netlink: 4 bytes leftover after parsing attributes in process `syz.3.60'.
[  132.629922][ T6158] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.901843][ T6160] netlink: 'syz.4.53': attribute type 1 has an invalid length.
[  132.911999][ T6160] netlink: 244 bytes leftover after parsing attributes in process `syz.4.53'.
[  133.056127][ T6158] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.192662][ T6168] netlink: 4 bytes leftover after parsing attributes in process `syz.2.62'.
[  135.055727][ T6197] netlink: 3 bytes leftover after parsing attributes in process `syz.3.72'.
[  135.071261][ T6197] 0�X���: renamed from caif0
[  135.144643][ T6197] 0�X���: entered allmulticast mode
[  135.198955][ T6197] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  135.260075][ T5837] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  136.460932][ T6203] netlink: 'syz.0.74': attribute type 1 has an invalid length.
[  136.616997][ T6207] netlink: 'syz.2.77': attribute type 10 has an invalid length.
[  136.668667][ T6207] team0: Port device dummy0 added
[  136.678698][ T6211] netlink: 'syz.2.77': attribute type 10 has an invalid length.
[  136.772821][ T6211] team0: Port device dummy0 removed
[  136.831057][ T6211] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  137.652817][ T6233] loop3: detected capacity change from 0 to 256
[  137.856889][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  137.856945][   T30] audit: type=1800 audit(1761510255.197:10): pid=6233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.84" name="file2" dev="loop3" ino=1048611 res=0 errno=0
[  139.019752][   T53] Bluetooth: hci0: command 0x0c1a tx timeout
[  139.026056][ T6221] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  139.841835][ T6221] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  139.887475][ T6221] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  140.872337][ T6260] loop3: detected capacity change from 0 to 512
[  140.883822][ T6260] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  140.942160][ T6221] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  140.964732][ T6221] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  141.207942][   T53] Bluetooth: hci0: command 0x0c1a tx timeout
[  141.214938][ T6260] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2852: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  141.248152][ T6260] EXT4-fs (loop3): 1 truncate cleaned up
[  141.262100][ T6221] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  141.268463][ T6260] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.332991][ T6221] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  141.357851][ T6221] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  141.382228][ T6269] netlink: 'syz.2.93': attribute type 1 has an invalid length.
[  141.390545][ T6269] netlink: 244 bytes leftover after parsing attributes in process `syz.2.93'.
[  141.487046][ T6221] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  141.495887][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.509527][ T6221] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  141.517150][ T6221] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  141.540627][ T6221] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  141.565174][ T6221] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  141.589972][ T6221] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  141.620732][ T6221] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  141.634929][ T6221] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  141.646987][ T6221] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  141.701029][ T6221] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  141.723209][ T6230] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  142.208887][ T6279] netlink: 'syz.1.96': attribute type 10 has an invalid length.
[  142.581116][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  143.017680][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  143.024175][   T53] Bluetooth: hci1: command 0x0c1a tx timeout
[  143.049033][ T6281] netlink: 'syz.1.96': attribute type 10 has an invalid length.
[  143.101315][ T6288] netlink: 3 bytes leftover after parsing attributes in process `syz.0.100'.
[  143.121504][ T6279] bond0: (slave dummy0): Releasing backup interface
[  143.215859][ T6279] team0: Port device dummy0 added
[  143.263327][   T53] Bluetooth: hci0: command 0x0c1a tx timeout
[  143.339692][   T53] Bluetooth: hci2: command 0x0c1a tx timeout
[  143.370654][ T6281] team0: Port device dummy0 removed
[  143.428445][ T6281] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  143.489157][ T6288] 0�X���: renamed from caif0
[  143.529013][ T6288] 0�X���: entered allmulticast mode
[  143.558499][ T6288] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  143.585859][   T53] Bluetooth: hci4: command 0x0c1a tx timeout
[  143.585875][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  143.588525][ T6299] netlink: 4 bytes leftover after parsing attributes in process `syz.5.103'.
[  143.660118][   T53] Bluetooth: hci5: command 0x0c1a tx timeout
[  143.804267][ T6299] netlink: 4 bytes leftover after parsing attributes in process `syz.5.103'.
[  144.035725][ T6299] hsr_slave_1 (unregistering): left promiscuous mode
[  144.372979][ T6310] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  144.635450][ T6314] batadv_slave_1: entered promiscuous mode
[  144.678886][ T6314] netlink: 4 bytes leftover after parsing attributes in process `syz.5.112'.
[  144.716695][ T6313] batadv_slave_1: left promiscuous mode
[  144.834566][ T6321] Driver unsupported XDP return value 0 on prog  (id 69) dev N/A, expect packet loss!
[  145.108890][   T53] Bluetooth: hci1: command 0x0c1a tx timeout
[  145.429279][   T53] Bluetooth: hci2: command 0x0c1a tx timeout
[  145.530724][ T6340] netlink: 3 bytes leftover after parsing attributes in process `syz.4.123'.
[  145.547722][ T6343] team0: No ports can be present during mode change
[  145.596354][ T6340] 0�X���: renamed from caif0
[  145.624364][ T6340] 0�X���: entered allmulticast mode
[  145.637735][ T6340] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  145.664081][   T53] Bluetooth: hci4: command 0x0c1a tx timeout
[  145.673364][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  145.742173][   T53] Bluetooth: hci5: command 0x0c1a tx timeout
[  145.840267][ T6350] netlink: 4 bytes leftover after parsing attributes in process `syz.1.125'.
[  145.896320][ T6350] netlink: 4 bytes leftover after parsing attributes in process `syz.1.125'.
[  146.110962][ T6358] netlink: 4 bytes leftover after parsing attributes in process `syz.5.129'.
[  146.120686][ T6358] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  146.262430][ T6358] batman_adv: batadv0: Removing interface: batadv_slave_1
[  146.730597][ T6370] netlink: 'syz.2.131': attribute type 1 has an invalid length.
[  146.748179][ T6370] netlink: 244 bytes leftover after parsing attributes in process `syz.2.131'.
[  147.180112][   T53] Bluetooth: hci1: command 0x0c1a tx timeout
[  147.392094][   T30] audit: type=1326 audit(1761510264.807:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.1.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  147.498509][   T30] audit: type=1326 audit(1761510264.827:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.1.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  147.535806][   T53] Bluetooth: hci2: command 0x0c1a tx timeout
[  147.740141][   T53] Bluetooth: hci4: command 0x0c1a tx timeout
[  147.746532][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  147.752800][   T30] audit: type=1326 audit(1761510264.827:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.1.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  148.749863][ T5837] Bluetooth: hci5: command 0x0c1a tx timeout
[  150.011733][ T6410] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  150.358336][   T30] audit: type=1326 audit(1761510267.767:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6417 comm="syz.3.152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2ff18efc9 code=0x7ffc0000
[  150.479885][   T30] audit: type=1326 audit(1761510267.767:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6417 comm="syz.3.152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fe2ff18efc9 code=0x7ffc0000
[  150.586624][   T30] audit: type=1326 audit(1761510267.767:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6417 comm="syz.3.152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2ff18efc9 code=0x7ffc0000
[  150.652891][ T6421] netlink: 4 bytes leftover after parsing attributes in process `syz.4.154'.
[  150.662275][ T6421] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  150.901232][ T6421] batman_adv: batadv0: Removing interface: batadv_slave_1
[  151.231053][ T6435] loop0: detected capacity change from 0 to 256
[  151.303062][   T30] audit: type=1800 audit(1761510268.717:17): pid=6435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.157" name="file2" dev="loop0" ino=1048612 res=0 errno=0
[  152.085542][ T6431] loop1: detected capacity change from 0 to 512
[  152.198631][ T6431] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.159: Parent and EA inode have the same ino 15
[  152.490277][ T6431] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.159: Parent and EA inode have the same ino 15
[  152.523227][ T6431] EXT4-fs (loop1): 1 orphan inode deleted
[  153.672346][ T6431] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.992803][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.261235][ T6465] loop1: detected capacity change from 0 to 2048
[  155.293870][ T6465] EXT4-fs: Ignoring removed bh option
[  155.381173][ T6465] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.411868][ T6470] loop4: detected capacity change from 0 to 2048
[  155.528648][ T6470] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.543306][ T6465] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  155.574708][ T6465] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 18 with error 28
[  155.634480][ T6465] EXT4-fs (loop1): This should not happen!! Data will be lost
[  155.634480][ T6465] 
[  155.673707][ T6470] EXT4-fs (loop4): Online defrag not supported with bigalloc
[  155.689709][ T6465] EXT4-fs (loop1): Total free blocks count 0
[  155.695768][ T6465] EXT4-fs (loop1): Free/Dirty block details
[  155.728687][ T6470] netlink: 'syz.4.170': attribute type 10 has an invalid length.
[  155.782034][ T6465] EXT4-fs (loop1): free_blocks=2415919104
[  155.788111][ T6465] EXT4-fs (loop1): dirty_blocks=32
[  155.861988][ T6470] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  155.872493][ T6465] EXT4-fs (loop1): Block reservation details
[  155.914352][ T6465] EXT4-fs (loop1): i_reserved_data_blocks=2
[  156.811924][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.907868][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.352260][ T6510] loop5: detected capacity change from 0 to 512
[  157.491916][ T6510] EXT4-fs error (device loop5): ext4_xattr_inode_iget:436: comm syz.5.182: Parent and EA inode have the same ino 15
[  157.584605][ T6510] EXT4-fs error (device loop5): ext4_xattr_inode_iget:436: comm syz.5.182: Parent and EA inode have the same ino 15
[  157.689311][ T6510] EXT4-fs (loop5): 1 orphan inode deleted
[  157.716949][ T6510] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.930429][ T6526] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.182'.
[  158.000626][ T6510] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.182'.
[  158.120940][ T6529] netlink: 3 bytes leftover after parsing attributes in process `syz.0.189'.
[  158.193380][ T6529] 1�X���: renamed from 
60�X���
[  158.489799][ T6529] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  158.585939][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.395210][   T30] audit: type=1326 audit(1761510276.807:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.1.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  159.473628][   T30] audit: type=1326 audit(1761510276.837:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.1.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  159.557532][   T30] audit: type=1326 audit(1761510276.847:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.1.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  159.654334][   T30] audit: type=1326 audit(1761510276.847:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.1.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  159.749661][   T30] audit: type=1326 audit(1761510276.847:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.1.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  159.844403][   T30] audit: type=1326 audit(1761510276.847:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.1.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  160.176376][   T30] audit: type=1326 audit(1761510276.847:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.1.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  160.203905][   T30] audit: type=1326 audit(1761510276.847:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.1.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  160.241012][ T6583] netlink: 3 bytes leftover after parsing attributes in process `syz.2.209'.
[  160.245314][ T6579] loop3: detected capacity change from 0 to 512
[  160.254474][ T6583] 0�X���: renamed from caif0
[  160.294250][ T6583] 0�X���: entered allmulticast mode
[  160.300955][ T6583] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  160.983454][ T6579] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.208: Parent and EA inode have the same ino 15
[  161.110175][ T6579] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.208: Parent and EA inode have the same ino 15
[  161.198620][   T30] audit: type=1326 audit(1761510276.857:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.1.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  161.221270][   T30] audit: type=1326 audit(1761510276.857:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.1.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b018efc9 code=0x7ffc0000
[  161.240119][ T6579] EXT4-fs (loop3): 1 orphan inode deleted
[  161.345848][ T6579] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.664353][ T6600] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.208'.
[  161.738428][ T6579] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.208'.
[  161.927745][ T6604] netlink: 4 bytes leftover after parsing attributes in process `syz.5.214'.
[  162.045499][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.187062][ T6610] loop4: detected capacity change from 0 to 256
[  163.757303][ T6612] loop5: detected capacity change from 0 to 2048
[  163.839279][ T6612] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.925941][ T6612] EXT4-fs (loop5): Online defrag not supported with bigalloc
[  164.116360][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.267480][ T6632] loop2: detected capacity change from 0 to 1024
[  164.291252][ T6632] ext4: Unknown parameter 'uid<00000000000000000000'
[  164.433350][ T6644] loop4: detected capacity change from 0 to 2048
[  164.450755][ T6644] EXT4-fs: Ignoring removed bh option
[  164.469528][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  164.499271][   T30] audit: type=1326 audit(1761510281.877:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb0531c1885 code=0x7ffc0000
[  164.543939][ T6644] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.574533][   T30] audit: type=1326 audit(1761510281.887:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb05318efc9 code=0x7ffc0000
[  164.597218][   T30] audit: type=1326 audit(1761510281.887:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb05318efc9 code=0x7ffc0000
[  164.604111][ T6644] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  164.631331][   T30] audit: type=1326 audit(1761510282.037:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fb05318efc9 code=0x7ffc0000
[  164.660193][ T6654] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.230'.
[  164.682346][ T6644] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 18 with error 28
[  164.696979][   T30] audit: type=1326 audit(1761510282.097:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb05318efc9 code=0x7ffc0000
[  164.702221][ T6644] EXT4-fs (loop4): This should not happen!! Data will be lost
[  164.702221][ T6644] 
[  164.730844][ T6647] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.230'.
[  164.730877][ T6644] EXT4-fs (loop4): Total free blocks count 0
[  164.746441][ T6644] EXT4-fs (loop4): Free/Dirty block details
[  164.765720][ T6644] EXT4-fs (loop4): free_blocks=2415919104
[  164.805602][ T6656] loop5: detected capacity change from 0 to 512
[  164.814259][ T6644] EXT4-fs (loop4): dirty_blocks=32
[  164.829698][   T30] audit: type=1326 audit(1761510282.097:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb05318efc9 code=0x7ffc0000
[  164.831892][ T6644] EXT4-fs (loop4): Block reservation details
[  164.898745][   T30] audit: type=1326 audit(1761510282.097:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb05318efc9 code=0x7ffc0000
[  164.934916][ T6644] EXT4-fs (loop4): i_reserved_data_blocks=2
[  164.953462][ T6656] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.968704][   T30] audit: type=1326 audit(1761510282.097:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb05318d810 code=0x7ffc0000
[  164.991747][   T30] audit: type=1326 audit(1761510282.097:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb05318d810 code=0x7ffc0000
[  165.014231][   T30] audit: type=1326 audit(1761510282.117:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb05318efc9 code=0x7ffc0000
[  165.040664][ T6656] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.078931][ T6663] netlink: 60 bytes leftover after parsing attributes in process `syz.2.235'.
[  165.548992][ T6665] netlink: 24 bytes leftover after parsing attributes in process `syz.3.234'.
[  165.781817][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.864550][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.012910][ T6674] loop1: detected capacity change from 0 to 2048
[  166.117857][ T6681] loop4: detected capacity change from 0 to 512
[  166.145994][ T6674] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.309125][ T6681] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.237: Parent and EA inode have the same ino 15
[  166.348754][ T6674] EXT4-fs (loop1): Online defrag not supported with bigalloc
[  166.367442][ T6681] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.237: Parent and EA inode have the same ino 15
[  166.419848][ T6681] EXT4-fs (loop4): 1 orphan inode deleted
[  166.438740][ T6681] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.525057][ T6701] bridge1: entered allmulticast mode
[  166.602663][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.668733][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.003624][ T6716] syz.2.251 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  168.063104][ T6724] netlink: 60 bytes leftover after parsing attributes in process `syz.2.254'.
[  168.525087][ T6740] loop3: detected capacity change from 0 to 512
[  168.535229][ T6734] loop2: detected capacity change from 0 to 2048
[  168.563962][ T6740] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.262: Parent and EA inode have the same ino 15
[  168.578366][ T6740] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.262: Parent and EA inode have the same ino 15
[  168.595019][ T6734] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.612844][ T6740] EXT4-fs (loop3): 1 orphan inode deleted
[  168.620726][ T6734] EXT4-fs (loop2): Online defrag not supported with bigalloc
[  168.644506][ T6740] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.723557][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.836764][ T6749] loop1: detected capacity change from 0 to 1024
[  168.855251][ T6749] EXT4-fs: Ignoring removed nomblk_io_submit option
[  168.875467][ T6749] EXT4-fs: Invalid want_extra_isize 130
[  168.906341][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.193671][ T6758] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  170.535709][ T6774] netlink: 60 bytes leftover after parsing attributes in process `syz.2.272'.
[  171.062991][ T6787] netlink: 3 bytes leftover after parsing attributes in process `syz.4.278'.
[  171.113279][ T6787] 1�X���: renamed from 
60�X���
[  171.567429][ T6787] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  172.660627][ T6807] netlink: 4 bytes leftover after parsing attributes in process `syz.1.285'.
[  172.734584][ T6809] loop5: detected capacity change from 0 to 256
[  172.874015][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  172.874082][   T30] audit: type=1800 audit(1761510290.207:65): pid=6809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.284" name="file2" dev="loop5" ino=1048614 res=0 errno=0
[  173.850308][ T6819] netlink: 4 bytes leftover after parsing attributes in process `syz.1.288'.
[  173.883726][ T6819] netlink: 8 bytes leftover after parsing attributes in process `syz.1.288'.
[  174.270818][ T6828] bridge1: entered allmulticast mode
[  174.665484][ T6836] netlink: 3 bytes leftover after parsing attributes in process `syz.1.297'.
[  174.700017][ T6836] 0�X���: renamed from caif0
[  174.755706][ T6836] 0�X���: entered allmulticast mode
[  174.775219][ T6836] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  175.202636][ T6846] loop2: detected capacity change from 0 to 256
[  175.410935][   T30] audit: type=1800 audit(1761510292.817:66): pid=6846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.299" name="file2" dev="loop2" ino=1048615 res=0 errno=0
[  176.096914][ T6858] loop3: detected capacity change from 0 to 2048
[  176.416648][ T6868] loop4: detected capacity change from 0 to 1024
[  176.497705][ T6858] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.546367][ T6868] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.603984][ T6858] EXT4-fs (loop3): Online defrag not supported with bigalloc
[  176.641934][ T6868] EXT4-fs (loop4): shut down requested (1)
[  176.666042][ T6858] netlink: 'syz.3.304': attribute type 10 has an invalid length.
[  176.717890][ T6878] netlink: 'syz.3.304': attribute type 10 has an invalid length.
[  176.730137][ T6858] team0: Port device dummy0 added
[  176.748444][ T6878] team0: Port device dummy0 removed
[  176.762058][ T6878] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  176.800456][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.857144][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.883970][ T6883] netlink: 8 bytes leftover after parsing attributes in process `syz.0.311'.
[  177.183970][ T6889] netlink: 3 bytes leftover after parsing attributes in process `syz.2.315'.
[  177.218755][ T6889] 1�X���: renamed from 
60�X���
[  177.249068][ T6889] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  177.868750][ T6908] loop0: detected capacity change from 0 to 512
[  178.220730][ T6908] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.354499][ T6908] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.648186][ T6918] loop5: detected capacity change from 0 to 1024
[  178.763510][ T6918] EXT4-fs: Ignoring removed nomblk_io_submit option
[  178.882140][ T6918] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.437931][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.596713][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.923420][ T6944] netlink: 4 bytes leftover after parsing attributes in process `syz.0.327'.
[  179.942482][ T6944] netlink: 8 bytes leftover after parsing attributes in process `syz.0.327'.
[  180.051174][ T6946] netlink: 3 bytes leftover after parsing attributes in process `syz.3.331'.
[  180.066273][ T6946] 1�X���: renamed from 
60�X���
[  180.114105][ T6946] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  180.353903][ T6955] netlink: 8 bytes leftover after parsing attributes in process `syz.1.333'.
[  180.760389][ T6966] netlink: 'syz.3.339': attribute type 1 has an invalid length.
[  181.260403][ T6979] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  181.536249][ T6988] netlink: 4 bytes leftover after parsing attributes in process `syz.1.345'.
[  181.567321][ T6988] netlink: 8 bytes leftover after parsing attributes in process `syz.1.345'.
[  183.758067][ T7011] loop1: detected capacity change from 0 to 2048
[  183.819103][ T7011] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.894653][ T7011] EXT4-fs (loop1): Online defrag not supported with bigalloc
[  183.917306][ T7011] netlink: 'syz.1.353': attribute type 10 has an invalid length.
[  183.978842][ T7011] bond0: (slave dummy0): Releasing backup interface
[  184.008676][ T7025] netlink: 'syz.1.353': attribute type 10 has an invalid length.
[  184.023607][ T7011] team0: Port device dummy0 added
[  184.072903][ T7025] team0: Port device dummy0 removed
[  184.126320][ T7025] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  184.457784][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.605051][ T7040] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  184.605051][ T7040]    program syz.1.363 not setting count and/or reply_len properly
[  185.012202][ T7046] netlink: 4 bytes leftover after parsing attributes in process `syz.0.365'.
[  185.039654][ T7046] netlink: 8 bytes leftover after parsing attributes in process `syz.0.365'.
[  185.090637][ T7052] loop1: detected capacity change from 0 to 1024
[  185.132549][ T7052] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  185.185734][ T7052] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  185.200760][ T7052] EXT4-fs (loop1): orphan cleanup on readonly fs
[  185.226483][ T7052] EXT4-fs error (device loop1): ext4_free_blocks:6705: comm syz.1.368: Freeing blocks not in datazone - block = 0, count = 4096
[  185.292930][ T7052] EXT4-fs (loop1): 1 orphan inode deleted
[  185.307679][ T7052] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  185.571232][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.311699][ T7086] netlink: 4 bytes leftover after parsing attributes in process `syz.4.378'.
[  186.989731][ T7100] netlink: 8 bytes leftover after parsing attributes in process `syz.2.385'.
[  187.465153][ T7112] netlink: 8 bytes leftover after parsing attributes in process `syz.4.390'.
[  187.499617][ T7112] netlink: 8 bytes leftover after parsing attributes in process `syz.4.390'.
[  187.788446][ T7118] netlink: 12 bytes leftover after parsing attributes in process `syz.2.393'.
[  187.847006][ T7118] tipc: Started in network mode
[  187.888834][ T7118] tipc: Node identity 7, cluster identity 4711
[  187.929780][ T7118] tipc: Node number set to 7
[  188.318302][ T7136] netlink: 8 bytes leftover after parsing attributes in process `syz.4.399'.
[  188.667502][ T7130] netlink: 'syz.3.397': attribute type 1 has an invalid length.
[  188.675474][ T7130] netlink: 244 bytes leftover after parsing attributes in process `syz.3.397'.
[  189.197422][ T7150] netlink: 3 bytes leftover after parsing attributes in process `syz.1.405'.
[  189.211021][ T7150] 1�X���: renamed from 
60�X���
[  189.326190][ T7150] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  189.641160][ T7159] loop2: detected capacity change from 0 to 256
[  189.775921][   T30] audit: type=1800 audit(1761510307.117:67): pid=7159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.406" name="file2" dev="loop2" ino=1048616 res=0 errno=0
[  190.683108][ T7157] loop0: detected capacity change from 0 to 2048
[  190.764699][ T7157] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.790876][ T7169] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  190.880914][ T7161] netlink: 8 bytes leftover after parsing attributes in process `syz.4.408'.
[  190.914164][ T7161] netlink: 8 bytes leftover after parsing attributes in process `syz.4.408'.
[  190.972761][ T7161] netlink: 8 bytes leftover after parsing attributes in process `syz.4.408'.
[  191.004205][ T7157] EXT4-fs (loop0): Online defrag not supported with bigalloc
[  191.069788][ T7157] netlink: 'syz.0.407': attribute type 10 has an invalid length.
[  191.127474][ T7172] netlink: 'syz.0.407': attribute type 10 has an invalid length.
[  191.170853][ T7157] team0: Port device dummy0 added
[  191.217735][ T7172] team0: Port device dummy0 removed
[  191.246212][ T7172] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  191.907377][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.429962][ T7180] netlink: 4 bytes leftover after parsing attributes in process `syz.0.413'.
[  192.438894][ T7180] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  192.831828][ T7180] batman_adv: batadv0: Removing interface: batadv_slave_1
[  192.837796][ T7189] netlink: 4 bytes leftover after parsing attributes in process `syz.2.416'.
[  193.229579][ T7193] bridge2: entered allmulticast mode
[  193.486336][ T7197] loop0: detected capacity change from 0 to 1024
[  193.542140][ T7197] EXT4-fs: inline encryption not supported
[  193.661957][ T7197] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.194771][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.516433][ T7236] bridge1: entered allmulticast mode
[  196.134664][ T7243] netlink: 3 bytes leftover after parsing attributes in process `syz.0.436'.
[  196.158914][ T7243] 0�X���: renamed from 
61�X���
[  196.231195][ T7243] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  197.514025][ T7268] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.446'.
[  197.549498][ T7267] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.446'.
[  197.579701][ T7235] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  197.586780][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  197.822174][ T7274] bridge1: entered allmulticast mode
[  198.068904][ T7282] IPv4: Oversized IP packet from 127.202.26.0
[  198.203671][ T7235] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  198.210061][ T7235] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  198.223188][ T7235] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  198.231618][ T7235] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  198.243981][ T7235] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  198.907975][   T43] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  199.087160][   T43] usb 4-1: unable to get BOS descriptor or descriptor too short
[  199.127610][   T43] usb 4-1: config 14 has an invalid interface number: 145 but max is 0
[  199.157412][   T43] usb 4-1: config 14 contains an unexpected descriptor of type 0x1, skipping
[  199.194878][   T43] usb 4-1: config 14 has no interface number 0
[  199.228851][   T43] usb 4-1: config 14 interface 145 altsetting 26 endpoint 0x4 has invalid maxpacket 1471, setting to 1024
[  199.273370][   T43] usb 4-1: config 14 interface 145 altsetting 26 bulk endpoint 0x4 has invalid maxpacket 1024
[  199.321442][   T43] usb 4-1: config 14 interface 145 altsetting 26 bulk endpoint 0x2 has invalid maxpacket 1023
[  199.378766][   T43] usb 4-1: config 14 interface 145 altsetting 26 has a duplicate endpoint with address 0x8A, skipping
[  199.424599][   T43] usb 4-1: config 14 interface 145 altsetting 26 has an invalid descriptor for endpoint zero, skipping
[  199.466133][   T43] usb 4-1: config 14 interface 145 altsetting 26 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  199.527755][   T43] usb 4-1: config 14 interface 145 altsetting 26 has a duplicate endpoint with address 0x7, skipping
[  199.585077][   T43] usb 4-1: config 14 interface 145 altsetting 26 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  199.615889][   T43] usb 4-1: config 14 interface 145 altsetting 26 has a duplicate endpoint with address 0x4, skipping
[  199.872518][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  199.970528][ T7311] loop1: detected capacity change from 0 to 256
[  200.633566][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  200.910834][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  200.917254][ T5828] Bluetooth: hci3: command 0x0c1a tx timeout
[  200.923691][   T53] Bluetooth: hci5: command 0x0c1a tx timeout
[  202.002880][   T43] usb 4-1: config 14 interface 145 altsetting 26 has an invalid descriptor for endpoint zero, skipping
[  202.016541][   T43] usb 4-1: config 14 interface 145 has no altsetting 0
[  202.195545][   T30] audit: type=1800 audit(1761510319.597:68): pid=7311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.464" name="file2" dev="loop1" ino=1048617 res=0 errno=0
[  202.529974][   T43] usb 4-1: string descriptor 0 read error: -71
[  202.543303][   T43] usb 4-1: New USB device found, idVendor=093a, idProduct=2603, bcdDevice=84.40
[  202.574848][ T7319] bridge2: entered allmulticast mode
[  202.584570][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.661545][   T43] usb 4-1: can't set config #14, error -71
[  202.695195][   T43] usb 4-1: USB disconnect, device number 2
[  203.837633][ T7347] loop0: detected capacity change from 0 to 2048
[  203.904147][ T7347] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.984790][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  203.991623][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  204.002037][ T7347] EXT4-fs (loop0): Online defrag not supported with bigalloc
[  204.054590][ T7347] netlink: 'syz.0.476': attribute type 10 has an invalid length.
[  204.090496][ T7347] bond0: (slave dummy0): Releasing backup interface
[  204.106154][ T7357] netlink: 'syz.0.476': attribute type 10 has an invalid length.
[  204.124859][ T7347] team0: Port device dummy0 added
[  204.211086][ T7357] team0: Port device dummy0 removed
[  204.222780][ T7357] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  204.388990][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.949637][ T7359] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  204.956910][ T7359] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  204.964165][ T7359] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  204.971094][ T7359] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  205.003909][ T7359] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  205.058853][ T7372] wireguard0: entered promiscuous mode
[  205.107607][ T7372] wireguard0: entered allmulticast mode
[  205.125101][ T7359] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  205.387188][ T7380] netlink: 4 bytes leftover after parsing attributes in process `syz.4.485'.
[  205.951233][ T7376] syz.1.484: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  206.025966][ T7376] CPU: 1 UID: 0 PID: 7376 Comm: syz.1.484 Not tainted syzkaller #0 PREEMPT(full) 
[  206.026017][ T7376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  206.026038][ T7376] Call Trace:
[  206.026051][ T7376]  <TASK>
[  206.026065][ T7376]  dump_stack_lvl+0x16c/0x1f0
[  206.026116][ T7376]  warn_alloc+0x248/0x3a0
[  206.026170][ T7376]  ? __pfx_warn_alloc+0x10/0x10
[  206.026240][ T7376]  ? packet_set_ring+0xb4c/0x17e0
[  206.026296][ T7376]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.026340][ T7376]  ? __vmalloc_node_noprof+0xad/0xf0
[  206.026388][ T7376]  __vmalloc_node_range_noprof+0xfe2/0x1480
[  206.026444][ T7376]  ? packet_set_ring+0xb4c/0x17e0
[  206.026526][ T7376]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  206.026566][ T7376]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.026610][ T7376]  ? alloc_pages_mpol+0x25a/0x550
[  206.026648][ T7376]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  206.026684][ T7376]  ? rcu_is_watching+0x12/0xc0
[  206.026738][ T7376]  ? packet_set_ring+0xb4c/0x17e0
[  206.026793][ T7376]  __vmalloc_node_noprof+0xad/0xf0
[  206.026846][ T7376]  ? packet_set_ring+0xb4c/0x17e0
[  206.026907][ T7376]  packet_set_ring+0xb4c/0x17e0
[  206.026983][ T7376]  packet_setsockopt+0x121b/0x33c0
[  206.027020][ T7376]  ? __pfx___might_resched+0x10/0x10
[  206.027070][ T7376]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.027115][ T7376]  ? __lock_acquire+0x622/0x1c90
[  206.027179][ T7376]  ? __pfx_packet_setsockopt+0x10/0x10
[  206.027213][ T7376]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.027258][ T7376]  ? aa_sk_perm+0x2f4/0xb10
[  206.027293][ T7376]  ? file_init_path+0x4fe/0x760
[  206.027338][ T7376]  ? __pfx_aa_sk_perm+0x10/0x10
[  206.027378][ T7376]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.027423][ T7376]  ? find_held_lock+0x2b/0x80
[  206.027481][ T7376]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.027525][ T7376]  ? aa_sock_opt_perm+0xfd/0x1c0
[  206.027578][ T7376]  ? __pfx_packet_setsockopt+0x10/0x10
[  206.027617][ T7376]  do_sock_setsockopt+0xf3/0x1d0
[  206.027667][ T7376]  __sys_setsockopt+0x1a0/0x230
[  206.027735][ T7376]  __x64_sys_setsockopt+0xbd/0x160
[  206.027793][ T7376]  ? do_syscall_64+0x91/0xfa0
[  206.027835][ T7376]  ? srso_alias_return_thunk+0x5/0xfbef5
[  206.027880][ T7376]  ? lockdep_hardirqs_on+0x7c/0x110
[  206.027922][ T7376]  do_syscall_64+0xcd/0xfa0
[  206.027969][ T7376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.028006][ T7376] RIP: 0033:0x7f56b018efc9
[  206.028035][ T7376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.028071][ T7376] RSP: 002b:00007f56b109f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  206.028105][ T7376] RAX: ffffffffffffffda RBX: 00007f56b03e5fa0 RCX: 00007f56b018efc9
[  206.028130][ T7376] RDX: 0000000000000005 RSI: 0000000000000107 RDI: 0000000000000005
[  206.028153][ T7376] RBP: 00007f56b0211f91 R08: 000000000000001c R09: 0000000000000000
[  206.028176][ T7376] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  206.028199][ T7376] R13: 00007f56b03e6038 R14: 00007f56b03e5fa0 R15: 00007ffe08daa5a8
[  206.028251][ T7376]  </TASK>
[  206.028263][ T7376] Mem-Info:
[  206.353430][ T7376] active_anon:5304 inactive_anon:0 isolated_anon:0
[  206.353430][ T7376]  active_file:4104 inactive_file:39926 isolated_file:0
[  206.353430][ T7376]  unevictable:768 dirty:226 writeback:0
[  206.353430][ T7376]  slab_reclaimable:10766 slab_unreclaimable:98118
[  206.353430][ T7376]  mapped:34775 shmem:1600 pagetables:1451
[  206.353430][ T7376]  sec_pagetables:0 bounce:0
[  206.353430][ T7376]  kernel_misc_reclaimable:0
[  206.353430][ T7376]  free:1152183 free_pcp:26586 free_cma:0
[  206.422334][ T7398] loop3: detected capacity change from 0 to 2048
[  206.429786][ T7376] Node 0 active_anon:21216kB inactive_anon:0kB active_file:16416kB inactive_file:159500kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:139100kB dirty:900kB writeback:0kB shmem:4864kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12312kB pagetables:5664kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  206.474547][ T7376] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  206.539879][ T7400] loop4: detected capacity change from 0 to 1024
[  206.547281][ T7400] EXT4-fs: Ignoring removed orlov option
[  206.556905][ T7376] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  206.561583][   T53] Bluetooth: hci0: command 0x0c1a tx timeout
[  206.611592][ T7398] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.662243][ T7376] lowmem_reserve[]: 0 2485 2487 2487 2487
[  206.672788][ T7398] EXT4-fs (loop3): Online defrag not supported with bigalloc
[  206.683990][ T7400] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.689638][ T7403] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  206.714508][ T7376] Node 0 DMA32 free:700772kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:21652kB inactive_anon:0kB active_file:16416kB inactive_file:159500kB unevictable:1536kB writepending:912kB zspages:0kB present:3129332kB managed:2545020kB mlocked:0kB bounce:0kB free_pcp:92052kB local_pcp:37220kB free_cma:0kB
[  206.763547][ T7398] netlink: 'syz.3.493': attribute type 10 has an invalid length.
[  206.783291][ T7398] bond0: (slave dummy0): Releasing backup interface
[  206.813784][ T7405] netlink: 'syz.3.493': attribute type 10 has an invalid length.
[  206.829214][ T7398] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  206.859807][   T30] audit: type=1800 audit(1761510324.267:69): pid=7400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.494" name="bus" dev="loop4" ino=18 res=0 errno=0
[  206.880832][ T7376] lowmem_reserve[]: 0 0 1 1 1
[  206.885646][ T7376] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  206.899846][ T7398] team0: Failed to send options change via netlink (err -105)
[  206.924143][ T7376] lowmem_reserve[]: 0 0 0 0 0
[  206.949682][   T30] audit: type=1804 audit(1761510324.267:70): pid=7400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.494" name="/newroot/92/bus/bus" dev="loop4" ino=18 res=1 errno=0
[  206.984968][ T7398] team0: Port device dummy0 added
[  207.005924][ T7405] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  207.019735][   T53] Bluetooth: hci3: command 0x0c1a tx timeout
[  207.025880][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  207.025925][ T5143] Bluetooth: hci1: command 0x0c1a tx timeout
[  207.064851][ T7405] team0: Failed to send options change via netlink (err -105)
[  207.071422][ T7376] Node 1 Normal free:3892600kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:19840kB local_pcp:9696kB free_cma:0kB
[  207.079972][ T7405] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  207.136012][ T5143] Bluetooth: hci4: command 0x0c1a tx timeout
[  207.149849][ T7376] lowmem_reserve[]: 0 0 0 0 0
[  207.168178][ T7376] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  207.182317][ T5143] Bluetooth: hci5: command 0x0c1a tx timeout
[  207.183113][ T7405] team0: Port device dummy0 removed
[  207.199372][ T7405] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  207.214044][ T7376] Node 0 DMA32: 2*4kB (UE) 1*8kB (E) 2*16kB (UM) 3*32kB (UME) 1*64kB (E) 2*128kB (U) 1*256kB (M) 1*512kB (U) 2*1024kB (UM) 0*2048kB 170*4096kB (M) = 699600kB
[  207.230599][ T7376] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  207.242555][ T7376] Node 1 Normal: 242*4kB (UME) 60*8kB (UME) 49*16kB (UME) 112*32kB (UME) 35*64kB (UME) 8*128kB (UME) 2*256kB (M) 4*512kB (UME) 2*1024kB (ME) 2*2048kB (UE) 946*4096kB (M) = 3892600kB
[  207.261632][ T7376] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  207.273148][ T7376] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  207.283090][ T7376] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  207.309578][ T7376] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  207.335360][ T7376] 45757 total pagecache pages
[  207.366041][ T7376] 0 pages in swap cache
[  207.373408][ T7376] Free swap  = 124996kB
[  207.377975][ T7376] Total swap = 124996kB
[  207.399121][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.411586][ T7376] 2097051 pages RAM
[  207.415423][ T7376] 0 pages HighMem/MovableOnly
[  207.439087][ T7376] 428706 pages reserved
[  207.444089][ T7376] 0 pages cma reserved
[  207.487247][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.787153][ T7424] loop3: detected capacity change from 0 to 512
[  207.942919][ T7424] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.955751][ T7424] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.046868][ T7432] netlink: 4 bytes leftover after parsing attributes in process `syz.4.501'.
[  208.664181][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.403485][ T7463] loop9: detected capacity change from 0 to 7
[  209.410954][ T7463] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.419171][ T7463] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.450021][ T7463] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.475900][ T7463] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.513263][ T7463] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.549186][ T7463] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.581725][ T7472] netlink: 4 bytes leftover after parsing attributes in process `syz.4.518'.
[  209.582811][ T7463] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.649743][ T7463] ldm_validate_partition_table(): Disk read failed.
[  209.675039][ T7463] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.718963][ T7463] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.751030][ T7463] Buffer I/O error on dev loop9, logical block 0, async page read
[  209.797625][ T7463] Dev loop9: unable to read RDB block 0
[  209.829341][ T7463]  loop9: unable to read partition table
[  209.862750][ T7477] netlink: 4 bytes leftover after parsing attributes in process `syz.0.521'.
[  209.864914][ T7463] loop9: partition table beyond EOD, truncated
[  209.943204][ T7463] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  209.943204][ T7463] 
) failed (rc=-5)
[  210.245755][   T53] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  210.264481][   T53] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  210.274332][   T53] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  210.287882][   T53] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  210.297293][   T53] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  210.936396][ T7504] loop1: detected capacity change from 0 to 4096
[  211.016719][ T7504] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.495251][ T6033] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.791531][ T6033] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.919312][ T7524] netlink: 'syz.4.537': attribute type 1 has an invalid length.
[  212.084955][ T7524] 8021q: adding VLAN 0 to HW filter on device bond1
[  212.125545][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.346523][ T6033] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.391041][ T5143] Bluetooth: hci6: command tx timeout
[  213.035682][ T6033] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.163767][ T7559] loop4: detected capacity change from 0 to 512
[  213.212726][ T7559] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  213.301452][ T7559] EXT4-fs (loop4): 1 truncate cleaned up
[  213.359024][ T7559] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.550476][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.698140][ T6033] bridge_slave_1: left allmulticast mode
[  213.981622][ T6033] bridge_slave_1: left promiscuous mode
[  213.989293][ T6033] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.038089][ T6033] bridge_slave_0: left allmulticast mode
[  214.044381][ T6033] bridge_slave_0: left promiscuous mode
[  214.055033][ T6033] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.459698][ T5143] Bluetooth: hci6: command tx timeout
[  216.540194][ T5143] Bluetooth: hci6: command tx timeout
[  216.822227][   T30] audit: type=1326 audit(1761510334.237:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7606 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  216.880983][   T30] audit: type=1326 audit(1761510334.267:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7606 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  216.954668][   T30] audit: type=1326 audit(1761510334.267:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7606 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  217.020726][   T30] audit: type=1326 audit(1761510334.267:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7606 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  217.097431][   T30] audit: type=1326 audit(1761510334.267:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7606 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  217.149608][   T30] audit: type=1326 audit(1761510334.267:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7606 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  217.203140][   T30] audit: type=1326 audit(1761510334.267:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7606 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  217.257537][   T30] audit: type=1326 audit(1761510334.267:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7606 comm="syz.4.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  217.612471][ T6033] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  217.692799][ T6033] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  217.725432][ T6033] bond0 (unregistering): Released all slaves
[  217.792524][ T7593] netlink: 28 bytes leftover after parsing attributes in process `syz.3.560'.
[  217.816078][ T7486] chnl_net:caif_netlink_parms(): no params data found
[  218.672497][ T5143] Bluetooth: hci6: command tx timeout
[  218.713813][ T7644] netlink: 'syz.4.574': attribute type 1 has an invalid length.
[  218.721698][ T7644] netlink: 244 bytes leftover after parsing attributes in process `syz.4.574'.
[  220.007979][ T7486] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.065959][ T7486] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.103185][ T7486] bridge_slave_0: entered allmulticast mode
[  220.150474][ T7486] bridge_slave_0: entered promiscuous mode
[  220.190555][ T7486] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.197766][ T7486] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.250019][ T7486] bridge_slave_1: entered allmulticast mode
[  220.274079][ T7486] bridge_slave_1: entered promiscuous mode
[  220.561504][ T7667] loop0: detected capacity change from 0 to 256
[  220.618057][   T30] audit: type=1800 audit(1761510338.017:79): pid=7667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.584" name="file2" dev="loop0" ino=1048618 res=0 errno=0
[  221.481022][ T6033] hsr_slave_0: left promiscuous mode
[  221.506863][ T6033] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  221.539833][ T6033] batman_adv: batadv0: Removing interface: batadv_slave_0
[  221.725871][ T6033] veth1_macvtap: left promiscuous mode
[  221.769952][ T6033] veth0_macvtap: left promiscuous mode
[  221.879453][ T6033] veth1_vlan: left promiscuous mode
[  221.911393][ T6033] veth0_vlan: left promiscuous mode
[  222.917443][   T30] audit: type=1326 audit(1761510340.327:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7689 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  222.986005][   T30] audit: type=1326 audit(1761510340.367:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7689 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  223.039081][   T30] audit: type=1326 audit(1761510340.367:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7689 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  223.079116][   T30] audit: type=1326 audit(1761510340.367:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7689 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=196 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  223.110157][   T30] audit: type=1326 audit(1761510340.367:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7689 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa278efc9 code=0x7ffc0000
[  223.233524][ T7701] IPv6: NLM_F_CREATE should be specified when creating new route
[  223.314605][ T7703] loop1: detected capacity change from 0 to 1024
[  223.335387][ T7703] EXT4-fs: Ignoring removed orlov option
[  223.354027][ T7703] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.405947][   T30] audit: type=1800 audit(1761510340.817:85): pid=7703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.598" name="bus" dev="loop1" ino=18 res=0 errno=0
[  223.455788][   T30] audit: type=1804 audit(1761510340.847:86): pid=7703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.598" name="/newroot/98/bus/bus" dev="loop1" ino=18 res=1 errno=0
[  223.523291][ T7711] loop3: detected capacity change from 0 to 512
[  223.557611][ T7711] EXT4-fs warning (device loop3): ext4_xattr_inode_get:544: inode #11: comm syz.3.600: ea_inode file size=0 entry size=6
[  223.571816][ T7711] ------------[ cut here ]------------
[  223.577801][ T7711] EA inode 11 i_nlink=2
[  223.579899][ T7711] WARNING: CPU: 0 PID: 7711 at fs/ext4/xattr.c:1056 ext4_xattr_inode_update_ref+0x4ec/0x610
[  223.594646][ T7711] Modules linked in:
[  223.600884][ T7711] CPU: 0 UID: 0 PID: 7711 Comm: syz.3.600 Not tainted syzkaller #0 PREEMPT(full) 
[  223.612369][ T7711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  223.622656][ T7711] RIP: 0010:ext4_xattr_inode_update_ref+0x4ec/0x610
[  223.629677][ T7711] Code: df 48 8d 7b 40 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 23 01 00 00 48 8b 73 40 44 89 e2 48 c7 c7 80 5d a8 8b e8 75 f0 ec fe 90 <0f> 0b 90 90 e9 d9 fe ff ff e8 16 bd 2e ff 44 0f b6 2d b5 75 dc 0d
[  223.649441][ T7711] RSP: 0018:ffffc9000b37f410 EFLAGS: 00010286
[  223.655601][ T7711] RAX: 0000000000000000 RBX: ffff888012796238 RCX: ffffc9000bbdb000
[  223.663731][ T7711] RDX: 0000000000080000 RSI: ffffffff817b2ef5 RDI: 0000000000000001
[  223.671775][ T7711] RBP: ffffc9000b37f4d8 R08: 0000000000000001 R09: 0000000000000000
[  223.680266][ T7711] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000002
[  223.688443][ T7711] R13: 0000000000000000 R14: 1ffff9200166fe85 R15: ffff888012796428
[  223.696559][ T7711] FS:  00007fe2fd3ee6c0(0000) GS:ffff888124a0a000(0000) knlGS:0000000000000000
[  223.707598][ T7711] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  223.716057][ T7711] CR2: ffffffffdfa50000 CR3: 000000003549b000 CR4: 0000000000350ef0
[  223.724171][ T7711] Call Trace:
[  223.727525][ T7711]  <TASK>
[  223.730616][ T7711]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[  223.737249][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.742994][ T7711]  ? __ext4_journal_ensure_credits+0x25e/0x2f0
[  223.749270][ T7711]  ext4_xattr_inode_dec_ref_all+0x52a/0xed0
[  223.755303][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.761120][ T7711]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[  223.767623][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  223.773353][ T7711]  ? errseq_check+0x4f/0x90
[  223.778015][ T7711]  ext4_xattr_delete_inode+0x4ee/0xb80
[  223.783688][ T7711]  ? rcu_is_watching+0x12/0xc0
[  223.788546][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.794565][ T7711]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[  223.802489][ T7711]  ? ext4_journal_check_start+0x22b/0x340
[  223.811287][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.816998][ T7711]  ? __ext4_journal_start_sb+0x19e/0x690
[  223.823311][ T7711]  ? ext4_evict_inode+0x5cf/0x18e0
[  223.828582][ T7711]  ext4_evict_inode+0x7d6/0x18e0
[  223.833641][ T7711]  ? __pfx_ext4_evict_inode+0x10/0x10
[  223.839088][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.844847][ T7711]  ? __pfx_ext4_evict_inode+0x10/0x10
[  223.850324][ T7711]  evict+0x3e6/0x920
[  223.854366][ T7711]  ? __pfx_evict+0x10/0x10
[  223.858903][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.864646][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.870385][ T7711]  iput.part.0+0x6a9/0xb00
[  223.874845][ T7711]  ? __pfx_ext4_drop_inode+0x10/0x10
[  223.880258][ T7711]  iput+0x35/0x40
[  223.884027][ T7711]  ext4_orphan_cleanup+0x731/0x11e0
[  223.889388][ T7711]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  223.895152][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.900896][ T7711]  ? ext4_register_li_request+0xec/0x9b0
[  223.908435][ T7711]  ext4_fill_super+0x8db7/0xaf70
[  223.915564][ T7711]  ? __pfx_ext4_fill_super+0x10/0x10
[  223.921433][ T7711]  ? do_raw_spin_lock+0x12c/0x2b0
[  223.926508][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.932219][ T7711]  ? find_held_lock+0x2b/0x80
[  223.937038][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.942790][ T7711]  ? sb_set_blocksize+0x176/0x1d0
[  223.947966][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.953680][ T7711]  ? setup_bdev_super+0x369/0x730
[  223.958940][ T7711]  get_tree_bdev_flags+0x38c/0x620
[  223.964182][ T7711]  ? __pfx_ext4_fill_super+0x10/0x10
[  223.969575][ T7711]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  223.975267][ T7711]  ? apparmor_capable+0x114/0x1d0
[  223.980808][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.986494][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  223.992249][ T7711]  ? security_capable+0x7e/0x260
[  223.997274][ T7711]  vfs_get_tree+0x8e/0x340
[  223.997948][ T7715] loop2: detected capacity change from 0 to 512
[  224.001832][ T7711]  path_mount+0x7b9/0x23a0
[  224.014209][ T7711]  ? __pfx_path_mount+0x10/0x10
[  224.019104][ T7711]  ? putname+0x154/0x1a0
[  224.025107][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.030849][ T7711]  ? putname+0x154/0x1a0
[  224.035141][ T7711]  ? __x64_sys_mount+0x293/0x310
[  224.040584][ T7711]  __x64_sys_mount+0x293/0x310
[  224.045394][ T7711]  ? __pfx___x64_sys_mount+0x10/0x10
[  224.050771][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.056456][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.062329][ T7711]  ? rcu_is_watching+0x12/0xc0
[  224.068161][ T7711]  do_syscall_64+0xcd/0xfa0
[  224.072784][ T7711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.078730][ T7711] RIP: 0033:0x7fe2ff19076a
[  224.085077][ T7711] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.104921][ T7711] RSP: 002b:00007fe2fd3ede68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  224.115236][ T7711] RAX: ffffffffffffffda RBX: 00007fe2fd3edef0 RCX: 00007fe2ff19076a
[  224.124867][ T7711] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fe2fd3edeb0
[  224.133332][ T7711] RBP: 0000200000000180 R08: 00007fe2fd3edef0 R09: 0000000000800700
[  224.141666][ T7711] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  224.149726][ T7711] R13: 00007fe2fd3edeb0 R14: 0000000000000473 R15: 0000200000000680
[  224.157760][ T7711]  </TASK>
[  224.160877][ T7711] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  224.168180][ T7711] CPU: 0 UID: 0 PID: 7711 Comm: syz.3.600 Not tainted syzkaller #0 PREEMPT(full) 
[  224.177413][ T7711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  224.187500][ T7711] Call Trace:
[  224.190800][ T7711]  <TASK>
[  224.193739][ T7711]  dump_stack_lvl+0x3d/0x1f0
[  224.198355][ T7711]  vpanic+0x640/0x6f0
[  224.202377][ T7711]  ? ext4_xattr_inode_update_ref+0x4ec/0x610
[  224.208405][ T7711]  panic+0xca/0xd0
[  224.212170][ T7711]  ? __pfx_panic+0x10/0x10
[  224.216653][ T7711]  check_panic_on_warn+0xab/0xb0
[  224.221636][ T7711]  __warn+0xf6/0x3c0
[  224.225720][ T7711]  ? preempt_schedule_notrace+0x62/0xe0
[  224.231296][ T7711]  ? ext4_xattr_inode_update_ref+0x4ec/0x610
[  224.237320][ T7711]  report_bug+0x3c3/0x580
[  224.241664][ T7711]  ? ext4_xattr_inode_update_ref+0x4ec/0x610
[  224.247683][ T7711]  handle_bug+0x184/0x210
[  224.252037][ T7711]  exc_invalid_op+0x17/0x50
[  224.256569][ T7711]  asm_exc_invalid_op+0x1a/0x20
[  224.261432][ T7711] RIP: 0010:ext4_xattr_inode_update_ref+0x4ec/0x610
[  224.268071][ T7711] Code: df 48 8d 7b 40 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 23 01 00 00 48 8b 73 40 44 89 e2 48 c7 c7 80 5d a8 8b e8 75 f0 ec fe 90 <0f> 0b 90 90 e9 d9 fe ff ff e8 16 bd 2e ff 44 0f b6 2d b5 75 dc 0d
[  224.287793][ T7711] RSP: 0018:ffffc9000b37f410 EFLAGS: 00010286
[  224.293900][ T7711] RAX: 0000000000000000 RBX: ffff888012796238 RCX: ffffc9000bbdb000
[  224.301907][ T7711] RDX: 0000000000080000 RSI: ffffffff817b2ef5 RDI: 0000000000000001
[  224.309899][ T7711] RBP: ffffc9000b37f4d8 R08: 0000000000000001 R09: 0000000000000000
[  224.317934][ T7711] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000002
[  224.325927][ T7711] R13: 0000000000000000 R14: 1ffff9200166fe85 R15: ffff888012796428
[  224.333973][ T7711]  ? __warn_printk+0x1a5/0x350
[  224.338890][ T7711]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[  224.345410][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.351105][ T7711]  ? __ext4_journal_ensure_credits+0x25e/0x2f0
[  224.357309][ T7711]  ext4_xattr_inode_dec_ref_all+0x52a/0xed0
[  224.363312][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.369058][ T7711]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[  224.375552][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.381223][ T7711]  ? errseq_check+0x4f/0x90
[  224.385777][ T7711]  ext4_xattr_delete_inode+0x4ee/0xb80
[  224.391263][ T7711]  ? rcu_is_watching+0x12/0xc0
[  224.396056][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.401716][ T7711]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[  224.407823][ T7711]  ? ext4_journal_check_start+0x22b/0x340
[  224.413569][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.419238][ T7711]  ? __ext4_journal_start_sb+0x19e/0x690
[  224.424999][ T7711]  ? ext4_evict_inode+0x5cf/0x18e0
[  224.430157][ T7711]  ext4_evict_inode+0x7d6/0x18e0
[  224.435132][ T7711]  ? __pfx_ext4_evict_inode+0x10/0x10
[  224.440533][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.446205][ T7711]  ? __pfx_ext4_evict_inode+0x10/0x10
[  224.451626][ T7711]  evict+0x3e6/0x920
[  224.455575][ T7711]  ? __pfx_evict+0x10/0x10
[  224.460186][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.465870][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.471591][ T7711]  iput.part.0+0x6a9/0xb00
[  224.476034][ T7711]  ? __pfx_ext4_drop_inode+0x10/0x10
[  224.481345][ T7711]  iput+0x35/0x40
[  224.484995][ T7711]  ext4_orphan_cleanup+0x731/0x11e0
[  224.490372][ T7711]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  224.496040][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.501694][ T7711]  ? ext4_register_li_request+0xec/0x9b0
[  224.507371][ T7711]  ext4_fill_super+0x8db7/0xaf70
[  224.512389][ T7711]  ? __pfx_ext4_fill_super+0x10/0x10
[  224.517701][ T7711]  ? do_raw_spin_lock+0x12c/0x2b0
[  224.522751][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.528413][ T7711]  ? find_held_lock+0x2b/0x80
[  224.533135][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.538817][ T7711]  ? sb_set_blocksize+0x176/0x1d0
[  224.543904][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.549571][ T7711]  ? setup_bdev_super+0x369/0x730
[  224.554639][ T7711]  get_tree_bdev_flags+0x38c/0x620
[  224.559787][ T7711]  ? __pfx_ext4_fill_super+0x10/0x10
[  224.565108][ T7711]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  224.571125][ T7711]  ? apparmor_capable+0x114/0x1d0
[  224.576185][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.581838][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.587489][ T7711]  ? security_capable+0x7e/0x260
[  224.592454][ T7711]  vfs_get_tree+0x8e/0x340
[  224.596896][ T7711]  path_mount+0x7b9/0x23a0
[  224.601332][ T7711]  ? __pfx_path_mount+0x10/0x10
[  224.606312][ T7711]  ? putname+0x154/0x1a0
[  224.610598][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.616257][ T7711]  ? putname+0x154/0x1a0
[  224.620538][ T7711]  ? __x64_sys_mount+0x293/0x310
[  224.625491][ T7711]  __x64_sys_mount+0x293/0x310
[  224.630273][ T7711]  ? __pfx___x64_sys_mount+0x10/0x10
[  224.635573][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.641234][ T7711]  ? srso_alias_return_thunk+0x5/0xfbef5
[  224.646890][ T7711]  ? rcu_is_watching+0x12/0xc0
[  224.651736][ T7711]  do_syscall_64+0xcd/0xfa0
[  224.656292][ T7711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.662391][ T7711] RIP: 0033:0x7fe2ff19076a
[  224.666828][ T7711] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.686561][ T7711] RSP: 002b:00007fe2fd3ede68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  224.695091][ T7711] RAX: ffffffffffffffda RBX: 00007fe2fd3edef0 RCX: 00007fe2ff19076a
[  224.703076][ T7711] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fe2fd3edeb0
[  224.711058][ T7711] RBP: 0000200000000180 R08: 00007fe2fd3edef0 R09: 0000000000800700
[  224.719244][ T7711] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  224.727247][ T7711] R13: 00007fe2fd3edeb0 R14: 0000000000000473 R15: 0000200000000680
[  224.735267][ T7711]  </TASK>
[  224.738665][ T7711] Kernel Offset: disabled
[  224.743014][ T7711] Rebooting in 86400 seconds..