last executing test programs:

1m39.731710155s ago: executing program 1 (id=2):
clock_nanosleep(0x2, 0x0, &(0x7f0000000300)={0x0, 0x989680}, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="020a00000a0000000000"], 0x50}}, 0x4000000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000001800)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fBy\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\fU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sa\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\v\xfbO\xf3\xff\x1bf\xedC\xbd\xd1\xf1#\xb3\xe5\t\x9a\xddk\x95\xd5N\xf3\x98\x1a\xa3\xca%N\xf8\xc6\xbcJw\xd8\x99f\xf1\xb5\x93^x|\x05\x00\x00\x00o*\xd3\xab\x05$<\xa3KQm\x00\xd3M\xb2\xd0,\xeeP\x1a\xd0 yI!\x17\x9b\xe7\xef\t\xba\xa0]\xf4\xb7\x00_g/\r\xd2\x06\xc5\x15\x1d\xcc\x0eB\x87\xe9 \x81P\"\xea\xd5#\xa4\xe5\xa1\x19Wp\x83\xf8tC\x10\xbe\xe3\xa9H\xc7\x89\x0eN\xd3\xc1\xd7\x99\xd8\x88\x1dZ\x91\r\xd1\x1c\xac\xe26b\x04\xecB[\xf3Lp\xfcQ\xf8\xec\xa0\x87\xd3\xde\x8bo\xd2\xbb~;\x8d\xc2\xf1\tP\xdfB\"VD\v\x90\xfb`\x8b\xfbr\x87B\xc3\x1c\x99\xe1ft\xd1\xdb\x0e\x86\xa3\xfc;y\x9d\xe6\xe25\x9f9\nj\x8a\xba\xb5\xc7\x92`\xed\x89\xf4\xbd\xc3\xe7l\xa9\xda\xde\xe0\xcf\xeaM\xb2~\x159\x92\xf60\x0e\xa0\xc2\x17\x8aC\xa5\xcf\xcd\x16\xdb\x83v\xe8\xf1\x82\xe2\xa5\xf0\xc7K\xe4?|\xc9\xdfx\xf0\xb1', &(0x7f0000001600)='\xb8\x8b\xadTd\xdcJ\x03\xf7\n\x11x\xf5\x93Q#\xfe\xb4\xeb\xd9/\x90\xad\xc5\xd0\a\xef\x06$*\xf0\v7>\xa8`\xf1)\xec\xba\xb7\x85\a\x92I\xbb\xfe2\xa0\xc1\xb3\x13p\xa2l', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='kfree\x00', &(0x7f0000000180)='\xfa.-\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000a00)='t`\x16{\xf9\x8eE5\xf7\xbbE\xc94I\xb4\xbap\xc7\x13\x0f\xa8\x8c.\xc8\xe5\xbc\xbeQ#\v$z\x7f:\xe5J\xad\xf1\xdc\x8dE\x90\xf8\x01\x1f\xdd\xa6!\xf0\x1a\x9b\'\x8a\x83Y\x8d\x01\xf8\xda$\x93\xbb|\x00', &(0x7f0000000bc0)='U&~=\xd8G\x93\x14\xc9o\xaf\x8b\xd4-\xc5\x12\x8d\xc8\xf1\'\xcf\x92V\xceK\xa1\x8b\xc3\x9e\xd6H\xad1`\xaf\x06\x00xOq\xb6H\x11\x0fE\x87JeY\xc6\xe7\xd1\xd3\xb6\xc7\xd0\xcd\x96\x9f\x99\x1ej\xb3\f\xfa\xb2\xd7\x88n\xbf\x976\xdb\xf1w\x0eS\xb2\xc4\x00\x00\x00\x00\x00\x00\v\x11\xf0\x8b\xd3\x17\xa2\x16\xc8\x93\xe4m\xd0\xa0cK\xf4)\x04\xec\xfd\x04\xa59Q\xd9?7\xbd\v\xfen\xef\xae\x1e\x98\x98\x10|pb\x94\xf2\xc2\xde\xdc\xdb_\x9dn\xc36\xb0\x1b38Rv\xabK\x1f\xacn\xe4`\x18\x02\x9e\xdf\x19\xa4Jx\r\x9a\xfd\x01~W', 0x0)
close(r2)

1m39.147245491s ago: executing program 1 (id=12):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000120000"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
ioperm(0x800007465297c, 0x40, 0x1ff)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000040)}, 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
semget$private(0x0, 0x0, 0x2c0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r1, @ANYBLOB="080003"], 0x44}}, 0x0)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)

1m38.567866916s ago: executing program 1 (id=14):
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x2081c80, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000008080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x160)

1m37.995055054s ago: executing program 1 (id=16):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000180)={0x28, 0x0, 0x0, @local}, 0x10)
connect$vsock_stream(r2, &(0x7f0000000400)={0x28, 0x0, 0x2710, @host}, 0x10)

1m34.473741793s ago: executing program 1 (id=31):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x3000002, 0x6031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000d8d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000a49000/0x1000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
io_submit(0x0, 0x0, &(0x7f0000000340))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
munlockall()

1m33.783523992s ago: executing program 32 (id=31):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x3000002, 0x6031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000d8d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000a49000/0x1000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
io_submit(0x0, 0x0, &(0x7f0000000340))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
munlockall()

12.286108364s ago: executing program 5 (id=601):
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @random="6487a2bed3d6", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x14, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='percpu_free_percpu\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="000000008d020600300012800b000100697036746e6c000020000280050009"], 0x58}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = socket$rds(0x15, 0x5, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000080)=ANY=[@ANYBLOB="12015002000000706b1d010140000102030109025f0003010110040904000000010100000a240128b30802010229040100000102000009040101010102000009050109400001c266072501000d7f0009040200000102000009040201010102000009058209ff0300080507250100"], 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="140000000000000029000000"], 0xb0}, 0x40804)
ptrace(0x10, 0x0)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r4}, 0x18)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x400000, 0x0)
bind$802154_dgram(r5, 0x0, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x128, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'dummy0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'veth0_to_batadv\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'team0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_to_team\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x128}, 0x1, 0x0, 0x0, 0x4}, 0x4048010)

7.764029004s ago: executing program 0 (id=638):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r0, 0x2285, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e447511703d", 0x31}], 0x2)

7.626814526s ago: executing program 5 (id=639):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000005c0)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0xb, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
close_range(r2, 0xffffffffffffffff, 0x0)

7.512181802s ago: executing program 0 (id=641):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x38, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

7.324645643s ago: executing program 5 (id=643):
syz_emit_ethernet(0x7e, &(0x7f0000000580)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0xfffd, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x800, @private, @local, {[@cipso={0x86, 0x21, 0x0, [{0x1, 0xb, "5e000000ff00000000"}, {0x0, 0x2}, {0x0, 0xe, "9606053d0006ff00800000b6"}]}, @timestamp_addr={0x44, 0x1c, 0xb0, 0x1, 0xa, [{@loopback, 0x2}, {@multicast1, 0xa6de}, {@loopback, 0xffff}]}]}}}}}}}, 0x0)

7.1720294s ago: executing program 0 (id=645):
r0 = socket$inet6(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f00000007c0)={'syztnl1\x00', 0x0, 0x29, 0x1, 0x3, 0x3ff, 0x4e, @mcast1, @loopback, 0x8750, 0x1, 0x2, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})

6.982822624s ago: executing program 5 (id=646):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd", 0x16}, {&(0x7f0000000440)="9c74dfbf77572856c809ff86bb648daf351a32ad", 0x14}], 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
writev(0xffffffffffffffff, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x17, 0x8000, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x8c000003, 0x0, {[0x3]}}, 0x0, 0x8, &(0x7f0000000440))
r2 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r2, 0x0, 0x400000000000000, 0xb)

5.553058463s ago: executing program 2 (id=652):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a0000000000001000"/196], 0x119)
r1 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x4})
write$UHID_DESTROY(r0, &(0x7f0000000100), 0x4)

5.234381285s ago: executing program 2 (id=654):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000240)='./file0/bus\x00', 0x10000882)
lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0)

5.030447546s ago: executing program 2 (id=657):
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000003c0)={'bridge0\x00'})
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904008100000000030000000000000800040006020000", 0x24)

3.305775842s ago: executing program 4 (id=663):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x200, 0x1, 0x9}, 0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x2}, 0x8)
sendto$inet(r0, &(0x7f00000000c0)="3af1", 0x2, 0x4000815, &(0x7f0000000100)={0x2, 0x4e22, @local}, 0x10)

2.271333402s ago: executing program 4 (id=668):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@enum64={0x3, 0x0, 0x0, 0x13, 0x0, 0x8}]}, {0x0, [0x0, 0x61, 0x61]}}, 0x0, 0x29, 0x0, 0x9, 0x2, 0x0, @void, @value}, 0x28)

2.270757555s ago: executing program 3 (id=669):
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x2eb4, 0x2000007ff)

2.146998122s ago: executing program 4 (id=670):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x12, 0xc, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
io_submit(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, 0xffffffffffffffff, 0x0}])
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20)

2.015681734s ago: executing program 3 (id=671):
setrlimit(0x40000000000008, &(0x7f0000000000))
capset(0x0, &(0x7f0000000100)={0x0, 0x4, 0x6, 0x0, 0x80010, 0xfffffffd})
r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil)
shmctl$SHM_LOCK(r0, 0xb)

1.989471017s ago: executing program 4 (id=672):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x30004081)
recvmsg(r0, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000a80)=""/20, 0x14}], 0x1}, 0x0)

1.895620567s ago: executing program 3 (id=673):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r1})

1.770944257s ago: executing program 5 (id=674):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
clock_nanosleep(0x2, 0x0, 0x0, 0x0)

1.721133803s ago: executing program 0 (id=675):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a0000000000001000"/196], 0x119)
r1 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x4})
write$UHID_DESTROY(r0, &(0x7f0000000100), 0x4)

1.716624614s ago: executing program 2 (id=676):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0x5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)

1.712785866s ago: executing program 3 (id=677):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000202020005000300000000000900010073797a3100000000050004"], 0x30}, 0x1, 0x40030000000000}, 0x0)

1.438948051s ago: executing program 5 (id=678):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000300)={[{@grpquota}, {@nodelalloc}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000280)='./bus\x00', 0x14927e, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r0, &(0x7f0000004200)='t', 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x100000001}, 0x18)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x3fec00}], 0x2, 0x1400, 0x0, 0x3)

1.395811001s ago: executing program 3 (id=679):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000240)='./file0/bus\x00', 0x10000882)
lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0)

1.391547391s ago: executing program 0 (id=680):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=@framed={{}, [@ringbuf_query]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x8000, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCGPGRP(r1, 0x5437, 0x0)

1.269706534s ago: executing program 2 (id=681):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
pipe(&(0x7f0000002480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800054004000000", 0x58}], 0x1)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x2, 0x7, 0x3, 0x10001}]}, 0x10)
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x7, 0x4)
chroot(&(0x7f0000000100)='./file0\x00')
write$P9_RWRITE(r1, &(0x7f0000000040)={0xb, 0x77, 0x1, 0x7}, 0xb)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, 0x0, 0x0)
close(r0)
read(r0, &(0x7f0000032440)=""/102364, 0x18fdc)
socket$inet_tcp(0x2, 0x1, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

968.229112ms ago: executing program 0 (id=682):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x0, &(0x7f0000000080)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@user_xattr}, {@nombcache}, {@quota}, {@nolazytime}]}, 0x3, 0x42f, &(0x7f0000000200)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
open_by_handle_at(r0, &(0x7f0000000100)=ANY=[@ANYRES16=r1], 0xc0)

967.8541ms ago: executing program 4 (id=683):
setrlimit(0x40000000000008, &(0x7f0000000000))
capset(0x0, &(0x7f0000000100)={0x0, 0x4, 0x6, 0x0, 0x80010, 0xfffffffd})
r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil)
shmctl$SHM_LOCK(r0, 0xb)

958.331612ms ago: executing program 3 (id=684):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
munmap(&(0x7f0000ba0000/0x2000)=nil, 0x2000)
openat$tun(0xffffffffffffff9c, 0x0, 0x6100, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000003c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f0000000040)=0x20f, 0x4)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8000002d)
socket(0x10, 0x803, 0x0)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ffa000/0x4000)=nil)
r1 = io_uring_setup(0x2e31, &(0x7f0000000780)={0x0, 0x9864})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r3}, 0x10)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r6 = socket(0xa, 0x1, 0x0)
sendto$inet6(r6, 0x0, 0x0, 0x20008010, &(0x7f0000000380)={0xa, 0x4e23, 0xb, @remote, 0x7}, 0x1c)
recvmmsg(r6, &(0x7f0000005240)=[{{&(0x7f0000000180)=@tipc, 0x80, &(0x7f0000000000)=[{&(0x7f0000000800)=""/4096, 0x1000}], 0x1}, 0xc0000000}, {{&(0x7f00000003c0)=@ieee802154, 0x80, &(0x7f0000000580)=[{&(0x7f0000000080)=""/33, 0x21}, {&(0x7f0000000440)=""/229, 0xe5}, {&(0x7f00000002c0)=""/21, 0x15}, {&(0x7f0000000680)=""/232, 0xe8}], 0x4, &(0x7f00000005c0)=""/59, 0x3b}, 0x7}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/4096, 0x1000}], 0x1, &(0x7f0000002800)=""/183, 0xb7}, 0x1}, {{&(0x7f00000028c0)=@ax25={{0x3, @null}, [@remote, @netrom, @default, @remote, @bcast, @default, @remote, @null]}, 0x80, &(0x7f0000004bc0)=[{&(0x7f0000002940)=""/4096, 0x1000}, {&(0x7f0000003940)=""/2, 0x2}, {&(0x7f0000003980)=""/130, 0x82}, {&(0x7f0000003a40)=""/144, 0x90}, {&(0x7f0000003b00)=""/178, 0xb2}, {&(0x7f0000003bc0)=""/4096, 0x1000}], 0x6, &(0x7f0000004c40)=""/89, 0x59}, 0x8}, {{0x0, 0x0, &(0x7f0000005440)=[{&(0x7f0000004cc0)=""/247, 0xf7}, {&(0x7f0000004dc0)=""/88, 0x58}, {&(0x7f0000004e40)=""/168, 0xa8}, {&(0x7f0000004f00)=""/145, 0x91}, {&(0x7f0000004fc0)}, {&(0x7f0000005500)=""/215, 0xd7}, {&(0x7f0000005100)=""/114, 0x72}, {&(0x7f0000005180)=""/4, 0x4}, {&(0x7f00000053c0)=""/93, 0x5d}], 0x9}}], 0x5, 0x100, &(0x7f0000005380))

58.799121ms ago: executing program 4 (id=685):
unshare(0x2040600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000086f49012f97631fa0000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r2, 0x0, 0x0)

0s ago: executing program 2 (id=686):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = fcntl$dupfd(r2, 0x0, r2)
write$sndseq(r3, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0xfd, @tick=0xfb, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time={0x4a136964}, {}, {}, @time=@time}], 0x38)

kernel console output (not intermixed with test programs):

398][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.423376][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.451863][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.489550][ T5830] team0: Port device team_slave_1 added
[  101.522476][ T5833] team0: Port device team_slave_0 added
[  101.529602][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.536887][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.562968][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.575835][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.582812][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.609127][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.621933][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.629172][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.655831][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.707481][ T5833] team0: Port device team_slave_1 added
[  101.739943][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.847601][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.882180][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.889230][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.916409][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.929130][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.936405][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.962753][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.992970][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.000091][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.026494][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.040272][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.047769][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.074588][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.173257][ T5832] hsr_slave_0: entered promiscuous mode
[  102.181252][ T5832] hsr_slave_1: entered promiscuous mode
[  102.197801][ T5842] hsr_slave_0: entered promiscuous mode
[  102.204534][ T5842] hsr_slave_1: entered promiscuous mode
[  102.212035][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  102.220028][ T5842] Cannot create hsr debugfs directory
[  102.229393][ T5831] team0: Port device team_slave_0 added
[  102.242039][ T5831] team0: Port device team_slave_1 added
[  102.372136][ T5830] hsr_slave_0: entered promiscuous mode
[  102.380645][ T5830] hsr_slave_1: entered promiscuous mode
[  102.387230][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  102.394838][ T5830] Cannot create hsr debugfs directory
[  102.429326][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.436832][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.462902][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.544387][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.551492][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.577797][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.616985][ T5833] hsr_slave_0: entered promiscuous mode
[  102.624768][ T5833] hsr_slave_1: entered promiscuous mode
[  102.631326][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  102.640034][ T5833] Cannot create hsr debugfs directory
[  102.976413][ T5841] Bluetooth: hci0: command tx timeout
[  102.976477][ T5835] Bluetooth: hci4: command tx timeout
[  102.981880][ T5841] Bluetooth: hci1: command tx timeout
[  102.993352][ T5849] Bluetooth: hci2: command tx timeout
[  103.054155][ T5831] hsr_slave_0: entered promiscuous mode
[  103.056178][ T5849] Bluetooth: hci3: command tx timeout
[  103.068225][ T5831] hsr_slave_1: entered promiscuous mode
[  103.074586][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  103.082981][ T5831] Cannot create hsr debugfs directory
[  103.432566][ T5832] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  103.453851][ T5832] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  103.470470][ T5832] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  103.492877][ T5832] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  103.646841][ T5830] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  103.674550][ T5830] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  103.704992][ T5830] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  103.742101][ T5830] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  103.840612][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  103.861820][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  103.892189][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  103.925803][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  104.045499][ T5842] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  104.090891][ T5842] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  104.139951][ T5842] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  104.151978][ T5842] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  104.255010][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  104.292570][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  104.304321][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  104.332963][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  104.367123][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.391693][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.500676][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[  104.527917][ T5832] 8021q: adding VLAN 0 to HW filter on device team0
[  104.565470][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.572845][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.614702][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.622172][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.638648][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.645851][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.701585][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.708886][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.829021][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.860192][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.884506][ T5830] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  104.899509][ T5830] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  105.029909][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[  105.057961][ T5849] Bluetooth: hci4: command tx timeout
[  105.063449][ T5849] Bluetooth: hci0: command tx timeout
[  105.075642][ T5849] Bluetooth: hci2: command tx timeout
[  105.075890][ T5841] Bluetooth: hci1: command tx timeout
[  105.100713][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[  105.134231][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.141533][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.152394][ T5841] Bluetooth: hci3: command tx timeout
[  105.222099][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.229413][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.262093][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.279547][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.286840][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.340062][   T29] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.347386][   T29] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.433682][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.501277][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[  105.563101][ T3940] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.570363][ T3940] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.583427][ T3940] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.590699][ T3940] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.714045][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.993962][ T5832] veth0_vlan: entered promiscuous mode
[  106.054424][ T5832] veth1_vlan: entered promiscuous mode
[  106.224419][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.294241][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.302388][ T5830] veth0_vlan: entered promiscuous mode
[  106.342078][ T5832] veth0_macvtap: entered promiscuous mode
[  106.397785][ T5832] veth1_macvtap: entered promiscuous mode
[  106.430946][ T5830] veth1_vlan: entered promiscuous mode
[  106.516785][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.544382][ T5842] veth0_vlan: entered promiscuous mode
[  106.568446][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.602355][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.631550][ T5842] veth1_vlan: entered promiscuous mode
[  106.644243][ T5833] veth0_vlan: entered promiscuous mode
[  106.667457][ T5832] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.679243][ T5832] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.688661][ T5832] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.697938][ T5832] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.711836][ T5830] veth0_macvtap: entered promiscuous mode
[  106.740473][ T5833] veth1_vlan: entered promiscuous mode
[  106.774853][ T5830] veth1_macvtap: entered promiscuous mode
[  106.898309][ T5833] veth0_macvtap: entered promiscuous mode
[  106.924255][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.937316][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.950997][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.992646][ T5833] veth1_macvtap: entered promiscuous mode
[  107.004358][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.016723][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.028920][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.091785][ T5831] veth0_vlan: entered promiscuous mode
[  107.099828][ T5842] veth0_macvtap: entered promiscuous mode
[  107.117920][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.120722][ T5842] veth1_macvtap: entered promiscuous mode
[  107.132190][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.135914][ T5841] Bluetooth: hci1: command tx timeout
[  107.144959][ T5835] Bluetooth: hci2: command tx timeout
[  107.145081][ T5849] Bluetooth: hci0: command tx timeout
[  107.150448][ T5847] Bluetooth: hci4: command tx timeout
[  107.183436][ T5830] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.193168][ T5830] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.203144][ T5830] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.213908][ T5830] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.218450][ T5849] Bluetooth: hci3: command tx timeout
[  107.237854][ T5831] veth1_vlan: entered promiscuous mode
[  107.254531][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.266002][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.278284][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.288990][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.307154][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.363111][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.374231][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.386324][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.396840][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.406911][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.417926][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.429966][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.450847][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.460689][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.482441][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.493561][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.504006][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.518663][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.530403][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.565142][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.580881][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.590801][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.601286][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.611344][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.623226][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.635122][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.654014][ T5842] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.663629][ T5842] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.673650][ T5842] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.683080][ T5842] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.700835][ T5833] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.715555][ T5833] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.724331][ T5833] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.741224][ T5833] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.807552][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  107.966233][ T3940] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.974772][ T5831] veth0_macvtap: entered promiscuous mode
[  107.981171][ T3940] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.087911][ T5831] veth1_macvtap: entered promiscuous mode
[  108.135145][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.152609][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.170541][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.194831][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.211516][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.225018][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.243486][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.254484][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.282969][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.314675][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.330308][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.347243][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.357902][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.368349][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.378974][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.388932][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.400364][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.412918][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.262925][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.272545][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.318173][ T5919] netlink: 'syz.0.1': attribute type 4 has an invalid length.
[  109.329452][ T5831] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.339626][ T5831] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.349078][ T5831] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.358199][ T5831] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.529416][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.537588][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.585155][ T4039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.625287][ T4039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.733121][ T3940] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.760337][ T3940] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.893466][   T29] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.921977][   T29] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.953157][ T5925] usb usb6: usbfs: process 5925 (syz.4.5) did not claim interface 0 before use
[  110.011531][   T29] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.049916][   T29] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.237057][ T4039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.271769][ T4039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.938141][ T5948] loop4: detected capacity change from 0 to 1024
[  111.504606][ T5957] IPv6: NLM_F_CREATE should be specified when creating new route
[  111.548937][   T30] audit: type=1326 audit(1740470504.128:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5962 comm="syz.1.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00018d169 code=0x7ffc0000
[  111.627259][   T30] audit: type=1326 audit(1740470504.128:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5962 comm="syz.1.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00018d169 code=0x7ffc0000
[  111.653496][ T5890] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  111.764600][   T30] audit: type=1326 audit(1740470504.148:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5962 comm="syz.1.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa00018d169 code=0x7ffc0000
[  111.845749][ T5890] usb 5-1: Using ep0 maxpacket: 8
[  111.863956][ T5890] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  111.887473][   T30] audit: type=1326 audit(1740470504.148:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5962 comm="syz.1.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00018d169 code=0x7ffc0000
[  111.922113][ T5890] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.983642][ T5890] usb 5-1: Product: syz
[  112.025905][ T5890] usb 5-1: Manufacturer: syz
[  112.030581][ T5890] usb 5-1: SerialNumber: syz
[  112.045004][   T30] audit: type=1326 audit(1740470504.148:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5962 comm="syz.1.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fa00018d169 code=0x7ffc0000
[  112.124352][ T5966] 9pnet: Could not find request transport: tcp1

[  112.161830][ T5890] usb 5-1: config 0 descriptor??
[  112.192020][   T30] audit: type=1326 audit(1740470504.148:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5962 comm="syz.1.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00018d169 code=0x7ffc0000
[  112.273148][ T5890] gspca_main: sq930x-2.14.0 probing 2770:930c
[  112.315291][   T30] audit: type=1326 audit(1740470504.148:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5962 comm="syz.1.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7fa00018d169 code=0x7ffc0000
[  112.433859][   T30] audit: type=1326 audit(1740470504.148:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5962 comm="syz.1.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00018d169 code=0x7ffc0000
[  112.463546][   T30] audit: type=1326 audit(1740470504.158:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5962 comm="syz.1.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa00018d169 code=0x7ffc0000
[  112.488102][   T30] audit: type=1326 audit(1740470504.158:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5962 comm="syz.1.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fa00018d169 code=0x7ffc0000
[  113.411802][ T5993] loop0: detected capacity change from 0 to 512
[  113.485047][ T5993] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  113.574066][ T5993] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #17: comm syz.0.19: iget: bad i_size value: -6917529027641081756
[  113.610429][ T5993] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.19: couldn't read orphan inode 17 (err -117)
[  113.622246][ T5943] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  113.622333][ T5943] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  113.622954][ T5849] Bluetooth: hci0: command 0x0c1a tx timeout
[  113.659029][ T5993] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.719833][ T5993] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.19: bg 0: block 65: padding at end of block bitmap is not set
[  113.735816][ T5890] gspca_sq930x: reg_w 0105 0f00 failed -110
[  113.746236][ T5993] EXT4-fs error (device loop0): ext4_acquire_dquot:6912: comm syz.0.19: Failed to acquire dquot type 0
[  113.926299][ T5993] syz.0.19 (5993) used greatest stack depth: 18776 bytes left
[  113.964562][ T5890] gspca_sq930x: Sensor ov9630 not yet treated
[  113.975149][ T5890] sq930x 5-1:0.0: probe with driver sq930x failed with error -22
[  114.061483][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.291726][ T6017] loop2: detected capacity change from 0 to 128
[  114.346213][ T5943] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  114.360090][ T5943] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  114.377589][ T6017] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  114.391773][ T6017] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.442092][ T5943] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  114.456596][ T5943] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  114.497275][ T5943] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  114.503257][ T5943] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  114.633253][ T6025] loop0: detected capacity change from 0 to 512
[  114.659556][ T6025] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  114.688754][ T6025] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  114.770959][ T5842] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  114.781445][ T6025] EXT4-fs (loop0): 1 truncate cleaned up
[  114.814943][ T6025] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.263056][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.551962][ T6042] loop2: detected capacity change from 0 to 512
[  115.556455][   T23] usb 5-1: USB disconnect, device number 2
[  115.606230][ T6043] netlink: 64 bytes leftover after parsing attributes in process `syz.0.27'.
[  115.694330][ T6043] pim6reg: entered allmulticast mode
[  115.709135][ T6042] EXT4-fs: Ignoring removed i_version option
[  115.722498][ T6046] netlink: 8 bytes leftover after parsing attributes in process `syz.4.30'.
[  115.749759][ T6042] EXT4-fs: Ignoring removed mblk_io_submit option
[  115.754419][ T6048] pim6reg: left allmulticast mode
[  115.789241][ T6042] ext4: Unknown parameter 'seclabel'
[  116.039072][ T6046] IPVS: Error joining to the multicast group
[  116.224063][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.402743][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.721577][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.020410][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.084735][ T6075] netlink: 20 bytes leftover after parsing attributes in process `syz.3.39'.
[  117.091671][ T6077] loop0: detected capacity change from 0 to 2048
[  117.235509][ T6077] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.328348][   T30] kauditd_printk_skb: 26 callbacks suppressed
[  117.328367][   T30] audit: type=1326 audit(1740470509.918:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  117.474843][   T30] audit: type=1326 audit(1740470509.918:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  117.581460][   T30] audit: type=1326 audit(1740470509.918:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  117.678028][   T30] audit: type=1326 audit(1740470509.918:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  117.733116][   T30] audit: type=1326 audit(1740470509.918:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  117.847132][   T11] bridge_slave_1: left allmulticast mode
[  117.853083][   T11] bridge_slave_1: left promiscuous mode
[  117.870639][   T30] audit: type=1326 audit(1740470509.918:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  117.907706][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.005476][   T30] audit: type=1326 audit(1740470509.918:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  118.124810][   T11] bridge_slave_0: left allmulticast mode
[  118.136287][   T30] audit: type=1326 audit(1740470509.918:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  118.173453][   T11] bridge_slave_0: left promiscuous mode
[  118.179519][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.190098][   T30] audit: type=1326 audit(1740470509.928:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  118.213721][   T30] audit: type=1326 audit(1740470509.928:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6085 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  118.235793][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.277614][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  118.309117][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  118.325773][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  118.362133][ T6106] netlink: 24 bytes leftover after parsing attributes in process `syz.3.45'.
[  118.382416][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  118.391185][ T5841] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  118.399454][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  118.433376][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  118.488130][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  118.496332][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  118.507420][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  118.517598][ T5849] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  118.525139][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  118.784704][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  118.803834][ T6112] loop0: detected capacity change from 0 to 2048
[  118.811522][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  118.840781][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  118.882066][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  118.920432][ T6123] loop4: detected capacity change from 0 to 512
[  118.931346][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  118.953789][ T6112] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0002]
[  118.957176][ T6123] EXT4-fs: Ignoring removed i_version option
[  118.972135][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.017248][ T6123] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  119.034381][ T6112] System zones: 0-4
[  119.044424][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.075303][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.082782][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.091457][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.099367][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.107416][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.108007][ T6112] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.114927][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.139856][ T6123] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  119.152751][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.169006][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.177021][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.192486][ T6112] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  119.194426][ T5879] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  119.203327][ T6123] EXT4-fs (loop4): 1 truncate cleaned up
[  119.270484][ T5879] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  119.270540][ T6123] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.440173][ T6123] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  119.471805][ T6123] EXT4-fs (loop4): Remounting filesystem read-only
[  119.516228][ T6123] EXT4-fs warning (device loop4): ext4_evict_inode:277: xattr delete (err -5)
[  119.684894][ T1138] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 345: padding at end of block bitmap is not set
[  119.711729][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.746465][ T1138] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 305 with error 117
[  119.784766][ T1138] EXT4-fs (loop0): This should not happen!! Data will be lost
[  119.784766][ T1138] 
[  119.845077][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.101256][ T6149] loop2: detected capacity change from 0 to 736
[  120.126331][ T6149] =======================================================
[  120.126331][ T6149] WARNING: The mand mount option has been deprecated and
[  120.126331][ T6149]          and is ignored by this kernel. Remove the mand
[  120.126331][ T6149]          option from the mount to silence this warning.
[  120.126331][ T6149] =======================================================
[  120.188600][ T6150] loop4: detected capacity change from 0 to 1024
[  120.215502][ T6152] netlink: 56 bytes leftover after parsing attributes in process `syz.0.56'.
[  120.262487][ T6150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.286770][ T6150] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.492825][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.513004][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  120.577322][ T5849] Bluetooth: hci3: command tx timeout
[  120.609035][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  120.662074][ T6160] loop4: detected capacity change from 0 to 512
[  120.664100][   T11] bond0 (unregistering): Released all slaves
[  120.705081][ T6160] EXT4-fs: Ignoring removed i_version option
[  120.759462][ T6160] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  120.804977][ T6160] EXT4-fs (loop4): 1 truncate cleaned up
[  120.832755][ T6138] IPv6: Can't replace route, no match found
[  120.861049][ T6160] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.111080][ T6167] loop3: detected capacity change from 0 to 2048
[  121.141507][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.194879][ T6167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.370629][ T6167] EXT4-fs error (device loop3): ext4_find_extent:938: inode #2: comm syz.3.63: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  121.418779][ T6167] EXT4-fs (loop3): Remounting filesystem read-only
[  121.533270][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.563573][ T6178] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.65'.
[  121.834538][ T6187] loop3: detected capacity change from 0 to 512
[  122.046987][ T6187] EXT4-fs (loop3): 1 orphan inode deleted
[  122.068106][ T1088] EXT4-fs error (device loop3): ext4_release_dquot:6935: comm kworker/u8:5: Failed to release dquot type 1
[  122.091358][ T6187] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.157807][ T6187] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.532603][   T30] kauditd_printk_skb: 61 callbacks suppressed
[  122.532622][   T30] audit: type=1326 audit(1740470515.128:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  122.589707][   T30] audit: type=1326 audit(1740470515.158:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  122.622356][   T11] hsr_slave_0: left promiscuous mode
[  122.653252][   T30] audit: type=1326 audit(1740470515.158:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  122.676458][ T5849] Bluetooth: hci3: command tx timeout
[  122.682268][   T30] audit: type=1326 audit(1740470515.168:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  122.705233][   T30] audit: type=1326 audit(1740470515.228:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  122.707056][   T11] hsr_slave_1: left promiscuous mode
[  122.727640][   T30] audit: type=1800 audit(1740470515.228:111): pid=6187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.66" name="file1" dev="loop3" ino=15 res=0 errno=0
[  122.752504][   T30] audit: type=1326 audit(1740470515.228:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  122.850722][ T6187] syz.3.66 (6187) used greatest stack depth: 18616 bytes left
[  122.869366][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.921584][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.990213][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.006551][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  123.058239][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  123.086660][ T1138] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  123.112199][ T1138] EXT4-fs error (device loop3): ext4_release_dquot:6935: comm kworker/u8:6: Failed to release dquot type 1
[  123.171953][   T11] veth1_macvtap: left promiscuous mode
[  123.190734][   T11] veth0_macvtap: left promiscuous mode
[  123.210825][   T11] veth1_vlan: left promiscuous mode
[  123.236185][   T11] veth0_vlan: left promiscuous mode
[  123.653781][ T6226] sg_write: data in/out 215/14 bytes for SCSI command 0x0-- guessing data in;
[  123.653781][ T6226]    program syz.3.78 not setting count and/or reply_len properly
[  123.732404][ T6226] process 'syz.3.78' launched './file0' with NULL argv: empty string added
[  124.023003][ T6231] loop4: detected capacity change from 0 to 512
[  124.030678][ T6231] EXT4-fs: Ignoring removed mblk_io_submit option
[  124.052469][ T6231] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  124.072538][ T6231] EXT4-fs (loop4): orphan cleanup on readonly fs
[  124.085868][ T6231] Quota error (device loop4): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  124.121258][ T6231] EXT4-fs warning (device loop4): ext4_enable_quotas:7130: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  124.138774][ T6231] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  124.162780][ T6231] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.80: bg 0: block 40: padding at end of block bitmap is not set
[  124.197102][ T6231] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  124.219737][ T6231] EXT4-fs (loop4): 1 truncate cleaned up
[  124.241230][ T6231] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  124.334557][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.487794][ T6236] netlink: 'syz.4.81': attribute type 39 has an invalid length.
[  124.673380][   T11] team0 (unregistering): Port device team_slave_1 removed
[  124.722231][   T11] team0 (unregistering): Port device team_slave_0 removed
[  124.758371][ T5849] Bluetooth: hci3: command tx timeout
[  125.671212][ T6243] loop2: detected capacity change from 0 to 512
[  125.690077][ T6104] chnl_net:caif_netlink_parms(): no params data found
[  125.717928][ T6243] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  125.820953][ T6243] EXT4-fs (loop2): 1 truncate cleaned up
[  125.891539][ T6243] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.999803][ T6253] loop4: detected capacity change from 0 to 128
[  126.130488][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.505004][ T6104] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.532146][ T6104] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.580340][ T6104] bridge_slave_0: entered allmulticast mode
[  126.624966][ T6104] bridge_slave_0: entered promiscuous mode
[  126.661007][ T6104] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.689265][ T6104] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.714635][ T6104] bridge_slave_1: entered allmulticast mode
[  126.734172][ T6104] bridge_slave_1: entered promiscuous mode
[  126.819190][ T5849] Bluetooth: hci3: command tx timeout
[  127.062474][ T6104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.127412][ T6104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.385701][ T6104] team0: Port device team_slave_0 added
[  127.501568][ T6104] team0: Port device team_slave_1 added
[  127.687432][ T6104] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.705034][ T6104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.759146][ T6104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  127.810078][ T6104] batman_adv: batadv0: Adding interface: batadv_slave_1
[  127.817343][ T6104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.874540][ T6104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.980451][ T6295] loop2: detected capacity change from 0 to 512
[  128.042068][ T6295] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  128.156668][ T6295] EXT4-fs (loop2): 1 truncate cleaned up
[  128.164936][ T6295] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.267327][ T6104] hsr_slave_0: entered promiscuous mode
[  128.274283][ T6297] loop3: detected capacity change from 0 to 1024
[  128.297699][ T6104] hsr_slave_1: entered promiscuous mode
[  128.334428][ T6297] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  128.349915][ T6104] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  128.377682][ T6104] Cannot create hsr debugfs directory
[  128.407336][ T6297] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  128.408512][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.426648][ T6297] EXT4-fs (loop3): orphan cleanup on readonly fs
[  128.445984][   T30] audit: type=1326 audit(1740470521.028:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6301 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  128.506728][ T6297] EXT4-fs error (device loop3): ext4_free_blocks:6589: comm syz.3.99: Freeing blocks not in datazone - block = 0, count = 4096
[  128.597826][   T30] audit: type=1326 audit(1740470521.028:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6301 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  128.615606][ T6297] EXT4-fs (loop3): 1 orphan inode deleted
[  128.693989][   T30] audit: type=1326 audit(1740470521.038:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6301 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  128.717666][ T6306] loop0: detected capacity change from 0 to 512
[  128.725021][ T6306] EXT4-fs: Ignoring removed i_version option
[  128.758710][ T6297] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  128.792968][   T30] audit: type=1326 audit(1740470521.038:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6301 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  128.877690][ T6306] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.972948][   T30] audit: type=1326 audit(1740470521.038:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6301 comm="syz.4.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  129.018606][ T6306] ext4 filesystem being mounted at /24/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.066568][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.283414][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.442855][ T6324] loop3: detected capacity change from 0 to 128
[  129.496632][   T30] audit: type=1800 audit(1740470522.078:118): pid=6324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.104" name="bus" dev="loop3" ino=5 res=0 errno=0
[  129.567794][ T6328] 9pnet_virtio: no channels available for device 127.0.0.1
[  129.902474][ T6337] loop0: detected capacity change from 0 to 512
[  129.959416][ T6337] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  129.985777][ T6337] EXT4-fs (loop0): 1 truncate cleaned up
[  130.052897][ T6341] loop4: detected capacity change from 0 to 1764
[  130.055412][ T6337] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.374675][ T6104] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  130.676764][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.687274][ T6104] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  130.808344][ T6104] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  130.930118][ T6104] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  130.962478][ T6355] loop4: detected capacity change from 0 to 128
[  131.424448][ T6104] 8021q: adding VLAN 0 to HW filter on device bond0
[  131.439331][ T6359] loop0: detected capacity change from 0 to 8192
[  131.475616][ T6359] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  131.524770][ T6104] 8021q: adding VLAN 0 to HW filter on device team0
[  131.598985][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.606310][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.668261][ T1088] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.675542][ T1088] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.012266][ T6377] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  132.287386][ T6385] netem: change failed
[  132.380091][ T6384] loop3: detected capacity change from 0 to 512
[  132.428210][ T6387] syz.0.125: attempt to access beyond end of device
[  132.428210][ T6387] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  132.430239][ T6384] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  132.482533][ T6390] netlink: 'syz.2.126': attribute type 3 has an invalid length.
[  132.508167][ T6390] netlink: 'syz.2.126': attribute type 3 has an invalid length.
[  132.552760][ T6390] netlink: 16 bytes leftover after parsing attributes in process `syz.2.126'.
[  132.584648][ T6384] EXT4-fs (loop3): 1 truncate cleaned up
[  132.640746][ T6384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.021914][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.193204][ T6104] 8021q: adding VLAN 0 to HW filter on device batadv0
[  133.687935][ T6417] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  134.559688][ T6104] veth0_vlan: entered promiscuous mode
[  134.639417][ T6104] veth1_vlan: entered promiscuous mode
[  134.696588][ T6450] loop2: detected capacity change from 0 to 512
[  134.763311][ T6450] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  134.774516][ T6453] capability: warning: `syz.0.141' uses 32-bit capabilities (legacy support in use)
[  134.811406][ T6445] loop3: detected capacity change from 0 to 8192
[  134.846375][ T6104] veth0_macvtap: entered promiscuous mode
[  134.858200][ T6450] EXT4-fs (loop2): 1 truncate cleaned up
[  134.886359][ T6450] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.889075][ T6104] veth1_macvtap: entered promiscuous mode
[  134.958292][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.968964][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.981618][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.993086][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.003191][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.014846][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.035108][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.075234][   T30] audit: type=1804 audit(1740470527.658:119): pid=6439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.138" name="/newroot/29/bus/bus" dev="loop3" ino=7 res=1 errno=0
[  135.112173][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.146745][ T6104] batman_adv: batadv0: Interface activated: batadv_slave_0
[  135.164304][   T30] audit: type=1804 audit(1740470527.668:120): pid=6439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.138" name="/newroot/29/bus/bus" dev="loop3" ino=7 res=1 errno=0
[  135.183068][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.191156][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.212391][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.222770][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.234386][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.244820][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.258331][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.275389][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.286431][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.367521][ T6104] batman_adv: batadv0: Interface activated: batadv_slave_1
[  135.432055][ T6104] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  135.497012][ T6104] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  135.549004][   T30] audit: type=1326 audit(1740470528.138:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  135.549056][ T6104] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  135.649864][   T30] audit: type=1326 audit(1740470528.148:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  135.675688][   T30] audit: type=1326 audit(1740470528.168:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  135.723974][   T30] audit: type=1326 audit(1740470528.168:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  135.748002][ T6104] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  135.794168][   T30] audit: type=1326 audit(1740470528.168:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  135.892563][   T30] audit: type=1326 audit(1740470528.208:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  135.997113][   T30] audit: type=1326 audit(1740470528.208:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  136.082916][   T30] audit: type=1326 audit(1740470528.208:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.2.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  136.398461][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.461440][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.630976][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  136.661673][ T6481] loop2: detected capacity change from 0 to 1024
[  136.683550][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.699291][ T6481] EXT4-fs: Ignoring removed orlov option
[  136.733128][ T6481] EXT4-fs: Ignoring removed orlov option
[  136.755733][ T6481] EXT4-fs: Ignoring removed oldalloc option
[  136.786442][ T6481] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  136.797139][ T6484] loop3: detected capacity change from 0 to 512
[  136.848782][ T6484] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  136.853201][ T6481] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[  136.944347][ T6484] EXT4-fs (loop3): 1 truncate cleaned up
[  136.960956][ T6481] EXT4-fs (loop2): invalid journal inode
[  136.993647][ T6484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.026043][ T6481] EXT4-fs (loop2): can't get journal size
[  137.079688][ T6481] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  137.348484][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.360931][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.584827][ T6504] mmap: syz.5.154 (6504) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  137.786360][ T6510] Zero length message leads to an empty skb
[  137.942897][ T6510] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  137.952194][ T6510] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  137.961514][ T6510] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  137.970628][ T6510] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  138.052022][ T6510] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  138.116099][ T6517] capability: warning: `syz.0.160' uses deprecated v2 capabilities in a way that may be insecure
[  138.135885][ T6517] program syz.0.160 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  138.184171][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  138.212059][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  138.921375][ T6535] loop0: detected capacity change from 0 to 512
[  138.977098][ T6535] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  139.130805][ T6535] EXT4-fs (loop0): 1 truncate cleaned up
[  139.201903][ T6535] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.411920][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.271879][   T30] kauditd_printk_skb: 78 callbacks suppressed
[  140.271899][   T30] audit: type=1326 audit(1740470532.868:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz.3.176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  140.374399][   T30] audit: type=1326 audit(1740470532.898:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz.3.176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  140.493134][   T30] audit: type=1326 audit(1740470532.908:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz.3.176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  140.595306][   T30] audit: type=1326 audit(1740470532.908:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz.3.176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  140.666355][   T30] audit: type=1326 audit(1740470532.908:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz.3.176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  140.786357][   T30] audit: type=1326 audit(1740470532.918:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz.3.176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  140.873362][ T6582] loop2: detected capacity change from 0 to 512
[  140.897795][   T30] audit: type=1326 audit(1740470532.918:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz.3.176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  140.977771][   T30] audit: type=1326 audit(1740470532.918:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz.3.176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  140.987771][ T6582] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.000714][ T6585] loop4: detected capacity change from 0 to 512
[  141.077890][   T30] audit: type=1326 audit(1740470532.918:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz.3.176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  141.129392][ T6582] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  141.129744][ T6585] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  141.230327][   T30] audit: type=1326 audit(1740470532.918:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz.3.176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  141.276980][ T6585] EXT4-fs (loop4): 1 truncate cleaned up
[  141.285067][ T6585] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.787710][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.507074][ T6626] loop4: detected capacity change from 0 to 512
[  142.543545][ T6628] loop3: detected capacity change from 0 to 512
[  142.565118][ T6626] EXT4-fs: Ignoring removed nobh option
[  142.620012][ T6626] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  142.695353][ T6628] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  142.776381][ T6626] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.815745][ T6626] ext4 filesystem being mounted at /29/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  142.903049][ T6628] EXT4-fs (loop3): 1 truncate cleaned up
[  142.911664][ T6628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.127932][ T6627] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 18: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  143.144219][ T6637] loop5: detected capacity change from 0 to 2048
[  143.167562][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.179088][ T6627] EXT4-fs (loop3): Remounting filesystem read-only
[  143.206374][ T6637] ext4: Unknown parameter 'obj_user'
[  143.482831][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.502621][ T6641] loop0: detected capacity change from 0 to 1024
[  143.584742][ T6641] EXT4-fs: Ignoring removed bh option
[  143.709876][ T6641] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.141360][ T6654] loop4: detected capacity change from 0 to 512
[  144.195216][ T6654] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  144.322826][ T6654] EXT4-fs (loop4): 1 truncate cleaned up
[  144.333491][ T6654] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.594726][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.639734][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.662440][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.027924][ T6669] loop4: detected capacity change from 0 to 128
[  146.014519][ T6696] loop3: detected capacity change from 0 to 512
[  146.112436][ T6696] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  146.231625][ T6696] EXT4-fs (loop3): 1 truncate cleaned up
[  146.284237][ T6696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.385493][ T6707] loop2: detected capacity change from 0 to 164
[  146.516958][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  146.516978][   T30] audit: type=1800 audit(1740470539.118:227): pid=6696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.214" name="file1" dev="loop3" ino=15 res=0 errno=0
[  146.525290][ T6707] rock: directory entry would overflow storage
[  146.625475][ T6707] rock: sig=0x4f50, size=4, remaining=3
[  146.631111][ T6707] iso9660: Corrupted directory entry in block 4 of inode 1792
[  146.704287][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.220139][ T6723] loop2: detected capacity change from 0 to 256
[  147.335485][ T6727] netlink: 8 bytes leftover after parsing attributes in process `syz.4.227'.
[  147.435483][ T6723] FAT-fs (loop2): Directory bread(block 64) failed
[  147.499213][ T6723] FAT-fs (loop2): Directory bread(block 65) failed
[  147.543900][ T6723] FAT-fs (loop2): Directory bread(block 66) failed
[  147.603007][ T6723] FAT-fs (loop2): Directory bread(block 67) failed
[  147.669951][ T6723] FAT-fs (loop2): Directory bread(block 68) failed
[  147.726663][ T6723] FAT-fs (loop2): Directory bread(block 69) failed
[  147.733392][ T6723] FAT-fs (loop2): Directory bread(block 70) failed
[  147.826002][ T6723] FAT-fs (loop2): Directory bread(block 71) failed
[  147.832774][ T6723] FAT-fs (loop2): Directory bread(block 72) failed
[  147.876867][ T6723] FAT-fs (loop2): Directory bread(block 73) failed
[  148.233829][ T6744] loop5: detected capacity change from 0 to 512
[  148.278023][ T6744] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  148.313717][ T6744] EXT4-fs (loop5): 1 truncate cleaned up
[  148.333648][ T6744] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.456996][   T30] audit: type=1800 audit(1740470541.058:228): pid=6744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.232" name="file1" dev="loop5" ino=15 res=0 errno=0
[  148.581756][ T6104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.470377][ T6774] loop2: detected capacity change from 0 to 128
[  150.509702][ T6774] EXT4-fs: Ignoring removed nobh option
[  150.553368][   T23] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  150.601609][   T23] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  150.641151][ T6774] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  150.666868][ T6774] ext4 filesystem being mounted at /59/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  151.035077][ T6797] IPv6: Can't replace route, no match found
[  151.076791][ T5842] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  151.375383][   T30] audit: type=1326 audit(1740470543.958:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  151.475247][   T30] audit: type=1326 audit(1740470543.968:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  151.535326][   T30] audit: type=1326 audit(1740470543.968:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  151.610409][   T30] audit: type=1326 audit(1740470543.968:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  151.705531][   T30] audit: type=1326 audit(1740470543.968:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  151.797664][   T30] audit: type=1326 audit(1740470543.968:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  151.822646][   T30] audit: type=1326 audit(1740470543.968:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  151.912810][   T30] audit: type=1326 audit(1740470543.968:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  151.967677][   T30] audit: type=1326 audit(1740470543.968:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  152.027405][   T30] audit: type=1326 audit(1740470543.978:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  152.166535][   T30] audit: type=1326 audit(1740470543.978:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  152.435333][   T30] audit: type=1326 audit(1740470543.978:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6801 comm="syz.5.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  152.904774][ T6848] syz.5.269 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  153.164937][ T6830] syz.2.264: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  153.226923][ T6830] CPU: 0 UID: 0 PID: 6830 Comm: syz.2.264 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  153.226960][ T6830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  153.226978][ T6830] Call Trace:
[  153.226988][ T6830]  <TASK>
[  153.226998][ T6830]  dump_stack_lvl+0x241/0x360
[  153.227036][ T6830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.227063][ T6830]  ? __pfx__printk+0x10/0x10
[  153.227100][ T6830]  ? __rcu_read_unlock+0xa1/0x110
[  153.227146][ T6830]  warn_alloc+0x278/0x410
[  153.227183][ T6830]  ? __pfx_warn_alloc+0x10/0x10
[  153.227223][ T6830]  ? xskq_create+0xb6/0x170
[  153.227247][ T6830]  ? __get_vm_area_node+0x1c8/0x2d0
[  153.227269][ T6830]  ? __get_vm_area_node+0x25c/0x2d0
[  153.227305][ T6830]  __vmalloc_node_range_noprof+0x62f/0x1380
[  153.227387][ T6830]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  153.227428][ T6830]  ? __kasan_kmalloc+0x98/0xb0
[  153.227468][ T6830]  vmalloc_user_noprof+0x74/0x80
[  153.227494][ T6830]  ? xskq_create+0xb6/0x170
[  153.227518][ T6830]  xskq_create+0xb6/0x170
[  153.227548][ T6830]  xsk_init_queue+0xa1/0x100
[  153.227577][ T6830]  xsk_setsockopt+0x56a/0x830
[  153.227607][ T6830]  ? __pfx_xsk_setsockopt+0x10/0x10
[  153.227632][ T6830]  ? __pfx_aa_sk_perm+0x10/0x10
[  153.227669][ T6830]  ? aa_sock_opt_perm+0xfd/0x1b0
[  153.227713][ T6830]  ? __pfx_xsk_setsockopt+0x10/0x10
[  153.227736][ T6830]  do_sock_setsockopt+0x3af/0x720
[  153.227790][ T6830]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  153.227850][ T6830]  ? __fget_files+0x395/0x410
[  153.227870][ T6830]  ? __fget_files+0x2a/0x410
[  153.227909][ T6830]  __x64_sys_setsockopt+0x1ee/0x280
[  153.227957][ T6830]  do_syscall_64+0xf3/0x230
[  153.228000][ T6830]  ? clear_bhb_loop+0x45/0xa0
[  153.228037][ T6830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.228067][ T6830] RIP: 0033:0x7f3971b8d169
[  153.228093][ T6830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.228111][ T6830] RSP: 002b:00007f3972a22038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  153.228135][ T6830] RAX: ffffffffffffffda RBX: 00007f3971da5fa0 RCX: 00007f3971b8d169
[  153.228151][ T6830] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003
[  153.228164][ T6830] RBP: 00007f3971c0e2a0 R08: 0000000000000004 R09: 0000000000000000
[  153.228177][ T6830] R10: 00004000000004c0 R11: 0000000000000246 R12: 0000000000000000
[  153.228190][ T6830] R13: 0000000000000000 R14: 00007f3971da5fa0 R15: 00007ffc1ef94258
[  153.228234][ T6830]  </TASK>
[  153.232362][ T6830] Mem-Info:
[  153.504688][ T6830] active_anon:5615 inactive_anon:0 isolated_anon:0
[  153.504688][ T6830]  active_file:1375 inactive_file:38322 isolated_file:0
[  153.504688][ T6830]  unevictable:768 dirty:76 writeback:0
[  153.504688][ T6830]  slab_reclaimable:9839 slab_unreclaimable:99732
[  153.504688][ T6830]  mapped:28941 shmem:1412 pagetables:1056
[  153.504688][ T6830]  sec_pagetables:0 bounce:0
[  153.504688][ T6830]  kernel_misc_reclaimable:0
[  153.504688][ T6830]  free:1333044 free_pcp:374 free_cma:0
[  153.644043][ T6830] Node 0 active_anon:22460kB inactive_anon:0kB active_file:5500kB inactive_file:153208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115864kB dirty:304kB writeback:0kB shmem:4112kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11144kB pagetables:4024kB sec_pagetables:0kB all_unreclaimable? no
[  153.775658][ T6830] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  153.870225][ T6830] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  153.965363][ T6830] lowmem_reserve[]: 0 2489 2490 0 0
[  153.993257][ T6867] loop5: detected capacity change from 0 to 512
[  154.005310][ T6830] Node 0 DMA32 free:1405944kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:22624kB inactive_anon:0kB active_file:5500kB inactive_file:152888kB unevictable:1536kB writepending:304kB present:3129332kB managed:2549508kB mlocked:0kB bounce:0kB free_pcp:1116kB local_pcp:256kB free_cma:0kB
[  154.044648][ T6867] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  154.119379][ T6830] lowmem_reserve[]: 0 0 0 0 0
[  154.124225][ T6830] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:320kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  154.206069][ T6830] lowmem_reserve[]: 0 0 0 0 0
[  154.211013][ T6830] Node 1 Normal free:3911716kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  154.243088][ T6830] lowmem_reserve[]: 0 0 0 0 0
[  154.248310][ T6830] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  154.261897][ T6830] Node 0 DMA32: 4*4kB (ME) 86*8kB (UME) 126*16kB (UME) 109*32kB (UME) 71*64kB (UME) 35*128kB (UME) 19*256kB (UME) 6*512kB (UM) 5*1024kB (UM) 2*2048kB (M) 335*4096kB (UM) = 1404544kB
[  154.277712][ T6867] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  154.281208][ T6830] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  154.334814][ T6830] Node 1 Normal: 253*4kB (UE) 62*8kB (UME) 46*16kB (UME) 211*32kB (UME) 98*64kB (UME) 27*128kB (UME) 13*256kB (UME) 7*512kB (UME) 3*1024kB (UM) 4*2048kB (UME) 946*4096kB (M) = 3911716kB
[  154.342296][ T6867] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.372641][ T6830] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  154.412184][ T6830] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  154.445006][ T6830] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  154.471347][ T6830] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  154.515396][ T6830] 41421 total pagecache pages
[  154.520150][ T6830] 0 pages in swap cache
[  154.524339][ T6830] Free swap  = 124856kB
[  154.570343][ T6830] Total swap = 124996kB
[  154.573625][ T6104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  154.574548][ T6830] 2097051 pages RAM
[  154.574562][ T6830] 0 pages HighMem/MovableOnly
[  154.574573][ T6830] 427952 pages reserved
[  154.574583][ T6830] 0 pages cma reserved
[  155.243510][ T6888] loop4: detected capacity change from 0 to 512
[  155.373465][ T6888] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  155.507365][ T6888] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  155.533129][ T6888] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.682721][ T6903] netlink: 4 bytes leftover after parsing attributes in process `syz.3.289'.
[  155.848998][ T6906] loop2: detected capacity change from 0 to 256
[  156.017818][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  156.109804][ T6906] FAT-fs (loop2): Directory bread(block 64) failed
[  156.153608][ T6906] FAT-fs (loop2): Directory bread(block 65) failed
[  156.183792][ T6906] FAT-fs (loop2): Directory bread(block 66) failed
[  156.245524][ T6906] FAT-fs (loop2): Directory bread(block 67) failed
[  156.252268][ T6906] FAT-fs (loop2): Directory bread(block 68) failed
[  156.270767][ T6914] loop3: detected capacity change from 0 to 512
[  156.294179][ T6906] FAT-fs (loop2): Directory bread(block 69) failed
[  156.339971][ T6906] FAT-fs (loop2): Directory bread(block 70) failed
[  156.376666][ T6906] FAT-fs (loop2): Directory bread(block 71) failed
[  156.383485][ T6906] FAT-fs (loop2): Directory bread(block 72) failed
[  156.462772][ T6914] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.294: bg 0: block 248: padding at end of block bitmap is not set
[  156.500656][ T6906] FAT-fs (loop2): Directory bread(block 73) failed
[  156.553807][ T6914] __quota_error: 51 callbacks suppressed
[  156.553828][ T6914] Quota error (device loop3): write_blk: dquota write failed
[  156.635492][ T6914] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  156.688910][ T6928] netlink: 128 bytes leftover after parsing attributes in process `syz.0.296'.
[  156.699044][ T6914] EXT4-fs error (device loop3): ext4_acquire_dquot:6912: comm syz.3.294: Failed to acquire dquot type 1
[  156.762434][ T6914] EXT4-fs (loop3): 1 truncate cleaned up
[  156.787775][ T6914] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.804462][ T6914] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.826810][   T30] audit: type=1326 audit(1740470549.418:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6913 comm="syz.3.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe85398bad0 code=0x7ffc0000
[  156.888389][ T6914] EXT4-fs error (device loop3): ext4_lookup:1823: inode #2: comm syz.3.294: deleted inode referenced: 12
[  156.923198][   T30] audit: type=1326 audit(1740470549.418:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6913 comm="syz.3.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fe85398beb7 code=0x7ffc0000
[  156.993475][ T6938] EXT4-fs error (device loop3): ext4_lookup:1823: inode #2: comm syz.3.294: deleted inode referenced: 12
[  157.038689][   T30] audit: type=1326 audit(1740470549.418:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6913 comm="syz.3.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe85398bad0 code=0x7ffc0000
[  157.149550][   T30] audit: type=1326 audit(1740470549.418:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6913 comm="syz.3.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  157.223187][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.245014][ T6946] loop2: detected capacity change from 0 to 512
[  157.258696][   T30] audit: type=1326 audit(1740470549.418:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6913 comm="syz.3.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  157.322675][ T6946] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  157.349194][   T30] audit: type=1326 audit(1740470549.468:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6913 comm="syz.3.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  157.413864][ T6946] EXT4-fs (loop2): 1 truncate cleaned up
[  157.436705][   T30] audit: type=1326 audit(1740470549.468:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6913 comm="syz.3.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  157.482392][ T6946] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.585366][   T30] audit: type=1326 audit(1740470549.468:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6913 comm="syz.3.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  157.829107][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.980954][  T975] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  159.029573][  T975] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  159.041406][ T6969] team0 (unregistering): Port device team_slave_0 removed
[  159.120624][ T6969] team0 (unregistering): Port device team_slave_1 removed
[  159.206501][ T6996] loop4: detected capacity change from 0 to 512
[  159.237158][ T6996] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  159.287784][ T6996] EXT4-fs (loop4): 1 truncate cleaned up
[  159.298028][ T6998] loop2: detected capacity change from 0 to 512
[  159.323914][ T6987] netlink: 'syz.0.313': attribute type 21 has an invalid length.
[  159.333437][ T6987] netlink: 'syz.0.313': attribute type 1 has an invalid length.
[  159.343263][ T6996] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.394016][ T6987] netlink: 144 bytes leftover after parsing attributes in process `syz.0.313'.
[  159.415862][ T6998] EXT4-fs (loop2): too many log groups per flexible block group
[  159.445396][ T6998] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  159.467275][ T6998] EXT4-fs (loop2): mount failed
[  159.605920][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.084938][ T7020] loop0: detected capacity change from 0 to 512
[  160.118828][ T7020] EXT4-fs: Ignoring removed bh option
[  160.147978][ T7020] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  160.281738][ T7020] EXT4-fs (loop0): 1 truncate cleaned up
[  160.349598][ T7020] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.429870][ T7020] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #14: comm syz.0.324: attempt to clear invalid blocks 1886221359 len 1
[  160.536053][ T7020] EXT4-fs (loop0): Remounting filesystem read-only
[  160.661498][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.669947][ T7038] loop2: detected capacity change from 0 to 2048
[  160.786006][ T7038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.822264][ T7045] loop5: detected capacity change from 0 to 512
[  160.886348][ T7038] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.926870][ T7045] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  161.011077][ T7045] EXT4-fs (loop5): 1 truncate cleaned up
[  161.067893][ T7045] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.298165][ T6104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.652117][ T1088] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:5: bg 0: block 345: padding at end of block bitmap is not set
[  162.583724][ T7064] loop4: detected capacity change from 0 to 2048
[  162.648481][ T7064] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.682341][ T1088] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 592 with error 117
[  162.727941][ T1088] EXT4-fs (loop2): This should not happen!! Data will be lost
[  162.727941][ T1088] 
[  162.772740][ T7064] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.881661][ T7077] loop3: detected capacity change from 0 to 4096
[  162.892958][ T7079] netlink: 'syz.0.340': attribute type 1 has an invalid length.
[  163.018620][ T7077] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.136716][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.167291][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.255071][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.267918][  T975] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  163.338486][  T975] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  163.867059][ T7101] loop4: detected capacity change from 0 to 512
[  163.924375][ T7104] loop0: detected capacity change from 0 to 512
[  163.951230][ T7101] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  163.981131][ T7104] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  164.001592][ T7101] EXT4-fs (loop4): 1 truncate cleaned up
[  164.014248][ T7101] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.031078][ T7104] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  164.079245][ T7104] EXT4-fs (loop0): 1 truncate cleaned up
[  164.095641][ T7104] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.118105][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.350785][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.692182][ T7127] loop4: detected capacity change from 0 to 512
[  164.800493][ T7127] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.816357][ T7127] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.833068][   T30] kauditd_printk_skb: 92 callbacks suppressed
[  164.833087][   T30] audit: type=1800 audit(1740470557.428:392): pid=7127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.350" name="file1" dev="loop4" ino=15 res=0 errno=0
[  164.834779][ T7127] ALSA: seq fatal error: cannot create timer (-22)
[  164.880782][ T7132] netlink: 16 bytes leftover after parsing attributes in process `syz.3.354'.
[  165.151590][ T7136] loop3: detected capacity change from 0 to 512
[  165.188375][ T7136] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  165.226243][    T8] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  165.227313][ T7136] EXT4-fs (loop3): orphan cleanup on readonly fs
[  165.239897][    T8] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  165.285624][ T7136] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.356: invalid indirect mapped block 256 (level 2)
[  165.313241][ T7136] EXT4-fs (loop3): 2 truncates cleaned up
[  165.333369][ T7136] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  165.444093][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.105703][ T7147] loop0: detected capacity change from 0 to 512
[  167.122439][ T7147] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  167.171791][ T7147] EXT4-fs (loop0): 1 truncate cleaned up
[  167.187964][ T7147] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.297960][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.619927][ T7152] random: crng reseeded on system resumption
[  167.685341][   T30] audit: type=1326 audit(1740470560.278:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.0.362" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x0
[  168.063408][ T7125] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.350'.
[  168.287440][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.316566][ T7185] loop5: detected capacity change from 0 to 512
[  170.375393][ T7185] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  170.429674][ T7185] EXT4-fs (loop5): 1 truncate cleaned up
[  170.501250][ T7185] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.720221][ T6104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.831277][ T7204] syz.2.374: attempt to access beyond end of device
[  170.831277][ T7204] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  170.941450][ T7206] loop3: detected capacity change from 0 to 1024
[  170.974715][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.2.374'.
[  170.999220][ T7206] EXT4-fs: Ignoring removed bh option
[  171.153751][ T7206] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.607551][ T7222] program syz.4.379 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  171.741206][ T7230] netlink: 4 bytes leftover after parsing attributes in process `syz.3.376'.
[  171.805716][ T7230] bridge_slave_1: left allmulticast mode
[  171.862472][ T7230] bridge_slave_1: left promiscuous mode
[  171.907097][ T7230] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.067230][ T7230] bridge_slave_0: left allmulticast mode
[  172.072963][ T7230] bridge_slave_0: left promiscuous mode
[  172.098186][ T7230] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.294926][ T7243] loop4: detected capacity change from 0 to 512
[  172.323288][ T7243] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  172.347312][ T7243] EXT4-fs (loop4): 1 truncate cleaned up
[  172.382225][ T7243] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.642707][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.962562][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.327346][   T30] audit: type=1326 audit(1740470565.928:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.4.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  173.402088][ T7266] loop4: detected capacity change from 0 to 1024
[  173.426864][   T30] audit: type=1326 audit(1740470565.928:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.4.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  173.467210][ T7266] EXT4-fs: Ignoring removed nobh option
[  173.486486][ T7266] EXT4-fs: Ignoring removed bh option
[  173.520922][   T30] audit: type=1326 audit(1740470565.928:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.4.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5ecfb8d1a3 code=0x7ffc0000
[  173.583584][ T7266] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.613153][   T30] audit: type=1326 audit(1740470565.968:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.4.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5ecfb8bc1f code=0x7ffc0000
[  173.704412][   T30] audit: type=1326 audit(1740470565.988:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.4.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5ecfb8d1f7 code=0x7ffc0000
[  173.843136][   T30] audit: type=1326 audit(1740470565.998:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.4.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ecfb8bad0 code=0x7ffc0000
[  173.876915][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.965268][   T30] audit: type=1326 audit(1740470565.998:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.4.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5ecfb8cd6b code=0x7ffc0000
[  174.062940][   T30] audit: type=1326 audit(1740470566.068:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.4.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5ecfb8bdca code=0x7ffc0000
[  174.149743][   T30] audit: type=1326 audit(1740470566.068:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.4.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5ecfb8bdca code=0x7ffc0000
[  174.173475][   T30] audit: type=1326 audit(1740470566.068:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.4.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5ecfb8b9d7 code=0x7ffc0000
[  174.888052][ T7305] loop2: detected capacity change from 0 to 512
[  174.917096][ T7305] EXT4-fs: Ignoring removed bh option
[  174.940858][ T7305] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  175.071690][ T7305] EXT4-fs (loop2): 1 truncate cleaned up
[  175.095082][ T7313] netlink: 20 bytes leftover after parsing attributes in process `syz.0.402'.
[  175.104314][ T7313] netlink: 136 bytes leftover after parsing attributes in process `syz.0.402'.
[  175.112180][ T7305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.356394][ T7304] Falling back ldisc for ttyS3.
[  175.368423][ T7323] program syz.0.405 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  175.382770][ T7323] x_tables: duplicate underflow at hook 2
[  175.557633][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.426359][ T7372] netlink: 28 bytes leftover after parsing attributes in process `syz.2.421'.
[  177.484801][ T7372] tipc: Started in network mode
[  177.542601][ T7372] tipc: Node identity 7, cluster identity 5
[  177.563070][ T7372] tipc: Node number set to 7
[  178.244760][ T7393] netlink: 48 bytes leftover after parsing attributes in process `syz.3.429'.
[  178.563075][ T7382] loop4: detected capacity change from 0 to 8192
[  178.788326][ T7382]  loop4: p1 p3 p4
[  178.876143][ T7382] loop4: p1 size 8390912 extends beyond EOD, truncated
[  178.902172][   T30] kauditd_printk_skb: 62 callbacks suppressed
[  178.902191][   T30] audit: type=1326 audit(1740470571.498:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.2.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  179.020245][ T7382] loop4: p3 size 589824 extends beyond EOD, truncated
[  179.022099][   T30] audit: type=1326 audit(1740470571.498:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.2.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  179.113972][   T30] audit: type=1326 audit(1740470571.508:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.2.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  179.295751][   T30] audit: type=1326 audit(1740470571.508:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.2.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  179.408083][   T30] audit: type=1326 audit(1740470571.508:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.2.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  179.542283][   T30] audit: type=1326 audit(1740470571.508:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.2.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  179.683559][   T30] audit: type=1326 audit(1740470571.508:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.2.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  179.795667][   T30] audit: type=1326 audit(1740470571.508:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.2.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  179.811456][ T7416] netlink: 16 bytes leftover after parsing attributes in process `syz.0.438'.
[  179.884514][   T30] audit: type=1326 audit(1740470571.508:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.2.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  179.910351][    T8] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  179.985801][   T30] audit: type=1326 audit(1740470571.508:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.2.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  180.110499][    T8] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  180.125200][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.154745][    T8] usb 6-1: Product: syz
[  180.170842][    T8] usb 6-1: Manufacturer: syz
[  180.205365][    T8] usb 6-1: SerialNumber: syz
[  180.258756][    T8] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  180.351148][  T975] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  180.606662][ T5976] usb 6-1: USB disconnect, device number 2
[  181.763791][  T975] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  181.773607][  T975] ath9k_htc: Failed to initialize the device
[  181.798613][ T5976] usb 6-1: ath9k_htc: USB layer deinitialized
[  181.917161][ T7432] netlink: 8 bytes leftover after parsing attributes in process `syz.0.445'.
[  182.152097][ T7437] loop3: detected capacity change from 0 to 1024
[  182.253481][ T7437] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.507736][ T7447] loop0: detected capacity change from 0 to 512
[  182.683485][ T7447] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.749621][ T7447] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.788945][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.109492][ T7470] loop3: detected capacity change from 0 to 128
[  183.123390][ T7469] netlink: 4 bytes leftover after parsing attributes in process `syz.5.459'.
[  183.132631][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.150953][ T7470] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  183.194658][ T7469] bridge_slave_1: left allmulticast mode
[  183.205020][ T7469] bridge_slave_1: left promiscuous mode
[  183.220240][ T7469] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.281454][ T7469] bridge_slave_0: left allmulticast mode
[  183.292046][ T7469] bridge_slave_0: left promiscuous mode
[  183.305632][ T7469] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.325652][ T5879] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  183.493354][ T5879] usb 3-1: config 0 has an invalid interface number: 11 but max is 0
[  183.527766][ T5879] usb 3-1: config 0 has no interface number 0
[  183.547301][ T5879] usb 3-1: config 0 interface 11 has no altsetting 0
[  183.574215][ T5879] usb 3-1: New USB device found, idVendor=1871, idProduct=0306, bcdDevice=1a.d2
[  183.613529][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.666508][ T5879] usb 3-1: config 0 descriptor??
[  183.676910][ T7482] netlink: 'syz.0.462': attribute type 3 has an invalid length.
[  184.526780][ T7507] loop0: detected capacity change from 0 to 512
[  184.563660][ T7507] journal_path: Non-blockdev passed as './bus'
[  184.596758][ T7507] EXT4-fs: error: could not find journal device path
[  184.799895][ T7516] loop4: detected capacity change from 0 to 128
[  184.850645][ T7516] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  184.870117][ T7516] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.156853][ T5830] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  185.893213][ T7550] loop4: detected capacity change from 0 to 512
[  185.990008][ T7550] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.481: casefold flag without casefold feature
[  186.072587][ T5879] usb 3-1: string descriptor 0 read error: -71
[  186.114236][ T7550] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.481: couldn't read orphan inode 15 (err -117)
[  186.163406][ T5879] usb 3-1: Found UVC 0.00 device <unnamed> (1871:0306)
[  186.255283][ T5879] usb 3-1: No valid video chain found.
[  186.260914][ T7565] loop5: detected capacity change from 0 to 164
[  186.270738][ T7550] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.339967][ T5879] usb 3-1: USB disconnect, device number 2
[  186.366612][ T7565] Unable to read rock-ridge attributes
[  186.466421][ T7565] Unable to read rock-ridge attributes
[  186.609137][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.195446][ T7584] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  187.580568][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  187.580587][   T30] audit: type=1326 audit(1740470580.178:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  187.719187][   T30] audit: type=1326 audit(1740470580.178:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  187.719255][   T30] audit: type=1326 audit(1740470580.228:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  187.719309][   T30] audit: type=1326 audit(1740470580.228:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  187.719363][   T30] audit: type=1326 audit(1740470580.228:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  187.719413][   T30] audit: type=1326 audit(1740470580.228:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  188.486073][ T7625] loop4: detected capacity change from 0 to 512
[  188.522162][ T7625] journal_path: Non-blockdev passed as './bus'
[  188.596813][ T7625] EXT4-fs: error: could not find journal device path
[  189.890063][ T7660] loop5: detected capacity change from 0 to 1024
[  189.926028][ T7660] EXT4-fs: Ignoring removed nobh option
[  189.931668][ T7660] EXT4-fs: Ignoring removed bh option
[  190.081745][ T7660] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.116071][ T7660] netlink: 'syz.5.524': attribute type 29 has an invalid length.
[  190.191667][ T7660] netlink: 'syz.5.524': attribute type 29 has an invalid length.
[  190.216116][ T7660] netlink: 508 bytes leftover after parsing attributes in process `syz.5.524'.
[  190.270680][   T30] audit: type=1326 audit(1740470582.858:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7675 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  190.341018][   T30] audit: type=1326 audit(1740470582.868:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7675 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  190.388391][ T7660] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4115: comm syz.5.524: Allocating blocks 497-513 which overlap fs metadata
[  190.453328][   T30] audit: type=1326 audit(1740470582.868:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7675 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  190.496541][ T7660] EXT4-fs (loop5): pa ffff88807adc7e80: logic 256, phys. 385, len 8
[  190.505425][ T7660] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1
[  190.536993][   T30] audit: type=1326 audit(1740470582.868:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7675 comm="syz.0.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  190.576770][ T7678] veth0_to_bond: entered promiscuous mode
[  190.600300][ T7680] netlink: 44 bytes leftover after parsing attributes in process `syz.2.530'.
[  190.610816][ T7678] netlink: 4 bytes leftover after parsing attributes in process `syz.0.531'.
[  190.853175][ T6104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.874067][ T7678] veth0_to_bond (unregistering): left promiscuous mode
[  191.053365][ T7678] bond0: (slave bond_slave_0): Releasing backup interface
[  191.203750][ T7694] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  191.416345][ T7698] loop5: detected capacity change from 0 to 128
[  191.768951][ T7710] loop0: detected capacity change from 0 to 256
[  191.806849][ T7710] vfat: Unknown parameter 'ÿÿÿÿÿÿÿ'
[  192.436882][ T7724] atomic_op ffff8880126c5998 conn xmit_atomic 0000000000000000
[  193.106544][ T7738] netlink: 24 bytes leftover after parsing attributes in process `syz.2.551'.
[  193.844842][ T7737] loop5: detected capacity change from 0 to 2048
[  193.858172][ T7719] netlink: 48 bytes leftover after parsing attributes in process `syz.3.546'.
[  193.904052][ T7744] netlink: 28 bytes leftover after parsing attributes in process `syz.0.555'.
[  194.272202][ T7754] random: crng reseeded on system resumption
[  194.292589][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  194.292608][   T30] audit: type=1326 audit(1740470586.888:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7749 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  194.447580][   T30] audit: type=1326 audit(1740470586.888:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7749 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  194.565426][   T30] audit: type=1326 audit(1740470586.888:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7749 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  194.631833][   T30] audit: type=1326 audit(1740470586.888:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7749 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  194.709686][   T30] audit: type=1326 audit(1740470586.918:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7749 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f879fd8d169 code=0x7ffc0000
[  194.838074][ T7764] loop2: detected capacity change from 0 to 512
[  194.929441][ T7764] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.943497][ T7764] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.986854][   T30] audit: type=1326 audit(1740470587.588:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7761 comm="syz.2.563" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x0
[  195.625870][   T30] audit: type=1326 audit(1740470588.228:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7794 comm="syz.4.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  195.814380][   T30] audit: type=1326 audit(1740470588.228:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7794 comm="syz.4.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  195.837506][   T30] audit: type=1326 audit(1740470588.258:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7794 comm="syz.4.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  195.860440][   T30] audit: type=1326 audit(1740470588.258:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7794 comm="syz.4.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  195.930500][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.479842][ T7807] loop0: detected capacity change from 0 to 128
[  196.612538][ T7815] loop4: detected capacity change from 0 to 128
[  196.644497][ T7815] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  196.666460][ T7816] syz.0.578: attempt to access beyond end of device
[  196.666460][ T7816] loop0: rw=2049, sector=145, nr_sectors = 232 limit=128
[  196.667394][ T7818] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  196.688834][ T7815] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.812532][ T7816] syz.0.578: attempt to access beyond end of device
[  196.812532][ T7816] loop0: rw=524288, sector=145, nr_sectors = 224 limit=128
[  196.856724][ T7816] syz.0.578: attempt to access beyond end of device
[  196.856724][ T7816] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  196.925753][ T7816] syz.0.578: attempt to access beyond end of device
[  196.925753][ T7816] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  196.997461][ T7816] syz.0.578: attempt to access beyond end of device
[  196.997461][ T7816] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  197.023031][ T5830] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  197.057752][ T7816] syz.0.578: attempt to access beyond end of device
[  197.057752][ T7816] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  197.120644][ T7816] syz.0.578: attempt to access beyond end of device
[  197.120644][ T7816] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  197.146278][ T7816] syz.0.578: attempt to access beyond end of device
[  197.146278][ T7816] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  197.212187][ T7816] syz.0.578: attempt to access beyond end of device
[  197.212187][ T7816] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  197.275841][ T7816] syz.0.578: attempt to access beyond end of device
[  197.275841][ T7816] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  197.764332][ T7841] loop5: detected capacity change from 0 to 2048
[  199.622245][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  199.630245][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  199.973148][ T7876] loop0: detected capacity change from 0 to 1024
[  199.975657][ T5890] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  200.091432][ T7876] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.120548][ T7885] loop3: detected capacity change from 0 to 512
[  200.128559][ T7885] EXT4-fs: Ignoring removed i_version option
[  200.167320][ T7885] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  200.167978][ T5890] usb 6-1: device descriptor read/64, error -71
[  200.456703][ T5890] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  200.459722][   T30] kauditd_printk_skb: 37 callbacks suppressed
[  200.459741][   T30] audit: type=1326 audit(1740470593.058:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  200.470672][ T7885] EXT4-fs (loop3): 1 truncate cleaned up
[  200.573998][ T7885] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.595862][   T30] audit: type=1326 audit(1740470593.098:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  200.598822][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.655294][   T30] audit: type=1326 audit(1740470593.098:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  200.679641][ T5890] usb 6-1: device descriptor read/64, error -71
[  200.785485][   T30] audit: type=1326 audit(1740470593.098:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  200.819547][ T5890] usb usb6-port1: attempt power cycle
[  200.867619][   T30] audit: type=1326 audit(1740470593.098:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  200.914397][   T30] audit: type=1326 audit(1740470593.108:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  200.975080][   T30] audit: type=1326 audit(1740470593.108:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  201.000543][   T30] audit: type=1326 audit(1740470593.108:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  201.034611][   T30] audit: type=1326 audit(1740470593.108:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  201.061650][   T30] audit: type=1326 audit(1740470593.108:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ecfb8d169 code=0x7ffc0000
[  201.113784][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.215525][ T5890] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  201.260645][ T5890] usb 6-1: device descriptor read/8, error -71
[  201.525406][ T5890] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  201.586737][ T5890] usb 6-1: device descriptor read/8, error -71
[  201.702276][ T5890] usb usb6-port1: unable to enumerate USB device
[  202.013098][ T7922] loop4: detected capacity change from 0 to 512
[  202.060175][ T7926] 9pnet: p9_errstr2errno: server reported unknown error 184467440
[  202.125581][ T7922] EXT4-fs warning (device loop4): ext4_enable_quotas:7130: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  202.248793][ T7922] EXT4-fs (loop4): mount failed
[  202.599122][ T7943] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  202.599122][ T7943]    program syz.0.638 not setting count and/or reply_len properly
[  202.897891][ T7953] netlink: 4 bytes leftover after parsing attributes in process `syz.4.640'.
[  203.124480][ T7957] loop2: detected capacity change from 0 to 512
[  203.195894][ T7957] EXT4-fs (loop2): orphan cleanup on readonly fs
[  203.246316][ T7957] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.642: bg 0: block 248: padding at end of block bitmap is not set
[  203.356996][ T7957] EXT4-fs error (device loop2): ext4_acquire_dquot:6912: comm syz.2.642: Failed to acquire dquot type 1
[  203.415676][ T7957] EXT4-fs (loop2): 1 truncate cleaned up
[  203.442755][ T7957] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  203.563001][ T7957] netlink: 'syz.2.642': attribute type 8 has an invalid length.
[  203.753839][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.792367][ T8012] netlink: 'syz.4.662': attribute type 1 has an invalid length.
[  207.529612][ T8018] loop3: detected capacity change from 0 to 512
[  207.593038][ T8018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.611033][ T8018] ext4 filesystem being mounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  207.679881][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.457986][ T7997] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.466129][ T7997] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.684359][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  208.684380][   T30] audit: type=1326 audit(1740470601.278:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8038 comm="syz.5.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  208.764070][   T30] audit: type=1326 audit(1740470601.318:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8038 comm="syz.5.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  208.797256][   T30] audit: type=1326 audit(1740470601.318:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8038 comm="syz.5.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbced78d169 code=0x7ffc0000
[  208.876327][   T30] audit: type=1326 audit(1740470601.448:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  208.984791][   T30] audit: type=1326 audit(1740470601.448:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  209.032289][ T8047] loop5: detected capacity change from 0 to 2048
[  209.063340][   T30] audit: type=1326 audit(1740470601.448:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  209.112825][ T8047] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.134576][   T30] audit: type=1326 audit(1740470601.448:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  209.169494][   T30] audit: type=1326 audit(1740470601.448:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3971b8d169 code=0x7ffc0000
[  210.097480][ T8061] loop0: detected capacity change from 0 to 512
[  210.137556][   T30] audit: type=1326 audit(1740470602.728:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8062 comm="syz.3.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  210.233374][   T30] audit: type=1326 audit(1740470602.768:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8062 comm="syz.3.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe85398d169 code=0x7ffc0000
[  210.289181][ T8061] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  210.341452][ T8066] 
[  210.344262][ T8066] =============================
[  210.349706][ T8066] WARNING: suspicious RCU usage
[  210.355237][ T8066] 6.14.0-rc3-next-20250218-syzkaller #0 Not tainted
[  210.361967][ T8066] -----------------------------
[  210.367672][ T8066] fs/kernfs/mount.c:243 suspicious rcu_dereference_check() usage!
[  210.376126][ T8066] 
[  210.376126][ T8066] other info that might help us debug this:
[  210.376126][ T8066] 
[  210.380308][ T8061] EXT4-fs (loop0): 1 truncate cleaned up
[  210.386960][ T8066] 
[  210.386960][ T8066] rcu_scheduler_active = 2, debug_locks = 1
[  210.400712][ T8066] 3 locks held by syz.4.685/8066:
[  210.405867][ T8066]  #0: ffff88802c00e070 (&fc->uapi_mutex){+.+.}-{4:4}, at: __se_sys_fsconfig+0x9b2/0xf60
[  210.415928][ T8066]  #1: ffff888032d1a0e0 (&type->s_umount_key#59){+.+.}-{4:4}, at: super_lock+0x196/0x400
[  210.425958][ T8066]  #2: ffff88801bef7148 (&root->kernfs_rwsem){++++}-{4:4}, at: kernfs_node_dentry+0xc3/0x2d0
[  210.436306][ T8066] 
[  210.436306][ T8066] stack backtrace:
[  210.442244][ T8066] CPU: 0 UID: 0 PID: 8066 Comm: syz.4.685 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  210.442272][ T8066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  210.442286][ T8066] Call Trace:
[  210.442296][ T8066]  <TASK>
[  210.442307][ T8066]  dump_stack_lvl+0x241/0x360
[  210.442345][ T8066]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.442372][ T8066]  ? __pfx__printk+0x10/0x10
[  210.442389][ T8066]  ? do_raw_spin_lock+0x14f/0x370
[  210.442455][ T8066]  lockdep_rcu_suspicious+0x226/0x340
[  210.442485][ T8066]  kernfs_node_dentry+0x24b/0x2d0
[  210.442523][ T8066]  cgroup_do_get_tree+0x248/0x390
[  210.442560][ T8066]  cgroup_get_tree+0xbb/0x230
[  210.442595][ T8066]  vfs_get_tree+0x90/0x2b0
[  210.442629][ T8066]  vfs_cmd_create+0xa0/0x1f0
[  210.442653][ T8066]  ? __se_sys_fsconfig+0xa29/0xf60
[  210.442684][ T8066]  __se_sys_fsconfig+0xa33/0xf60
[  210.442728][ T8066]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  210.442750][ T8066]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  210.442787][ T8066]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  210.442824][ T8066]  ? do_syscall_64+0x100/0x230
[  210.442858][ T8066]  ? __x64_sys_fsconfig+0x20/0xc0
[  210.442888][ T8066]  do_syscall_64+0xf3/0x230
[  210.442920][ T8066]  ? clear_bhb_loop+0x45/0xa0
[  210.442957][ T8066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.442986][ T8066] RIP: 0033:0x7f5ecfb8d169
[  210.443023][ T8066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.443041][ T8066] RSP: 002b:00007f5ecd9f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  210.443062][ T8066] RAX: ffffffffffffffda RBX: 00007f5ecfda5fa0 RCX: 00007f5ecfb8d169
[  210.443079][ T8066] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  210.443090][ T8066] RBP: 00007f5ecfc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  210.443102][ T8066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.443115][ T8066] R13: 0000000000000000 R14: 00007f5ecfda5fa0 R15: 00007ffd2ae660d8
[  210.443159][ T8066]  </TASK>
[  210.444665][ T8066] 
[  210.649529][ T8066] ============================================
[  210.655681][ T8066] WARNING: possible recursive locking detected
[  210.661836][ T8066] 6.14.0-rc3-next-20250218-syzkaller #0 Not tainted
[  210.668422][ T8066] --------------------------------------------
[  210.674831][ T8066] syz.4.685/8066 is trying to acquire lock:
[  210.680719][ T8066] ffff88801bef7148 (&root->kernfs_rwsem){++++}-{4:4}, at: kernfs_dop_revalidate+0xa2/0x5d0
[  210.690745][ T8066] 
[  210.690745][ T8066] but task is already holding lock:
[  210.698112][ T8066] ffff88801bef7148 (&root->kernfs_rwsem){++++}-{4:4}, at: kernfs_node_dentry+0xc3/0x2d0
[  210.707885][ T8066] 
[  210.707885][ T8066] other info that might help us debug this:
[  210.715944][ T8066]  Possible unsafe locking scenario:
[  210.715944][ T8066] 
[  210.723392][ T8066]        CPU0
[  210.726673][ T8066]        ----
[  210.729962][ T8066]   lock(&root->kernfs_rwsem);
[  210.734735][ T8066]   lock(&root->kernfs_rwsem);
[  210.739506][ T8066] 
[  210.739506][ T8066]  *** DEADLOCK ***
[  210.739506][ T8066] 
[  210.747654][ T8066]  May be due to missing lock nesting notation
[  210.747654][ T8066] 
[  210.755970][ T8066] 3 locks held by syz.4.685/8066:
[  210.760995][ T8066]  #0: ffff88802c00e070 (&fc->uapi_mutex){+.+.}-{4:4}, at: __se_sys_fsconfig+0x9b2/0xf60
[  210.770858][ T8066]  #1: ffff888032d1a0e0 (&type->s_umount_key#59){+.+.}-{4:4}, at: super_lock+0x196/0x400
[  210.780815][ T8066]  #2: ffff88801bef7148 (&root->kernfs_rwsem){++++}-{4:4}, at: kernfs_node_dentry+0xc3/0x2d0
[  210.791048][ T8066] 
[  210.791048][ T8066] stack backtrace:
[  210.796959][ T8066] CPU: 0 UID: 0 PID: 8066 Comm: syz.4.685 Not tainted 6.14.0-rc3-next-20250218-syzkaller #0
[  210.796985][ T8066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  210.796997][ T8066] Call Trace:
[  210.797007][ T8066]  <TASK>
[  210.797015][ T8066]  dump_stack_lvl+0x241/0x360
[  210.797042][ T8066]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.797060][ T8066]  ? __pfx__printk+0x10/0x10
[  210.797077][ T8066]  ? lockdep_unlock+0x16a/0x300
[  210.797107][ T8066]  print_deadlock_bug+0x483/0x620
[  210.797131][ T8066]  validate_chain+0x15e2/0x5920
[  210.797160][ T8066]  ? validate_chain+0x15c0/0x5920
[  210.797181][ T8066]  ? __pfx_validate_chain+0x10/0x10
[  210.797302][ T8066]  ? __pfx_validate_chain+0x10/0x10
[  210.797333][ T8066]  ? __lock_acquire+0x1397/0x2100
[  210.797362][ T8066]  ? __pfx_validate_chain+0x10/0x10
[  210.797386][ T8066]  ? mark_lock+0x9a/0x360
[  210.797406][ T8066]  __lock_acquire+0x1397/0x2100
[  210.797443][ T8066]  lock_acquire+0x1ed/0x550
[  210.797469][ T8066]  ? kernfs_dop_revalidate+0xa2/0x5d0
[  210.797495][ T8066]  ? __pfx_lock_acquire+0x10/0x10
[  210.797523][ T8066]  ? __pfx___might_resched+0x10/0x10
[  210.797555][ T8066]  down_read+0xb1/0xa40
[  210.797582][ T8066]  ? kernfs_dop_revalidate+0xa2/0x5d0
[  210.797604][ T8066]  ? __pfx_lock_acquire+0x10/0x10
[  210.797632][ T8066]  ? kernfs_root+0x1c/0x230
[  210.797649][ T8066]  ? __pfx_down_read+0x10/0x10
[  210.797681][ T8066]  ? kernfs_root+0x1c/0x230
[  210.797700][ T8066]  kernfs_dop_revalidate+0xa2/0x5d0
[  210.797722][ T8066]  lookup_one_unlocked+0x23b/0x2d0
[  210.797744][ T8066]  ? __pfx_lookup_one_unlocked+0x10/0x10
[  210.797763][ T8066]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  210.797790][ T8066]  ? nbcon_cpu_emergency_exit+0x6e/0xd0
[  210.797808][ T8066]  ? nbcon_cpu_emergency_exit+0x77/0xd0
[  210.797828][ T8066]  lookup_positive_unlocked+0x2b/0xb0
[  210.797849][ T8066]  kernfs_node_dentry+0x139/0x2d0
[  210.797876][ T8066]  cgroup_do_get_tree+0x248/0x390
[  210.797899][ T8066]  cgroup_get_tree+0xbb/0x230
[  210.797925][ T8066]  vfs_get_tree+0x90/0x2b0
[  210.797949][ T8066]  vfs_cmd_create+0xa0/0x1f0
[  210.797970][ T8066]  ? __se_sys_fsconfig+0xa29/0xf60
[  210.797994][ T8066]  __se_sys_fsconfig+0xa33/0xf60
[  210.798020][ T8066]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  210.798040][ T8066]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  210.798069][ T8066]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  210.798097][ T8066]  ? do_syscall_64+0x100/0x230
[  210.798124][ T8066]  ? __x64_sys_fsconfig+0x20/0xc0
[  210.798146][ T8066]  do_syscall_64+0xf3/0x230
[  210.798171][ T8066]  ? clear_bhb_loop+0x45/0xa0
[  210.798197][ T8066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.798222][ T8066] RIP: 0033:0x7f5ecfb8d169
[  210.798252][ T8066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.798268][ T8066] RSP: 002b:00007f5ecd9f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  210.798287][ T8066] RAX: ffffffffffffffda RBX: 00007f5ecfda5fa0 RCX: 00007f5ecfb8d169
[  210.798300][ T8066] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  210.798311][ T8066] RBP: 00007f5ecfc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  210.798321][ T8066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.798332][ T8066] R13: 0000000000000000 R14: 00007f5ecfda5fa0 R15: 00007ffd2ae660d8
[  210.798352][ T8066]  </TASK>
[  211.128816][ T8061] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.202340][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.207786][ T6104] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.222632][ T8070] sg_write: data in/out 215/14 bytes for SCSI command 0x0-- guessing data in;
[  211.222632][ T8070]    program syz.2.686 not setting count and/or reply_len properly