last executing test programs:

7.400454248s ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

5.235124039s ago: executing program 1:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

5.042191899s ago: executing program 1:
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0585605, &(0x7f00000005c0)={0x2, 0x0, @raw_data})

4.96756872s ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000002000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000d80)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffefb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x3, 0x8}, 0x48)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
write$cgroup_type(r0, &(0x7f0000000140), 0x9)

4.893341172s ago: executing program 1:
r0 = socket(0x1, 0x2, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x3c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x9, 0x39}}}}, [@NL80211_ATTR_USER_PRIO={0x5}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x3f}, @NL80211_ATTR_MAC={0xa}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc840}, 0x80)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000640)={{{@in=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@remote, 0x0, 0x32}, 0x0, @in=@private, 0x0, 0x4}}, 0xe8)
sendmmsg$inet6(r2, &(0x7f0000000300)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev}, 0x1c, 0x0}}], 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000840)={0x0, 0x58}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000850000009e00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000bf080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180), 0x600000, 0x0)
syz_open_procfs(0x0, &(0x7f0000000200)='mountinfo\x00')
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000240), 0x12)
unshare(0x22020400)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000400), 0xd, 0x5e8, &(0x7f0000001200)="$eJzs3c1vVFUbAPDnTj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sQxd3pv6bR3Wjr9uJX7+yVDzz1nbs+5TJ+eM6fn3AmgsgbTf2oR+yNiOonoT+YXyzojKxxceN6DPz86mz6SqNdf+z2JJMvLn59kX/uyk3si4scfktjXsbLemblrF8enpiavZsfDs5emh2fmrh2+cGn8/OT5ycujL4yeOH7s+ImRI21d1/WCvNM3332//5OxN7/56q9k5NtfxpI4GS9nT1x6HZtlMAYb/yfJyqK+E5tdWUk6sp+TpS9x0llig1iX/PXriognoj864uGL1x8fv1Jq44AtVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsP9UwsTACvjv3NhbjB6GnMDux8ksXRaJ4mI9mbmmu2JiLt3xm6euzN2M7ZoHg4oNn8jIp4siv+kEf8D0RMDjfivNcV/Oi44k31N819ts/7lU8XiH7bPQvz3tI7/np7GUVH8v7Uk/t9us/7Bh8l3epviv7fdSwIAAAAAAIDKun0qIp4v+vt/bXH9TxSs/+mLiJObUP/gsuOVf/+v3duEaoAC909FvFS4/reWr/4d6MhS/2msB+pKzl2YmjwSEf+NiEPRtSs9HlmljsOf7vuyVdlgtv4vf6T1383WAmbtuNe5q/mcifHZ8Y1eNxBx/0bEU4Xrf5PF/j8p6P/T3wfTj1jHvmdvnWlVtnb8A1ul/nXEwcL+/+FdK5LV788x3BgPDOejgpWe/vCz71rV3278u8UEbFza/+9ePf4HkqX365lZfx1H5zrrrcraHf93J683bjnTneV9MD47e3Ukojs53ZHmNuWPrr/N8DjK4yGPlzT+Dz2z+vxf0fi/NyLml33v5I/mPcW5///d92ur9hj/Q3nS+J9YV/+//sTorYHvW9X/aP3/sUZffyjLMf8HC77Iw7S7Ob8gHDuLira7vQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOKhFxJ5IakOL6VptaCiiLyL+F7trU1dmZp87d+W9yxNpWePz/2v5J/32Lxwn+ef/Dyw5Hl12fDQi9kbE5x29jeOhs1emJsq+eAAAAAAAAAAAAAAAAAAAANgh+lrs/0/91lF264At11l2A4DSFMT/T2W0A9h++n+oLvEP1SX+obrEP1SX+IfqEv9QXeIfqkv8AwAAAADAY2Xvgds/JxEx/2Jv45Hqzsq6Sm0ZsNVqZTcAKI1b/EB1WfoD1eU9PpCsUd7T8qS1zlzN9NkNnAwAAAAAAAAAAAAAlXNwv/3/UFX2/0N12f8P1ZXv/z9QcjuA7ec9PhBr7OQv3P+/5lkAAAAAAAAAAAAAwGaambt2cXxqavJq+4n8dgEb/T5lJ97YGc3YzkS9Xr+evnQ7pT3/8kS+FH6ntGdZIt/r92hnlfP7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWOmfAAAA///JXiFd")
finit_module(0xffffffffffffffff, &(0x7f0000000340)='/dev/ptmx\x00', 0x3)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x200000000000011, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000600)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904002c11018b75000905836dc6"], 0x0)
syz_open_dev$evdev(&(0x7f0000000100), 0x4000000, 0x0)

4.829019982s ago: executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$swradio(&(0x7f0000000080), 0x1, 0x2)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
read(r2, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x335})
tkill(0x0, 0x7)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000480)={{0x80, 0x9}, 'port1\x00', 0x1e, 0x100040, 0x2, 0x6, 0x5, 0x8, 0x5, 0x0, 0x4, 0x7})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc04c5349, &(0x7f00000003c0)={{}, 'port1\x00'})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000080)=@framed={{0x18, 0x2}, [@call, @printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000180)="00feffffff000000000051229dc9", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105518, 0x0)
ioctl$VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000100)=@mmap={0x0, 0x8, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "185d7d4f"}})
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
setsockopt$ax25_int(r4, 0x101, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r6)
sendmsg$NFC_CMD_START_POLL(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x14, 0x0, 0x1}, 0x14}}, 0x0)
sendmsg$NFC_CMD_DEV_DOWN(r5, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x28004040)
read$nci(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f00000000c0))
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x28, 0x4, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

3.428358792s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0xc}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x17, 0x0, 0x1f5c, 0x6}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r2, 0x0, 0x0}, 0x20)

3.322436909s ago: executing program 3:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

3.111270602s ago: executing program 3:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200002, &(0x7f0000000980), 0x0, 0x562, &(0x7f0000000a40)="$eJzs3U9rHOUfAPDvbJL+//2SQinagwR6sFK7aRL/VPBQj6LFgt7rkkxDyaZbspvSxILtwV68aBFELIgvwLvH4hvwVRS0UKQEPXhZmc1sum02/7du6nw+MNnnmdndZ74z8332mcwsG0BhjWZ/ShEvR8RXScTwyux92Z/ByBeOrjxv+fHNqWxKotn8+I8kknxe+72S/PFwXnkpIn75IuJ0aW279cWl2Uq1ms7n9bHG3LWx+uLSmStzlZl0Jr06MTl57s3JiXfefqsncX4dEa9d/Ou7j+6/f+7Lk8vf/vTw6N0kzseRfHlnHLtwq7MyGqP5NhmK8888cbwHje0lSb9XgB0ZyPN8KLI+YDgG8qwH/vs+j4gmUFCJ/IeCao8D2uf2PToPfmE8em/lBGht/IMr/xuJA61zo0PLyVNnRtn57kgP2s/a+Pn3e3ezKas3h4u1/YH+uXU7Is4ODq7t/5K8/9u5s1t4zrNtFO3zB/rpfjb+eb3b+Ke0Ov6JLuOfw11ydyc2z//Swx40s65s/Pdu1/Hv6kWrkYG89r/WmG8ouXylmmZ92/8j4lQM7c/qG13PObf8oLness7xXzZl7bfHgvl6PBzc//RrpiuNym5i7vTodsSJruPfZHX/J132f7Y9Lm6xjePpvVfWW7Z5/M9X88eIV7vu/ydXtJKNr0+OtY6HsfZRsdafd47/ul77/Y4/2/+HNo5/JOm8Xlvffhs/HPg7XW/ZTo//fcknrfK+fN6NE3kh+fDp+ZVGY37iyWvb9dbj+Er8p05u3P91O/4PbiP+O8fufLrz+J+vLP7pbe3/7RcefPDZ95Hc2mH82f5/o1U6lc/ZSv+31RXc5eYDAAAAAACAPaUUEUciKZVXy6VSubxyf8exOFSq1uqN05drC1eno/Vd2ZEYKrWvdA933A8xnt8P265PPFOfjIijEfHNwMFWvTxVq073O3gAAAAAAAAAAAAAAAAAAADYIw6v8/3/zG8D/V474Lnzk99QXJvmfy9+6QnYk3z+Q3HJfygu+Q/FJf+huOQ/FJf8h+KS/1Bc8h8AAAAAAAAAAAAAAAAAAAAAAAAAAAB66uKFC9nUXH58cyqrT19fXJitXT8zndZny3MLU+Wp2vy18kytNlNNy1O1uc3er1qrXRufiIUbY4203hirLy5dmqstXG1cujJXmUkvpUP/SlQAAAAAAAAAAAAAAAAAAADwYqkvLs1WqtV0/gUuJHtjNQpaGOycsz8i9sqKKeyq0O+eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACe+CcAAP//MFU0rg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0)
openat$sw_sync_info(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000fc020000000000008000000000000000ff02000000000000000000000000000000000000000000000a"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0)

2.798627571s ago: executing program 0:
r0 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000001500)=0xfffffffe, 0x4)
write(r0, &(0x7f0000000080)="08008edf773c8000", 0xfd)
readv(r0, &(0x7f0000000380)=[{&(0x7f0000000100)=""/222, 0xfdef}], 0x1)

2.770510875s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r1, 0xffffffffffffffff, 0x0)

2.693970627s ago: executing program 2:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x12, 0x1c, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x7b}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r2, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

2.679703839s ago: executing program 0:
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file2\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
mmap$snddsp_control(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x83000000)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r4, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x380, 0xffffffff, 0x98, 0x98, 0x98, 0xffffffff, 0xffffffff, 0x2e8, 0x2e8, 0x2e8, 0xffffffff, 0x4, 0x0, {[{{@ip={@private, @remote, 0x0, 0x0, 'rose0\x00', 'wg2\x00'}, 0xa00, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'snmp_trap\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'snmp\x00'}}]}, @REJECT={0x28}}, {{@ip={@remote, @dev, 0x0, 0x0, 'batadv_slave_0\x00', 'rose0\x00'}, 0x0, 0xc8, 0x128, 0x0, {}, [@common=@inet=@socket1={{0x28}}, @common=@addrtype={{0x30}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@broadcast}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3e0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x2, 0x8, 0x801}, 0x14}}, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r7, r6, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, 0x0)

2.605045512s ago: executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r0, 0x0, 0xc, &(0x7f0000000000)="c1", 0x1)
setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000040)='\r', 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000100)=""/27, &(0x7f00000000c0)=0xfffffffffffffe90)

2.506020937s ago: executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$swradio(&(0x7f0000000080), 0x1, 0x2)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
read(r2, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x335})
tkill(0x0, 0x7)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000480)={{0x80, 0x9}, 'port1\x00', 0x1e, 0x100040, 0x2, 0x6, 0x5, 0x8, 0x5, 0x0, 0x4, 0x7})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc04c5349, &(0x7f00000003c0)={{}, 'port1\x00'})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000080)=@framed={{0x18, 0x2}, [@call, @printk={@li, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000180)="00feffffff000000000051229dc9", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105518, 0x0)
ioctl$VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000100)=@mmap={0x0, 0x8, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "185d7d4f"}})
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
setsockopt$ax25_int(r4, 0x101, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r6)
sendmsg$NFC_CMD_START_POLL(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x14, 0x0, 0x1}, 0x14}}, 0x0)
sendmsg$NFC_CMD_DEV_DOWN(r5, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x28004040)
read$nci(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f00000000c0))
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x28, 0x4, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

931.958594ms ago: executing program 3:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

931.439424ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0xc}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x17, 0x0, 0x1f5c, 0x6}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r2, 0x0, 0x0}, 0x20)

928.882564ms ago: executing program 1:
syz_mount_image$reiserfs(&(0x7f0000000280), &(0x7f0000000140)='./file0\x00', 0x10, &(0x7f0000000580), 0xfb, 0x111b, &(0x7f0000003600)="$eJzs2bFqFF0UB/D/ndnvS7qVsR8ELSwkJKwPYAqFbW21EQkIpsqCoPgavoFv4StoKvuQXouApTAyzo67woJKNoLw+8HuPXNmzj1zy3snAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Jskn0pyvUqaMVclKUnbns7Pk7Rj/tr7ukrJw6P54v7J7MEiSf398fIoKX1VX5bm4OZuM2tmzUFz997hrQ+Ll6+ePzk+PjpZTlPS5uxiq6so41+9nitb7QEAAAD/rO7Spnnz4nc6/X9F/QEAAIBf2fZ5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCf6qaruBmDKklJ2vZ0fp6k3VD33196PwAAAODySqo8nm7KD8cAK3fycVp+5PvxS+nj/bzdUA8AAACsPHv302W3swzWv69/7Qb9vvt2JsO+fHe4dyOT7O0N8XLI58OkTrK/Nkdfc3bx+un4K12d7FzdugAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+sQMHJAAAAACC/r9uR6AAAAAAAAAAAAAAAAAAAAAAAAAAcFAAAAD//+bP4TA=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000080), 0xfea7)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
ftruncate(r0, 0xe5c)
write$cgroup_pressure(r0, &(0x7f0000000500)={'some'}, 0x2f)

585.488839ms ago: executing program 0:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@struct={0x0, 0x1, 0x0, 0x13, 0x0, 0x2, [{0x1}]}]}, {0x0, [0x5f, 0x5f]}}, 0x0, 0x34}, 0x20)

539.185836ms ago: executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x1f2f, 0xf, 0x3ce, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x60000000, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)
r2 = socket$inet6(0x10, 0x2, 0x6)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000040)=[{0x16}]}, 0x10)
sendto$inet6(r2, &(0x7f0000000000)="1c0000002800050f0c1000000049b23e9b200a000835b3c000000001", 0x1c, 0x0, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x14)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x0, &(0x7f0000000380), 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$packet(0x11, 0x0, 0x300)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
listen(r0, 0x5)
syz_emit_ethernet(0x4e, &(0x7f0000000e00)={@local, @local, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local, {[@rr={0x7, 0x17, 0x12, [@private, @broadcast, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback]}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

474.504636ms ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000002000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000d80)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffefb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x3, 0x8}, 0x48)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r2}, 0x10)
write$cgroup_type(r0, &(0x7f0000000140), 0x9)

459.032208ms ago: executing program 3:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000005c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000680)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x28bd, 0x934, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000007c0)={0x24, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0022050000000802469e14ca464476599d381ae3f893750f415e8263455ceee9e4f56367aa63346217f0b501c2b35ae5d677765119229c5b8eb62040adb51f1b6fb0313e06c2971a8f4790d0f46bb05f1dfef6ed3becd84c0682928a9cba7269a5d83fc6dbe9725bf1508c766a799a442155c8306dc399de"], 0x0}, 0x0)
write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x03\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
r2 = memfd_create(&(0x7f0000000680)='\x103q}2\x9a\xce\xaf\x03\x86[j\x12\xe04\xa6{\xbc\x1c\xc0\xf9\x1cz\x83:\xd2\xe4^\xd5\xfd\xa9\r\xac7A\x94\xeb\xcd\t\x00\x90k\xd6\x05\r\x84\x87\x1c\xec\x8c`\xea\x13A\x90m\xb6&\xd0\x9daA\xa5C\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\xc0G\x83\x81v\xb1\xb9>*:\b\xc4\n\xa7\xab\x99i\xe7#\x16>?\xb40\xc65G\x19\x89Z-O\xf2\x8f\xe9U\xe5\xcf\xf95\xfb\xe6\xb9\b \xf6\xce\x88\xffqa\xb8\xb4!0\x9el6\x0f\xf9\x19\xb3\b\xde\x1d\xc4\xde\xccRz\x1c\x02\x1d\xa0\x7f\r~\xe1\xe4\x88\xad\xe3\xf4\x05\xe0\x7f\x0f\xd9:n\xe6\x9a$\xd1s|1c\xfdo\x98\x88_ fh\xc7\"\xd1\x89d\x04\xcd\xefn\xb6o\xa8\xba\xdfI)+IU\x00\x00\x00\x00\x00\x00\x00\x00@\x06V<\xa7\x9c\n\x86\xc5\"\"\xf0\xc9\xadM\x84\x83$\xf6\xe6\x94<\xb3s+\xa4\xca\xbc\xed\xf8\x9c\x83\xa9]?\nm\xdc\x00P\xc6\x0225N\x92\b\x82\xa3.\xac\x01\xf9H\xbe#\xec\x7f\fm\x85[v\xde\x87\xd3(\x92\xfe\xe6\"@\xcc\xc3qx\x9a\xaf{\nt\xaf1\x047o\x9e\xba:\xc2O7`o\x96Y\x1a\x97\x1bn\xbc\xf8\x14c\xfe\x855\xbc\xfd\x1b\xe7[\x82\xe0H(N\x15\xd0n\xf1\x8d\x86|\xdc\x1f1\x102\x97\fX\x95 \"\xcd-\x17\xa7\xda\xe4\x83\xea\x06+\xf6\x93\xdcp\xc0g\xfao\x80\x1c\x93\x10\xc3C\xc3\xa6l\xe3\x87\xa0\x8f\x04\x18\xaa\v\xbbT*c\xf1\x8d\x8c7G\xa2\x96W\xc1\x06\xb0\x8d\x1bVJ\xccM\x83c\xb2@\x05\xa8:0\xc0\xb4\xeb&\x13T\x91\x7f!\xd7\xfe\x02\xf8\x13\xa2\x7fl]\x94\xfc\x84Fz\xce\x9a$\xf8\xe0\x84x\xfd\x8e1\xbe<o\xcf\xc1T\xb8\xa1)\x16E+\x0f\x11K\x92\xf5\xd1\xc7\xfc\x12~\xcf\xc3%[\xedA=\x8dS\xf6\xe4\xb6z\x9e\x15\xb3 G\xd0\x1c\xe7\x18\xb8.*\xd1(\xff\x80', 0x0)
ftruncate(r2, 0x80079a0)
mmap(&(0x7f0000b1a000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x119b4000)
r3 = userfaultfd(0x0)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r3, 0xc020aa04, &(0x7f0000000100)={{&(0x7f000047e000/0x3000)=nil, 0x3000}})
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4af})
r5 = socket$alg(0x26, 0x5, 0x0)
futimesat(r0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000480)={{0x77359400}})
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000080)="01", 0x1)
r6 = accept$alg(r5, 0x0, 0x0)
sendmmsg$alg(r6, &(0x7f0000003200)=[{0x0, 0x0, 0x0}], 0x1, 0x0)
r7 = dup(r6)
sendmsg$alg(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000000c0)="eb", 0x1}], 0x1, 0x0, 0x0, 0x10e}, 0x4840)
setsockopt(r7, 0x1, 0x0, &(0x7f0000000340)="b5057018", 0x4)
recvmmsg$unix(r7, &(0x7f0000002180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa04, &(0x7f0000000100)={{&(0x7f000047e000/0x3000)=nil, 0x3000}})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x19, 0x4, 0x5, 0x2}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x5, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000006cff3b1921d23ae400f218120000", @ANYRESHEX=r2, @ANYBLOB="00000000000000000900000000100097980000000c000000b70000000000"], &(0x7f0000000040)='syzkaller\x00', 0x6, 0xff1, &(0x7f0000001300)=""/4081}, 0x90)

413.675196ms ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r1, 0xffffffffffffffff, 0x0)

396.774868ms ago: executing program 0:
r0 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000001500)=0xfffffffe, 0x4)
write(r0, &(0x7f0000000080)="08008edf773c8000", 0xfd)
readv(r0, &(0x7f0000000380)=[{&(0x7f0000000100)=""/222, 0xfdef}], 0x1)

359.576984ms ago: executing program 2:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

298.912633ms ago: executing program 0:
r0 = socket(0x1, 0x2, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x3c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x9, 0x39}}}}, [@NL80211_ATTR_USER_PRIO={0x5}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x3f}, @NL80211_ATTR_MAC={0xa}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc840}, 0x80)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000640)={{{@in=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@remote, 0x0, 0x32}, 0x0, @in=@private, 0x0, 0x4}}, 0xe8)
sendmmsg$inet6(r2, &(0x7f0000000300)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev}, 0x1c, 0x0}}], 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000840)={0x0, 0x58}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000850000009e00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000bf080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180), 0x600000, 0x0)
syz_open_procfs(0x0, &(0x7f0000000200)='mountinfo\x00')
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000240), 0x12)
unshare(0x22020400)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000400), 0xd, 0x5e8, &(0x7f0000001200)="$eJzs3c1vVFUbAPDnTj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sQxd3pv6bR3Wjr9uJX7+yVDzz1nbs+5TJ+eM6fn3AmgsgbTf2oR+yNiOonoT+YXyzojKxxceN6DPz86mz6SqNdf+z2JJMvLn59kX/uyk3si4scfktjXsbLemblrF8enpiavZsfDs5emh2fmrh2+cGn8/OT5ycujL4yeOH7s+ImRI21d1/WCvNM3332//5OxN7/56q9k5NtfxpI4GS9nT1x6HZtlMAYb/yfJyqK+E5tdWUk6sp+TpS9x0llig1iX/PXriognoj864uGL1x8fv1Jq44AtVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsP9UwsTACvjv3NhbjB6GnMDux8ksXRaJ4mI9mbmmu2JiLt3xm6euzN2M7ZoHg4oNn8jIp4siv+kEf8D0RMDjfivNcV/Oi44k31N819ts/7lU8XiH7bPQvz3tI7/np7GUVH8v7Uk/t9us/7Bh8l3epviv7fdSwIAAAAAAIDKun0qIp4v+vt/bXH9TxSs/+mLiJObUP/gsuOVf/+v3duEaoAC909FvFS4/reWr/4d6MhS/2msB+pKzl2YmjwSEf+NiEPRtSs9HlmljsOf7vuyVdlgtv4vf6T1383WAmbtuNe5q/mcifHZ8Y1eNxBx/0bEU4Xrf5PF/j8p6P/T3wfTj1jHvmdvnWlVtnb8A1ul/nXEwcL+/+FdK5LV788x3BgPDOejgpWe/vCz71rV3278u8UEbFza/+9ePf4HkqX365lZfx1H5zrrrcraHf93J683bjnTneV9MD47e3Ukojs53ZHmNuWPrr/N8DjK4yGPlzT+Dz2z+vxf0fi/NyLml33v5I/mPcW5///d92ur9hj/Q3nS+J9YV/+//sTorYHvW9X/aP3/sUZffyjLMf8HC77Iw7S7Ob8gHDuLira7vQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOKhFxJ5IakOL6VptaCiiLyL+F7trU1dmZp87d+W9yxNpWePz/2v5J/32Lxwn+ef/Dyw5Hl12fDQi9kbE5x29jeOhs1emJsq+eAAAAAAAAAAAAAAAAAAAANgh+lrs/0/91lF264At11l2A4DSFMT/T2W0A9h++n+oLvEP1SX+obrEP1SX+IfqEv9QXeIfqkv8AwAAAADAY2Xvgds/JxEx/2Jv45Hqzsq6Sm0ZsNVqZTcAKI1b/EB1WfoD1eU9PpCsUd7T8qS1zlzN9NkNnAwAAAAAAAAAAAAAlXNwv/3/UFX2/0N12f8P1ZXv/z9QcjuA7ec9PhBr7OQv3P+/5lkAAAAAAAAAAAAAwGaambt2cXxqavJq+4n8dgEb/T5lJ97YGc3YzkS9Xr+evnQ7pT3/8kS+FH6ntGdZIt/r92hnlfP7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWOmfAAAA///JXiFd")
finit_module(0xffffffffffffffff, &(0x7f0000000340)='/dev/ptmx\x00', 0x3)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x200000000000011, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000600)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904002c11018b75000905836dc6"], 0x0)
syz_open_dev$evdev(&(0x7f0000000100), 0x4000000, 0x0)

219.712326ms ago: executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r0, 0x0, 0xc, &(0x7f0000000000)="c1", 0x1)
setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000040)='\r', 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000100)=""/27, &(0x7f00000000c0)=0xfffffffffffffe90)

113.637882ms ago: executing program 4:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x4}, 0xe)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000080)={r2, @in6={{0xa, 0x0, 0x0, @empty}}}, 0x90)

51.351532ms ago: executing program 4:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x12, 0x1c, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x7b}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r2, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

0s ago: executing program 4:
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file2\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
mmap$snddsp_control(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x83000000)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r4, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x380, 0xffffffff, 0x98, 0x98, 0x98, 0xffffffff, 0xffffffff, 0x2e8, 0x2e8, 0x2e8, 0xffffffff, 0x4, 0x0, {[{{@ip={@private, @remote, 0x0, 0x0, 'rose0\x00', 'wg2\x00'}, 0xa00, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'snmp_trap\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'snmp\x00'}}]}, @REJECT={0x28}}, {{@ip={@remote, @dev, 0x0, 0x0, 'batadv_slave_0\x00', 'rose0\x00'}, 0x0, 0xc8, 0x128, 0x0, {}, [@common=@inet=@socket1={{0x28}}, @common=@addrtype={{0x30}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@broadcast}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3e0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x2, 0x8, 0x801}, 0x14}}, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r7, r6, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, 0x0)

kernel console output (not intermixed with test programs):

USB device found, idVendor=28bd, idProduct=0934, bcdDevice= 0.00
[  245.878923][ T3616] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.884549][ T8108] XFS (loop0): Ending clean mount
[  245.899929][ T3616] usb 2-1: config 0 descriptor??
[  245.911827][ T8108] XFS (loop0): Quotacheck needed: Please wait.
[  245.945954][ T8108] XFS (loop0): Quotacheck: Done.
[  245.967238][   T27] audit: type=1804 audit(1718569984.447:339): pid=8108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2538009040/syzkaller.ybFukD/141/file0/file1" dev="loop0" ino=9286 res=1 errno=0
[  246.165163][ T3613] usb 3-1: Using ep0 maxpacket: 32
[  246.670695][ T3616] input: HID 28bd:0934 Mouse as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28BD:0934.0005/input/input11
[  246.745304][ T3613] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.773125][ T3613] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.790502][ T3616] uclogic 0003:28BD:0934.0005: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0934] on usb-dummy_hcd.1-1/input0
[  246.819692][ T3613] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  246.849434][ T3613] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.880501][ T3613] usb 3-1: config 0 descriptor??
[  246.904411][ T3616] usb 2-1: USB disconnect, device number 4
[  246.936117][ T3613] hub 3-1:0.0: USB hub found
[  247.000872][ T6391] XFS (loop0): Unmounting Filesystem
[  247.070282][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  247.162670][ T3613] hub 3-1:0.0: 1 port detected
[  247.474719][ T8133] loop4: detected capacity change from 0 to 32768
[  247.488465][ T8133] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8133)
[  248.791765][ T8133] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  248.824943][ T8133] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  248.860038][ T8133] BTRFS info (device loop4): setting nodatasum
[  248.889123][ T8133] BTRFS info (device loop4): force zlib compression, level 3
[  248.915437][ T8133] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  248.924676][ T8133] BTRFS info (device loop4): use lzo compression, level 0
[  248.959550][ T8133] BTRFS info (device loop4): turning on flush-on-commit
[  248.980055][ T8133] BTRFS info (device loop4): enabling auto defrag
[  248.993646][ T8133] BTRFS info (device loop4): using free space tree
[  249.022952][ T8159] loop0: detected capacity change from 0 to 32768
[  249.053651][ T8159] XFS (loop0): Mounting V5 Filesystem
[  249.072868][ T8133] BTRFS info (device loop4): enabling ssd optimizations
[  249.157019][ T8159] XFS (loop0): Ending clean mount
[  249.175237][ T3613] hub 3-1:0.0: hub_hub_status failed (err = -71)
[  249.188377][ T3613] hub 3-1:0.0: config failed, can't get hub status (err -71)
[  249.194469][ T8159] XFS (loop0): Quotacheck needed: Please wait.
[  249.220759][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  249.230129][ T6597] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  249.321642][ T8159] XFS (loop0): Quotacheck: Done.
[  249.332735][ T3613] usbhid 3-1:0.0: can't add hid device: -71
[  249.343989][ T3613] usbhid: probe of 3-1:0.0 failed with error -71
[  249.415770][ T3613] usb 3-1: USB disconnect, device number 8
[  250.315507][   T27] audit: type=1800 audit(1718569988.787:340): pid=8159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="file1" dev="loop0" ino=9286 res=0 errno=0
[  250.559834][   T27] audit: type=1804 audit(1718569988.787:341): pid=8231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2538009040/syzkaller.ybFukD/148/file0/file1" dev="loop0" ino=9286 res=1 errno=0
[  250.686100][   T27] audit: type=1800 audit(1718569988.787:342): pid=8231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="file1" dev="loop0" ino=9286 res=0 errno=0
[  250.807217][ T8263] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  250.823073][ T8263] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  250.884096][ T6391] XFS (loop0): Unmounting Filesystem
[  250.934881][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  251.061526][   T27] audit: type=1326 audit(1718569989.537:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  251.107157][   T27] audit: type=1326 audit(1718569989.567:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  251.115161][ T4722] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  251.130115][   T27] audit: type=1326 audit(1718569989.567:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  251.217932][   T27] audit: type=1326 audit(1718569989.567:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  251.274922][   T27] audit: type=1326 audit(1718569989.567:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  251.354573][   T27] audit: type=1326 audit(1718569989.567:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  251.404841][   T27] audit: type=1326 audit(1718569989.567:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8274 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  251.540860][ T4722] usb 2-1: Using ep0 maxpacket: 32
[  251.599305][ T8269] loop2: detected capacity change from 0 to 32768
[  251.687356][ T8290] loop0: detected capacity change from 0 to 64
[  251.700702][ T4722] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.729727][ T4722] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.818206][ T4722] usb 2-1: New USB device found, idVendor=28bd, idProduct=0934, bcdDevice= 0.00
[  251.859435][ T8269] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (8269)
[  251.902446][ T8290] Trying to free block not in datazone
[  251.911576][ T8290] Trying to free block not in datazone
[  251.917174][ T8290] Trying to free block not in datazone
[  251.922660][ T8290] Trying to free block not in datazone
[  251.928211][ T8290] Trying to free block not in datazone
[  251.933826][ T8290] minix_free_block (loop0:6): bit already cleared
[  251.940974][ T8290] Trying to free block not in datazone
[  251.946602][ T8290] Trying to free block not in datazone
[  252.092144][ T4722] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.316734][ T4722] usb 2-1: config 0 descriptor??
[  252.328552][ T8269] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  252.346335][ T8269] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  252.375223][ T8269] BTRFS info (device loop2): setting nodatasum
[  252.391636][ T8269] BTRFS info (device loop2): force zlib compression, level 3
[  252.401788][ T8269] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  252.421317][ T8269] BTRFS info (device loop2): use lzo compression, level 0
[  252.428024][ T8296] loop0: detected capacity change from 0 to 1764
[  252.437936][ T8269] BTRFS info (device loop2): turning on flush-on-commit
[  252.455290][ T8269] BTRFS info (device loop2): enabling auto defrag
[  252.461754][ T8269] BTRFS info (device loop2): using free space tree
[  252.541394][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  252.587637][ T8269] BTRFS info (device loop2): enabling ssd optimizations
[  252.830963][ T4722] input: HID 28bd:0934 Mouse as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28BD:0934.0006/input/input12
[  252.992840][ T4722] uclogic 0003:28BD:0934.0006: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0934] on usb-dummy_hcd.1-1/input0
[  253.025950][ T7101] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  253.058244][ T4722] usb 2-1: USB disconnect, device number 5
[  253.786780][ T8347] loop3: detected capacity change from 0 to 64
[  254.625661][ T8347] Trying to free block not in datazone
[  254.631335][ T8347] Trying to free block not in datazone
[  254.636810][ T8347] Trying to free block not in datazone
[  254.642263][ T8347] Trying to free block not in datazone
[  254.649230][ T8347] Trying to free block not in datazone
[  254.654694][ T8347] minix_free_block (loop3:6): bit already cleared
[  254.661133][ T8347] Trying to free block not in datazone
[  254.666632][ T8347] Trying to free block not in datazone
[  255.268830][ T8368] loop2: detected capacity change from 0 to 512
[  255.294885][ T8368] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  255.507568][ T8368] EXT4-fs (loop2): 1 truncate cleaned up
[  255.513350][ T8368] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  255.565590][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  255.571913][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  255.815287][   T14] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  256.072577][   T14] usb 1-1: Using ep0 maxpacket: 32
[  256.199450][   T14] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.217995][ T8381] loop4: detected capacity change from 0 to 32768
[  256.224540][   T14] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.243440][ T8381] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8381)
[  256.263997][   T14] usb 1-1: New USB device found, idVendor=28bd, idProduct=0934, bcdDevice= 0.00
[  256.275825][   T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.336697][   T14] usb 1-1: config 0 descriptor??
[  256.800036][   T14] input: HID 28bd:0934 Mouse as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28BD:0934.0007/input/input13
[  256.814287][ T8381] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  256.825958][ T7101] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor.2: path /root/syzkaller-testdir882113641/syzkaller.mY1QIE/49/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  256.831987][ T8381] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  256.851701][    C1] vkms_vblank_simulate: vblank timer overrun
[  256.877692][   T14] uclogic 0003:28BD:0934.0007: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0934] on usb-dummy_hcd.0-1/input0
[  256.909691][ T8381] BTRFS info (device loop4): setting nodatasum
[  256.923484][ T8381] BTRFS info (device loop4): force zlib compression, level 3
[  256.931015][ T8381] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  256.945151][ T8381] BTRFS info (device loop4): use lzo compression, level 0
[  256.952288][ T8381] BTRFS info (device loop4): turning on flush-on-commit
[  256.966591][ T8381] BTRFS info (device loop4): enabling auto defrag
[  256.973102][ T8381] BTRFS info (device loop4): using free space tree
[  257.037843][ T8381] BTRFS info (device loop4): enabling ssd optimizations
[  257.057887][   T14] usb 1-1: USB disconnect, device number 12
[  257.154083][ T6597] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  257.314040][ T8406] device dummy0 entered promiscuous mode
[  257.324252][ T7101] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  257.344357][    C1] vkms_vblank_simulate: vblank timer overrun
[  257.437010][ T8403] device dummy0 left promiscuous mode
[  257.475546][ T7101] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor.2: path /root/syzkaller-testdir882113641/syzkaller.mY1QIE/49/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  257.501202][    C1] vkms_vblank_simulate: vblank timer overrun
[  257.566266][ T7101] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  257.625660][ T7101] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor.2: path /root/syzkaller-testdir882113641/syzkaller.mY1QIE/49/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  257.651304][    C1] vkms_vblank_simulate: vblank timer overrun
[  257.726745][ T8424] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  257.736110][ T7101] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  257.769175][ T8424] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.3'.
[  257.790839][ T8426] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  257.797054][ T8429] loop0: detected capacity change from 0 to 512
[  257.800702][ T7101] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor.2: path /root/syzkaller-testdir882113641/syzkaller.mY1QIE/49/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  257.819723][ T8429] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  257.832447][    C1] vkms_vblank_simulate: vblank timer overrun
[  257.863651][ T8429] EXT4-fs (loop0): 1 truncate cleaned up
[  257.867513][ T7101] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  257.874711][ T8429] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  257.950824][ T6391] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor.0: path /root/syzkaller-testdir2538009040/syzkaller.ybFukD/155/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  257.984029][ T6391] EXT4-fs error (device loop0): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  257.992274][ T7101] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor.2: path /root/syzkaller-testdir882113641/syzkaller.mY1QIE/49/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  258.029695][    C1] vkms_vblank_simulate: vblank timer overrun
[  258.043332][ T6391] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor.0: path /root/syzkaller-testdir2538009040/syzkaller.ybFukD/155/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  258.057405][ T7101] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  258.077873][ T6391] EXT4-fs error (device loop0): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  258.109884][   T14] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  258.124726][ T6391] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor.0: path /root/syzkaller-testdir2538009040/syzkaller.ybFukD/155/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  258.163375][ T6391] EXT4-fs error (device loop0): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  258.184636][ T6391] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor.0: path /root/syzkaller-testdir2538009040/syzkaller.ybFukD/155/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  258.216257][ T6391] EXT4-fs error (device loop0): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  258.239844][ T6391] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor.0: path /root/syzkaller-testdir2538009040/syzkaller.ybFukD/155/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  258.272090][ T6391] EXT4-fs error (device loop0): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  258.305272][ T4663] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  258.395209][   T14] usb 5-1: Using ep0 maxpacket: 32
[  258.535442][   T14] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.545382][ T4663] usb 4-1: Using ep0 maxpacket: 16
[  258.546517][   T14] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.561222][   T14] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  258.570405][   T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.616018][   T14] hub 5-1:4.0: USB hub found
[  258.665329][ T4663] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  258.674291][ T4663] usb 4-1: config 1 has no interface number 1
[  258.680544][ T4663] usb 4-1: too many endpoints for config 1 interface 2 altsetting 95: 154, using maximum allowed: 30
[  258.691543][ T4663] usb 4-1: config 1 interface 2 altsetting 95 has 0 endpoint descriptors, different from the interface descriptor's value: 154
[  258.705013][ T4663] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  258.706699][ T4722] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  258.737634][ T7101] EXT4-fs (loop2): unmounting filesystem.
[  258.740608][ T6391] EXT4-fs (loop0): unmounting filesystem.
[  258.749083][ T4663] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  258.762015][ T4663] usb 4-1: config 1 interface 2 has no altsetting 2
[  258.822438][ T1274] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.927137][   T14] hub 5-1:4.0: 8 ports detected
[  258.931610][ T4663] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  258.945237][   T14] hub 5-1:4.0: insufficient power available to use all downstream ports
[  258.953318][ T4663] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.985341][ T4663] usb 4-1: Product: syz
[  258.989575][ T4663] usb 4-1: Manufacturer: syz
[  258.994170][ T4663] usb 4-1: SerialNumber: syz
[  258.995736][ T1274] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.091121][ T1274] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.125393][ T4722] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.129554][   T27] audit: type=1326 audit(1718569997.607:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  259.165114][ T4722] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  259.195138][ T4722] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  259.204831][ T4722] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.215355][   T14] hub 5-1:4.0: hub_hub_status failed (err = -71)
[  259.224933][   T27] audit: type=1326 audit(1718569997.607:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  259.227177][   T14] hub 5-1:4.0: config failed, can't get hub status (err -71)
[  259.269598][ T4722] usb 2-1: config 0 descriptor??
[  259.296143][ T1274] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.307394][   T27] audit: type=1326 audit(1718569997.607:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  259.337845][   T27] audit: type=1326 audit(1718569997.607:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  259.341082][   T14] usb 5-1: USB disconnect, device number 10
[  259.363347][   T27] audit: type=1326 audit(1718569997.607:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  259.400089][ T4663] usb 4-1: USB disconnect, device number 9
[  259.427800][   T27] audit: type=1326 audit(1718569997.647:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  259.457046][   T27] audit: type=1326 audit(1718569997.647:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  259.480448][   T27] audit: type=1326 audit(1718569997.647:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  259.480706][ T3583] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  259.514193][   T27] audit: type=1326 audit(1718569997.647:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  259.538287][ T3582] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  259.547606][ T3582] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  259.556756][ T3582] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  259.564249][ T3582] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  259.571529][ T3582] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  259.586273][   T27] audit: type=1326 audit(1718569997.647:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d1147cea9 code=0x7ffc0000
[  259.631491][ T3584] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  259.643329][ T3584] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  259.653594][ T3583] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  259.665758][ T3583] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  259.674355][ T3583] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  259.688569][ T3583] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  259.745814][ T4722] hid (null): bogus close delimiter
[  259.870377][ T8445] chnl_net:caif_netlink_parms(): no params data found
[  259.888423][ T8454] loop4: detected capacity change from 0 to 512
[  259.940102][ T8454] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  259.952198][ T8454] ext4 filesystem being mounted at /root/syzkaller-testdir2133295699/syzkaller.MOWeDj/116/file0 supports timestamps until 2038 (0x7fffffff)
[  259.965306][ T4722] usb 2-1: language id specifier not provided by device, defaulting to English
[  260.013497][ T8462] device dummy0 entered promiscuous mode
[  260.026295][ T6597] EXT4-fs (loop4): unmounting filesystem.
[  260.075235][ T8457] device dummy0 left promiscuous mode
[  260.173551][ T8445] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.188975][ T8445] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.218794][ T8445] device bridge_slave_0 entered promiscuous mode
[  260.265323][ T8445] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.272494][ T8445] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.290829][ T8478] loop4: detected capacity change from 0 to 512
[  260.298530][ T8445] device bridge_slave_1 entered promiscuous mode
[  260.332050][ T8447] chnl_net:caif_netlink_parms(): no params data found
[  260.342484][ T8478] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  260.420976][ T8478] EXT4-fs (loop4): 1 truncate cleaned up
[  260.435191][ T8478] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  260.518418][ T6597] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 54: comm syz-executor.4: path /root/syzkaller-testdir2133295699/syzkaller.MOWeDj/118/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  260.546569][ T6597] EXT4-fs error (device loop4): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  260.569018][ T8445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  260.574131][ T6597] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 54: comm syz-executor.4: path /root/syzkaller-testdir2133295699/syzkaller.MOWeDj/118/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  260.605237][ T6597] EXT4-fs error (device loop4): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  260.626983][ T8445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  260.636874][ T6597] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 54: comm syz-executor.4: path /root/syzkaller-testdir2133295699/syzkaller.MOWeDj/118/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  260.663653][ T6597] EXT4-fs error (device loop4): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  260.713571][ T6597] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 54: comm syz-executor.4: path /root/syzkaller-testdir2133295699/syzkaller.MOWeDj/118/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  260.753051][ T6597] EXT4-fs error (device loop4): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  260.788037][ T6597] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 54: comm syz-executor.4: path /root/syzkaller-testdir2133295699/syzkaller.MOWeDj/118/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  260.829219][ T6597] EXT4-fs error (device loop4): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  260.840108][ T8475] loop1: detected capacity change from 0 to 40427
[  260.870648][ T8445] team0: Port device team_slave_0 added
[  260.918407][ T8475] F2FS-fs (loop1): Mismatch valid blocks 5 vs. 7
[  260.927417][ T8445] team0: Port device team_slave_1 added
[  260.934385][ T8447] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.938636][ T8475] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-117)
[  260.949059][ T8447] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.964382][ T8447] device bridge_slave_0 entered promiscuous mode
[  260.994971][ T8447] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.002377][ T8447] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.010982][ T8447] device bridge_slave_1 entered promiscuous mode
[  261.069397][ T8445] batman_adv: batadv0: Adding interface: batadv_slave_0
[  261.089298][ T8445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.136267][ T8445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  261.219424][ T8445] batman_adv: batadv0: Adding interface: batadv_slave_1
[  261.235215][ T8445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.261683][ T8445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  261.286681][ T8447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  261.312478][ T8447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  261.338094][ T8445] device hsr_slave_0 entered promiscuous mode
[  261.344789][ T8445] device hsr_slave_1 entered promiscuous mode
[  261.351482][ T8445] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  261.359517][ T8445] Cannot create hsr debugfs directory
[  261.399960][ T6597] EXT4-fs (loop4): unmounting filesystem.
[  261.406379][ T8447] team0: Port device team_slave_0 added
[  261.478804][ T1274] device hsr_slave_0 left promiscuous mode
[  261.495480][ T1274] device hsr_slave_1 left promiscuous mode
[  261.508755][ T1274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  261.532608][ T1274] batman_adv: batadv0: Removing interface: batadv_slave_0
[  261.552631][ T1274] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.560600][ T1274] batman_adv: batadv0: Removing interface: batadv_slave_1
[  261.579541][ T1274] device bridge_slave_1 left promiscuous mode
[  261.594251][ T1274] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.614030][ T1274] device bridge_slave_0 left promiscuous mode
[  261.623393][ T1274] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.635496][ T3582] Bluetooth: hci0: command tx timeout
[  261.663093][ T1274] device veth1_macvtap left promiscuous mode
[  261.675188][ T1274] device veth0_macvtap left promiscuous mode
[  261.681435][ T1274] device veth1_vlan left promiscuous mode
[  261.688451][ T1274] device veth0_vlan left promiscuous mode
[  261.715398][ T3582] Bluetooth: hci4: command tx timeout
[  261.765313][ T4663] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  261.944750][ T3584] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  261.965494][ T3584] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  261.974041][ T3584] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  261.986075][ T3584] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  261.995410][ T1274] team0 (unregistering): Port device team_slave_1 removed
[  262.003734][ T3584] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  262.013448][ T3584] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  262.015449][ T4663] usb 4-1: Using ep0 maxpacket: 16
[  262.028617][ T1274] team0 (unregistering): Port device team_slave_0 removed
[  262.049778][ T1274] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  262.065332][ T1274] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  262.134675][ T1274] bond0 (unregistering): Released all slaves
[  262.145392][ T4663] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  262.154522][ T4663] usb 4-1: config 1 has no interface number 1
[  262.160865][ T4663] usb 4-1: too many endpoints for config 1 interface 2 altsetting 95: 154, using maximum allowed: 30
[  262.172597][ T4663] usb 4-1: config 1 interface 2 altsetting 95 has 0 endpoint descriptors, different from the interface descriptor's value: 154
[  262.185902][ T4663] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  262.196985][ T4663] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  262.209554][ T4663] usb 4-1: config 1 interface 2 has no altsetting 2
[  262.212035][ T8447] team0: Port device team_slave_1 added
[  262.324981][ T8447] batman_adv: batadv0: Adding interface: batadv_slave_0
[  262.334618][ T8447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  262.360829][ T8447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  262.400534][ T4663] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  262.410581][ T4663] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.410706][ T8447] batman_adv: batadv0: Adding interface: batadv_slave_1
[  262.427801][ T4663] usb 4-1: Product: syz
[  262.432046][ T4663] usb 4-1: Manufacturer: syz
[  262.434611][ T8447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  262.444104][ T4663] usb 4-1: SerialNumber: syz
[  262.473496][ T8447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  262.495278][ T4722] uclogic 0003:256C:006D.0008: failed retrieving string descriptor #200: -71
[  262.512859][ T4722] uclogic 0003:256C:006D.0008: failed retrieving pen parameters: -71
[  262.521356][ T4722] uclogic 0003:256C:006D.0008: failed probing pen v2 parameters: -71
[  262.530360][ T4722] uclogic 0003:256C:006D.0008: failed probing parameters: -71
[  262.537993][ T4722] uclogic: probe of 0003:256C:006D.0008 failed with error -71
[  262.553747][ T4722] usb 2-1: USB disconnect, device number 6
[  262.624060][ T8447] device hsr_slave_0 entered promiscuous mode
[  262.632052][ T8447] device hsr_slave_1 entered promiscuous mode
[  262.638929][ T8447] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  262.646687][ T8447] Cannot create hsr debugfs directory
[  262.860024][ T4663] usb 4-1: USB disconnect, device number 10
[  262.895448][ T8504] chnl_net:caif_netlink_parms(): no params data found
[  262.958809][ T8504] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.966181][ T8504] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.974230][ T8504] device bridge_slave_0 entered promiscuous mode
[  262.982987][ T8504] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.990213][ T8504] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.010124][ T8504] device bridge_slave_1 entered promiscuous mode
[  263.051629][ T8447] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.127819][ T8504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  263.148675][ T8504] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  263.184815][ T8447] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.201461][ T8514] device dummy0 entered promiscuous mode
[  263.226911][ T8511] device dummy0 left promiscuous mode
[  263.253673][ T8504] team0: Port device team_slave_0 added
[  263.294133][ T8447] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.342990][ T8504] team0: Port device team_slave_1 added
[  263.443301][ T8447] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.496143][ T8504] batman_adv: batadv0: Adding interface: batadv_slave_0
[  263.503112][ T8504] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.537904][ T8518] loop3: detected capacity change from 0 to 8192
[  263.574366][ T8504] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  263.586470][ T8518] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  263.609688][ T8518] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  263.629746][ T8518] REISERFS (device loop3): using ordered data mode
[  263.635586][ T8504] batman_adv: batadv0: Adding interface: batadv_slave_1
[  263.645161][ T8518] reiserfs: using flush barriers
[  263.655275][ T8518] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  263.675287][ T8504] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.685505][ T8518] REISERFS (device loop3): checking transaction log (loop3)
[  263.715331][ T3582] Bluetooth: hci0: command tx timeout
[  263.742156][ T8518] REISERFS (device loop3): Using r5 hash to sort names
[  263.746552][ T8504] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  263.761572][ T8518] REISERFS (device loop3): using 3.5.x disk format
[  263.768503][ T8518] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  263.795190][ T3582] Bluetooth: hci4: command tx timeout
[  263.926006][ T8520] loop1: detected capacity change from 0 to 32768
[  263.934871][ T8520] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (8520)
[  263.951504][ T8504] device hsr_slave_0 entered promiscuous mode
[  263.970878][ T8520] BTRFS info (device loop1): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  263.981245][ T8520] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  263.991959][ T8504] device hsr_slave_1 entered promiscuous mode
[  264.005191][ T8520] BTRFS info (device loop1): using free space tree
[  264.016321][ T8504] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  264.023894][ T8504] Cannot create hsr debugfs directory
[  264.035303][ T3582] Bluetooth: hci1: command tx timeout
[  264.050869][ T8525] loop3: detected capacity change from 0 to 512
[  264.067900][ T8525] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  264.120830][ T8445] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  264.140939][ T8445] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  264.153802][ T8525] EXT4-fs (loop3): 1 truncate cleaned up
[  264.161729][ T8525] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  264.209909][ T5952] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor.3: path /root/syzkaller-testdir697253795/syzkaller.GBnvxe/166/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  264.235881][ T8520] BTRFS info (device loop1): enabling ssd optimizations
[  264.246786][ T8445] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  264.260463][ T5952] EXT4-fs error (device loop3): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  264.273444][ T8445] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  264.345720][ T5952] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor.3: path /root/syzkaller-testdir697253795/syzkaller.GBnvxe/166/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  264.377016][ T5901] BTRFS info (device loop1): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  264.396264][ T5952] EXT4-fs error (device loop3): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  264.567145][ T5952] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor.3: path /root/syzkaller-testdir697253795/syzkaller.GBnvxe/166/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  264.625912][ T5952] EXT4-fs error (device loop3): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  264.642292][ T8504] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.665912][ T5952] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor.3: path /root/syzkaller-testdir697253795/syzkaller.GBnvxe/166/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  264.724312][ T5952] EXT4-fs error (device loop3): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  264.727855][ T8447] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  264.790647][ T5952] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor.3: path /root/syzkaller-testdir697253795/syzkaller.GBnvxe/166/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  264.797136][ T8445] 8021q: adding VLAN 0 to HW filter on device bond0
[  264.864148][ T5952] EXT4-fs error (device loop3): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  264.869990][ T8504] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.947790][ T8447] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  264.971654][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  264.980534][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  264.993686][ T8445] 8021q: adding VLAN 0 to HW filter on device team0
[  265.006541][ T8447] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  265.033321][ T8504] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.072853][ T8447] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  265.102551][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  265.122538][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  265.136187][  T152] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.143323][  T152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.151708][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  265.189649][ T8504] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.239923][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  265.252075][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  265.265322][   T14] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.272387][   T14] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.315036][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  265.379717][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  265.388958][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  265.408120][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  265.456705][ T8445] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  265.467340][ T8445] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  265.479572][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  265.492000][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  265.500488][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  265.509265][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  265.516353][ T5952] EXT4-fs (loop3): unmounting filesystem.
[  265.517738][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  265.531586][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  265.540239][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  265.549008][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  265.601591][ T8447] 8021q: adding VLAN 0 to HW filter on device bond0
[  265.655419][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  265.663300][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  265.700042][ T8447] 8021q: adding VLAN 0 to HW filter on device team0
[  265.710893][ T8504] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  265.771678][ T1274] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.795563][ T3582] Bluetooth: hci0: command tx timeout
[  265.855992][ T8504] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  265.875324][ T3582] Bluetooth: hci4: command tx timeout
[  265.888574][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  265.915679][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  265.933779][   T14] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.940943][   T14] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.975589][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  265.994290][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  266.008411][   T14] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.015526][   T14] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.032069][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  266.054330][ T3584] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  266.064170][ T3584] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  266.073604][ T3584] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  266.081685][ T3584] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  266.081769][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  266.090161][ T3584] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  266.104719][ T3584] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  266.116074][ T3583] Bluetooth: hci1: command tx timeout
[  266.126491][ T1274] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.147579][ T3890] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  266.155977][ T8504] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  266.174800][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  266.186947][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  266.200672][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  266.220275][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  266.234666][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  266.250465][ T8447] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  266.264086][ T8447] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  266.275772][ T8504] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  266.290516][ T1274] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.305548][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  266.313470][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  266.322127][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  266.330950][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  266.339579][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  266.351447][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  266.381649][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  266.390816][ T3891] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  266.398381][ T3890] usb 2-1: Using ep0 maxpacket: 16
[  266.428030][ T1274] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.447367][ T8445] 8021q: adding VLAN 0 to HW filter on device batadv0
[  266.515392][ T3890] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  266.524480][ T3890] usb 2-1: config 1 has no interface number 1
[  266.547927][ T3890] usb 2-1: too many endpoints for config 1 interface 2 altsetting 95: 154, using maximum allowed: 30
[  266.560374][ T3890] usb 2-1: config 1 interface 2 altsetting 95 has 0 endpoint descriptors, different from the interface descriptor's value: 154
[  266.574253][ T3890] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  266.594309][ T3890] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  266.618773][ T3890] usb 2-1: config 1 interface 2 has no altsetting 2
[  266.644223][ T8504] 8021q: adding VLAN 0 to HW filter on device bond0
[  266.659710][ T8445] device veth0_vlan entered promiscuous mode
[  266.668498][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  266.677222][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  266.686235][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  266.694628][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  266.702920][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  266.712349][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  266.740508][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  266.751039][ T4434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  266.760721][ T8445] device veth1_vlan entered promiscuous mode
[  266.786345][ T3890] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  266.795602][ T3890] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.797454][ T8504] 8021q: adding VLAN 0 to HW filter on device team0
[  266.803586][ T3890] usb 2-1: Product: syz
[  266.820051][ T3890] usb 2-1: Manufacturer: syz
[  266.824671][ T3890] usb 2-1: SerialNumber: syz
[  266.851180][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  266.860173][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  266.868853][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  266.877652][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  266.886547][ T4513] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.893611][ T4513] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.901271][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  266.908711][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  266.956311][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  266.964416][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  266.973639][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  266.982372][ T4237] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.989498][ T4237] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.998105][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  267.007025][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  267.015883][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  267.032252][ T8447] 8021q: adding VLAN 0 to HW filter on device batadv0
[  267.039619][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  267.048540][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  267.058325][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  267.069918][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  267.081575][ T8556] chnl_net:caif_netlink_parms(): no params data found
[  267.122749][ T8445] device veth0_macvtap entered promiscuous mode
[  267.131372][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  267.139888][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  267.149218][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  267.163775][ T3890] usb 2-1: USB disconnect, device number 7
[  267.208661][ T8445] device veth1_macvtap entered promiscuous mode
[  267.225985][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  267.234763][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  267.244278][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  267.253010][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  267.282151][ T8504] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  267.306309][ T8504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  267.335964][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  267.344593][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  267.382195][ T3887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  267.392528][ T3887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  267.402480][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  267.410408][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  267.421990][ T8556] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.431685][ T8556] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.440545][ T8556] device bridge_slave_0 entered promiscuous mode
[  267.449268][ T8556] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.457110][ T8556] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.464801][ T8556] device bridge_slave_1 entered promiscuous mode
[  267.493872][ T8556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  267.550327][ T8447] device veth0_vlan entered promiscuous mode
[  267.557947][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.575572][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.591519][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.610864][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.636222][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.655306][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.675104][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.696198][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.716086][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.729293][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.742848][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  267.753311][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.764460][ T8445] batman_adv: batadv0: Interface activated: batadv_slave_0
[  267.774617][ T8556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  267.790731][ T8447] device veth1_vlan entered promiscuous mode
[  267.805707][ T8572] device dummy0 entered promiscuous mode
[  267.814033][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  267.839515][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  267.851778][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  267.867029][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.880114][ T3582] Bluetooth: hci0: command tx timeout
[  267.894622][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.905402][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.916084][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.926245][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.936759][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.947032][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.957778][ T3582] Bluetooth: hci4: command tx timeout
[  267.963213][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.973099][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  267.983636][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  267.993771][ T8445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  268.006352][ T8445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  268.017696][ T8445] batman_adv: batadv0: Interface activated: batadv_slave_1
[  268.057078][ T8571] device dummy0 left promiscuous mode
[  268.074873][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  268.084850][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  268.094196][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  268.104804][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  268.113193][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  268.123049][ T8445] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  268.135988][ T8445] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  268.139484][ T8578] Process accounting resumed
[  268.146524][ T8445] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  268.158834][ T8445] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  268.195422][ T3582] Bluetooth: hci2: command tx timeout
[  268.202208][ T3584] Bluetooth: hci1: command tx timeout
[  268.218115][ T8504] 8021q: adding VLAN 0 to HW filter on device batadv0
[  268.274407][ T8556] team0: Port device team_slave_0 added
[  268.344477][ T8556] team0: Port device team_slave_1 added
[  268.377024][ T3887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  268.387811][ T3887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  268.397372][ T8447] device veth0_macvtap entered promiscuous mode
[  268.450939][ T8447] device veth1_macvtap entered promiscuous mode
[  268.469763][ T8556] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.485157][ T8556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.511585][ T3890] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  268.540872][ T8556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.558856][ T8556] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.566772][ T8556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.592873][ T8556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.617153][ T8234] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.629477][ T8234] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.671475][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  268.695313][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  268.705508][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  268.716051][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  268.726690][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  268.737198][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  268.747813][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  268.755943][ T3890] usb 2-1: Using ep0 maxpacket: 32
[  268.760111][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  268.774497][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  268.785330][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  268.797409][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  268.808481][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  268.818334][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  268.828968][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  268.841427][ T8447] batman_adv: batadv0: Interface activated: batadv_slave_0
[  268.852526][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  268.863482][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  268.871691][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  268.875338][ T3890] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.879645][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  268.889968][ T3890] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  268.908482][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  268.916316][ T3890] usb 2-1: New USB device found, idVendor=28bd, idProduct=0934, bcdDevice= 0.00
[  268.932014][ T3890] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.941735][ T3890] usb 2-1: config 0 descriptor??
[  268.967015][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  268.977969][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  268.988026][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  268.999491][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.009364][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  269.020313][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.031294][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  269.041740][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.051646][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  269.062322][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.072979][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  269.083566][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.097891][ T8447] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  269.108374][ T8447] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  269.119368][ T8447] batman_adv: batadv0: Interface activated: batadv_slave_1
[  269.136191][ T8447] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  269.144967][ T8447] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  269.154022][ T8447] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  269.163204][ T8447] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  269.182326][ T8230] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  269.196036][ T8230] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  269.215744][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  269.224151][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  269.233378][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  269.300935][ T8556] device hsr_slave_0 entered promiscuous mode
[  269.316018][ T8556] device hsr_slave_1 entered promiscuous mode
[  269.336066][ T8556] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  269.343727][ T8556] Cannot create hsr debugfs directory
[  269.397277][   T27] kauditd_printk_skb: 8 callbacks suppressed
[  269.397289][   T27] audit: type=1800 audit(1718570007.877:368): pid=8590 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1949 res=0 errno=0
[  269.424712][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  269.433921][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  269.439914][ T3890] input: HID 28bd:0934 Mouse as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28BD:0934.0009/input/input14
[  269.442663][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  269.463884][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  269.509041][ T8504] device veth0_vlan entered promiscuous mode
[  269.538151][ T3890] uclogic 0003:28BD:0934.0009: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0934] on usb-dummy_hcd.1-1/input0
[  269.556027][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  269.563826][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  269.601183][ T8504] device veth1_vlan entered promiscuous mode
[  269.662408][ T3887] usb 2-1: USB disconnect, device number 8
[  269.709930][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  269.712454][ T8598] loop2: detected capacity change from 0 to 512
[  269.726625][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  269.726909][ T8230] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  269.734653][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  269.751933][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  269.760701][ T8230] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  269.766191][ T8504] device veth0_macvtap entered promiscuous mode
[  269.792577][ T8598] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  269.814850][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  269.824723][ T8598] EXT4-fs (loop2): 1 truncate cleaned up
[  269.831196][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  269.838539][ T8598] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  269.870744][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  269.872601][ T8504] device veth1_macvtap entered promiscuous mode
[  269.894353][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  269.903831][ T8445] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor.2: path /root/syzkaller-testdir2286387665/syzkaller.SvDHDz/5/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  269.936208][ T8445] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  269.954230][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  269.958921][ T8445] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor.2: path /root/syzkaller-testdir2286387665/syzkaller.SvDHDz/5/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  270.003417][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.013396][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.013597][ T8445] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  270.033492][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.054243][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.054606][ T8445] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor.2: path /root/syzkaller-testdir2286387665/syzkaller.SvDHDz/5/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  270.064691][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.064708][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.064722][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.064735][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.100785][ T8445] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  270.102618][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.163839][ T8445] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor.2: path /root/syzkaller-testdir2286387665/syzkaller.SvDHDz/5/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  270.179608][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.190237][ T8445] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  270.202166][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.231936][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.242423][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.254591][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.269728][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.280830][ T3584] Bluetooth: hci1: command tx timeout
[  270.286266][ T3584] Bluetooth: hci2: command tx timeout
[  270.288996][ T8445] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor.2: path /root/syzkaller-testdir2286387665/syzkaller.SvDHDz/5/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  270.299248][ T8504] batman_adv: batadv0: Interface activated: batadv_slave_0
[  270.326803][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  270.329173][ T8445] EXT4-fs error (device loop2): ext4_empty_dir:3131: inode #11: block 54: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  270.334909][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  270.363059][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  270.371829][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  270.396365][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.416661][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.433124][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.444189][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.454360][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.465510][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.476002][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.486817][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.499297][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.510405][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.521656][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.532484][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.542745][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.553255][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.563479][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.574004][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.586739][ T8504] batman_adv: batadv0: Interface activated: batadv_slave_1
[  270.603453][ T8504] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  270.612324][ T8504] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  270.622690][ T8504] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  270.632797][ T8504] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.683083][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  270.694794][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  270.738160][ T8606] loop0: detected capacity change from 0 to 512
[  270.774863][ T8606] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  270.822193][ T8606] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  270.831481][ T8606] ext4 filesystem being mounted at /root/syzkaller-testdir3624040350/syzkaller.JkofMB/1/file0 supports timestamps until 2038 (0x7fffffff)
[  270.921596][ T8447] EXT4-fs (loop0): unmounting filesystem.
[  271.000520][ T8230] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.011413][ T8230] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.022407][ T8610] loop0: detected capacity change from 0 to 512
[  271.036752][ T4665] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  271.042259][ T8610] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #15: comm syz-executor.0: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  271.064850][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.073407][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.073845][ T8610] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz-executor.0: couldn't read orphan inode 15 (err -117)
[  271.089778][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  271.102394][ T8610] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  271.140920][ T8610] ext4 filesystem being mounted at /root/syzkaller-testdir3624040350/syzkaller.JkofMB/2/file0 supports timestamps until 2038 (0x7fffffff)
[  271.190213][ T8445] EXT4-fs (loop2): unmounting filesystem.
[  271.236472][ T8447] EXT4-fs (loop0): unmounting filesystem.
[  271.278028][ T8613] loop4: detected capacity change from 0 to 736
[  271.334121][ T8615] loop1: detected capacity change from 0 to 1024
[  271.353721][ T1274] device hsr_slave_0 left promiscuous mode
[  271.371734][ T8613] rock: directory entry would overflow storage
[  271.385614][ T1274] device hsr_slave_1 left promiscuous mode
[  271.409035][ T8613] rock: sig=0x3b10, size=4, remaining=3
[  271.433462][ T1274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.445223][ T1274] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.507780][ T1274] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.530709][ T1274] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.563332][ T8628] capability: warning: `syz-executor.4' uses 32-bit capabilities (legacy support in use)
[  271.575540][ T1274] device bridge_slave_1 left promiscuous mode
[  271.586286][ T1274] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.617638][ T1274] device bridge_slave_0 left promiscuous mode
[  271.667466][ T1274] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.702106][ T8636] loop4: detected capacity change from 0 to 512
[  271.716368][ T1274] device hsr_slave_0 left promiscuous mode
[  271.727458][ T1274] device hsr_slave_1 left promiscuous mode
[  271.741147][ T1274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.757662][ T1274] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.769836][ T8636] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #15: comm syz-executor.4: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  271.798156][ T1274] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.814768][ T1274] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.834581][ T1274] device bridge_slave_1 left promiscuous mode
[  271.842440][ T8636] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 15 (err -117)
[  271.867242][ T8636] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  271.877784][ T1274] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.906142][ T8636] ext4 filesystem being mounted at /root/syzkaller-testdir2018641762/syzkaller.Wpnd2y/2/file0 supports timestamps until 2038 (0x7fffffff)
[  271.925712][ T1274] device bridge_slave_0 left promiscuous mode
[  271.969973][ T1274] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.976389][ T3584] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  271.995728][ T3584] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  272.003842][ T3584] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  272.012655][ T3584] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  272.021014][ T3584] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  272.030537][ T3584] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  272.037126][ T8504] EXT4-fs (loop4): unmounting filesystem.
[  272.050134][ T1274] device hsr_slave_0 left promiscuous mode
[  272.060932][ T1274] device hsr_slave_1 left promiscuous mode
[  272.072812][ T1274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  272.096910][ T1274] batman_adv: batadv0: Removing interface: batadv_slave_0
[  272.106244][ T1274] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  272.113661][ T1274] batman_adv: batadv0: Removing interface: batadv_slave_1
[  272.123508][ T1274] device bridge_slave_1 left promiscuous mode
[  272.144947][ T1274] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.165173][ T8637] loop0: detected capacity change from 0 to 32768
[  272.172770][ T1274] device bridge_slave_0 left promiscuous mode
[  272.173063][ T8637] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (8637)
[  272.179323][ T1274] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.213231][ T8637] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  272.223887][ T8637] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  272.232603][ T8637] BTRFS info (device loop0): using free space tree
[  272.233058][ T8643] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  272.256567][ T1274] device veth1_macvtap left promiscuous mode
[  272.262570][ T1274] device veth0_macvtap left promiscuous mode
[  272.274730][ T1274] device veth1_vlan left promiscuous mode
[  272.282222][ T1274] device veth0_vlan left promiscuous mode
[  272.296574][ T8637] BTRFS info (device loop0): enabling ssd optimizations
[  272.305766][ T1274] device veth1_macvtap left promiscuous mode
[  272.311820][ T1274] device veth0_macvtap left promiscuous mode
[  272.320101][ T1274] device veth1_vlan left promiscuous mode
[  272.326890][ T1274] device veth0_vlan left promiscuous mode
[  272.337279][ T1274] device veth1_macvtap left promiscuous mode
[  272.344105][ T1274] device veth0_macvtap left promiscuous mode
[  272.351221][ T1274] device veth1_vlan left promiscuous mode
[  272.360149][ T3584] Bluetooth: hci2: command tx timeout
[  272.367534][ T1274] device veth0_vlan left promiscuous mode
[  272.415926][ T8447] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  272.620790][ T8662] loop1: detected capacity change from 0 to 1024
[  272.836575][ T8668] loop1: detected capacity change from 0 to 736
[  272.893437][ T8668] rock: directory entry would overflow storage
[  272.900059][ T8668] rock: sig=0x3b10, size=4, remaining=3
[  273.131528][ T8672] loop0: detected capacity change from 0 to 8192
[  273.158819][ T8672] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  273.192103][ T8672] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  273.215298][ T8672] REISERFS (device loop0): using ordered data mode
[  273.221837][ T8672] reiserfs: using flush barriers
[  273.240826][ T1274] team0 (unregistering): Port device team_slave_1 removed
[  273.255093][ T8672] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  273.274259][ T1274] team0 (unregistering): Port device team_slave_0 removed
[  273.285558][ T8672] REISERFS (device loop0): checking transaction log (loop0)
[  273.293195][ T1274] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  273.299802][ T8672] REISERFS (device loop0): Using r5 hash to sort names
[  273.310785][ T8672] REISERFS (device loop0): using 3.5.x disk format
[  273.319067][ T8672] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  273.329891][ T1274] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  273.431268][ T1274] bond0 (unregistering): Released all slaves
[  273.572076][ T1274] team0 (unregistering): Port device team_slave_1 removed
[  273.587507][ T1274] team0 (unregistering): Port device team_slave_0 removed
[  273.604284][ T1274] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  273.620082][ T1274] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  273.687751][ T1274] bond0 (unregistering): Released all slaves
[  273.745233][ T4514] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  273.822361][ T1274] team0 (unregistering): Port device team_slave_1 removed
[  273.839565][ T1274] team0 (unregistering): Port device team_slave_0 removed
[  273.853737][ T1274] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  273.867329][ T1274] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  273.942506][ T1274] bond0 (unregistering): Released all slaves
[  273.995590][ T8642] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  274.011203][ T8684] netlink: 'syz-executor.1': attribute type 6 has an invalid length.
[  274.115962][ T3584] Bluetooth: hci0: command tx timeout
[  274.125270][ T4514] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.136487][ T4514] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.146452][ T4514] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  274.156054][ T4514] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.165613][ T4514] usb 1-1: config 0 descriptor??
[  274.248425][ T8556] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  274.258904][ T8694] loop4: detected capacity change from 0 to 1024
[  274.288411][ T8556] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  274.304091][ T8694] EXT4-fs (loop4): bad geometry: first data block 100663296 is beyond end of filesystem (512)
[  274.328659][ T8556] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  274.356399][ T8556] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  274.489106][ T3584] Bluetooth: hci2: command tx timeout
[  274.611081][ T8698] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.4'.
[  275.211836][ T8639] chnl_net:caif_netlink_parms(): no params data found
[  275.266211][ T8556] 8021q: adding VLAN 0 to HW filter on device bond0
[  275.323955][ T4722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  275.334634][ T4722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  275.341024][ T4514] hid (null): bogus close delimiter
[  275.392694][ T8556] 8021q: adding VLAN 0 to HW filter on device team0
[  275.475262][ T4514] usb 1-1: language id specifier not provided by device, defaulting to English
[  275.521220][ T8639] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.530907][ T8639] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.539104][ T8639] device bridge_slave_0 entered promiscuous mode
[  275.547147][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  275.556827][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  275.565346][ T3578] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.572461][ T3578] bridge0: port 1(bridge_slave_0) entered forwarding state
[  275.580337][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  275.589319][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  275.597917][ T3578] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.604999][ T3578] bridge0: port 2(bridge_slave_1) entered forwarding state
[  275.616414][ T8639] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.640878][ T8639] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.663268][ T8639] device bridge_slave_1 entered promiscuous mode
[  275.685148][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  275.696022][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  275.714971][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  275.777058][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  275.788343][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  275.824082][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  275.846103][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  275.861144][ T8556] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  275.897540][ T8556] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  275.941427][ T8639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  276.097537][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  276.117402][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  276.145877][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  276.174804][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  276.194758][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  276.202588][ T3584] Bluetooth: hci0: command tx timeout
[  276.216488][ T8720] bridge_slave_0: mtu less than device minimum
[  276.248046][ T8639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  276.266984][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  276.335310][ T8730] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  276.372793][ T8730] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  276.397623][ T8639] team0: Port device team_slave_0 added
[  276.428126][ T8639] team0: Port device team_slave_1 added
[  276.478836][ T8686] loop0: detected capacity change from 0 to 40427
[  276.524072][ T8639] batman_adv: batadv0: Adding interface: batadv_slave_0
[  276.539393][ T8639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  276.547248][ T8686] F2FS-fs (loop0): Mismatch valid blocks 5 vs. 7
[  276.573876][ T8639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  276.587708][ T8735] netlink: 'syz-executor.4': attribute type 6 has an invalid length.
[  276.612141][ T8686] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-117)
[  276.628773][ T8639] batman_adv: batadv0: Adding interface: batadv_slave_1
[  276.655309][ T8639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  276.732261][ T8639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  276.902248][ T8639] device hsr_slave_0 entered promiscuous mode
[  276.935488][ T8639] device hsr_slave_1 entered promiscuous mode
[  276.940193][ T8748] loop4: detected capacity change from 0 to 1024
[  276.986797][ T8556] 8021q: adding VLAN 0 to HW filter on device batadv0
[  276.994952][ T8748] EXT4-fs (loop4): bad geometry: first data block 100663296 is beyond end of filesystem (512)
[  277.006196][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  277.013752][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  277.075417][ T4514] uclogic 0003:256C:006D.000A: failed retrieving Huion firmware version: -71
[  277.084255][ T4514] uclogic 0003:256C:006D.000A: failed probing parameters: -71
[  277.123424][ T4514] uclogic: probe of 0003:256C:006D.000A failed with error -71
[  277.258161][ T4514] usb 1-1: USB disconnect, device number 13
[  277.351279][ T8761] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.4'.
[  278.236674][ T8766] input: syz0 as /devices/virtual/input/input15
[  278.275270][ T3583] Bluetooth: hci0: command tx timeout
[  278.323889][ T8767] loop0: detected capacity change from 0 to 512
[  278.532841][ T8767] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  278.803310][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  278.823131][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  278.834963][ T8767] EXT4-fs (loop0): 1 truncate cleaned up
[  278.840934][ T8767] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  278.979271][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  278.996888][ T8774] loop1: detected capacity change from 0 to 1024
[  279.006480][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  279.036232][ T8556] device veth0_vlan entered promiscuous mode
[  279.052761][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  279.162290][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  279.190668][ T8556] device veth1_vlan entered promiscuous mode
[  279.193154][ T8778] loop4: detected capacity change from 0 to 736
[  279.207827][ T8447] EXT4-fs (loop0): unmounting filesystem.
[  279.307603][ T8778] rock: directory entry would overflow storage
[  279.324935][ T8639] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.340976][ T8778] rock: sig=0x3b10, size=4, remaining=3
[  279.385543][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  279.393735][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  279.435890][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  279.455441][ T3894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  279.505024][ T8639] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.559063][ T8556] device veth0_macvtap entered promiscuous mode
[  279.576593][ T8556] device veth1_macvtap entered promiscuous mode
[  279.627829][ T8639] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.657912][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.678597][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.708591][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.732728][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.744997][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.762312][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.772345][ T3894] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  279.789244][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.814572][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.836144][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.855132][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.872831][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.905453][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.927344][ T8556] batman_adv: batadv0: Interface activated: batadv_slave_0
[  279.970127][ T8639] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.006706][ T8789] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  280.030601][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  280.044947][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  280.062140][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  280.073427][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  280.096649][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.118353][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.130411][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.140995][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.145329][ T3894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  280.152063][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.172461][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.182487][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.189733][ T3894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  280.202764][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.202780][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.202795][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.202810][ T8556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.202820][ T8556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.207765][ T8556] batman_adv: batadv0: Interface activated: batadv_slave_1
[  280.213093][ T3894] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  280.242416][ T8556] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.282561][ T8556] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  280.291412][ T8556] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  280.293180][ T3894] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.300196][ T8556] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  280.317324][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  280.326353][ T3890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  280.337590][ T3894] usb 2-1: config 0 descriptor??
[  280.345313][ T8793] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  280.355359][ T3583] Bluetooth: hci0: command tx timeout
[  280.361104][ T8793] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.0'.
[  280.542483][ T8218] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  280.552295][ T8218] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.581279][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  280.650532][ T8639] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  280.658457][ T8230] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  280.671791][ T8230] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.689758][ T8639] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  280.715410][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  280.726924][ T8639] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  280.781403][ T8639] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  280.826086][ T3894] hid (null): bogus close delimiter
[  281.084163][ T8639] 8021q: adding VLAN 0 to HW filter on device bond0
[  281.110396][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  281.125255][ T3894] usb 2-1: language id specifier not provided by device, defaulting to English
[  281.149513][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  281.184212][ T8639] 8021q: adding VLAN 0 to HW filter on device team0
[  281.265679][ T8816] input: syz0 as /devices/virtual/input/input16
[  281.326058][ T8816] loop0: detected capacity change from 0 to 512
[  281.429104][ T8816] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  281.950804][ T8816] EXT4-fs (loop0): 1 truncate cleaned up
[  281.956765][ T8816] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  282.027714][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  282.039042][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  282.048765][ T4514] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.055913][ T4514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.063668][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  282.073275][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  282.082024][ T4514] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.089151][ T4514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.114364][ T4514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  282.166817][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  282.175969][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  282.185717][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  282.197056][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  282.206779][ T8821] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  282.217110][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  282.226851][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  282.235597][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  282.244213][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  282.256623][ T8820] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  282.350723][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  282.359375][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  282.360531][ T8447] EXT4-fs (loop0): unmounting filesystem.
[  282.368195][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  282.438632][ T8639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  282.503286][ T8827] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  282.835774][ T3894] uclogic 0003:256C:006D.000B: failed retrieving Huion firmware version: -71
[  282.844622][ T3894] uclogic 0003:256C:006D.000B: failed probing parameters: -71
[  282.885725][ T3894] uclogic: probe of 0003:256C:006D.000B failed with error -71
[  282.925879][ T3894] usb 2-1: USB disconnect, device number 9
[  283.047180][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  283.054666][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  283.115550][ T8639] 8021q: adding VLAN 0 to HW filter on device batadv0
[  283.212764][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  283.225850][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  283.276753][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  283.285744][ T4237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  283.296072][ T8639] device veth0_vlan entered promiscuous mode
[  283.350724][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  283.375900][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  283.377838][ T8639] device veth1_vlan entered promiscuous mode
[  283.466080][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  283.466711][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  283.467259][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  283.467805][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  283.471913][ T8639] device veth0_macvtap entered promiscuous mode
[  283.490682][ T8639] device veth1_macvtap entered promiscuous mode
[  283.544342][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.544365][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.544376][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.544390][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.544400][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.544412][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.544423][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.544435][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.544445][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.544457][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.544468][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.544480][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.544491][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.544504][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.545939][ T8639] batman_adv: batadv0: Interface activated: batadv_slave_0
[  283.546056][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  283.546678][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  283.547245][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  283.548572][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  283.551695][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.551714][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.551724][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.551737][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.551747][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.551760][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.551770][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.551783][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.551792][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.551804][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.551815][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.551828][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.551838][ T8639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.551850][ T8639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.566164][ T8639] batman_adv: batadv0: Interface activated: batadv_slave_1
[  283.566280][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  283.566897][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  283.583204][ T8639] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.583237][ T8639] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.583264][ T8639] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.583290][ T8639] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.807268][ T8218] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.807340][ T8218] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.813478][ T3578] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  283.887160][ T8241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.887240][ T8241] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.892836][ T4033] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  284.657447][ T8859] input: syz0 as /devices/virtual/input/input17
[  285.068497][ T8862] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  285.312742][ T8861] loop1: detected capacity change from 0 to 512
[  285.320151][ T8861] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  285.400444][ T1274] device hsr_slave_0 left promiscuous mode
[  285.411890][ T1274] device hsr_slave_1 left promiscuous mode
[  285.418550][ T1274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.423920][ T8861] EXT4-fs (loop1): 1 truncate cleaned up
[  285.426453][ T1274] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.431954][ T8861] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  285.451085][ T1274] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.460033][ T1274] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.469154][ T1274] device bridge_slave_1 left promiscuous mode
[  285.476529][ T1274] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.527414][ T1274] device bridge_slave_0 left promiscuous mode
[  285.538189][ T1274] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.580425][ T1274] device veth1_macvtap left promiscuous mode
[  285.595504][ T1274] device veth0_macvtap left promiscuous mode
[  285.601662][ T1274] device veth1_vlan left promiscuous mode
[  285.615275][ T1274] device veth0_vlan left promiscuous mode
[  285.691032][   T26] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  285.708789][ T5901] EXT4-fs (loop1): unmounting filesystem.
[  285.845166][ T3890] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  285.945280][   T26] usb 3-1: Using ep0 maxpacket: 32
[  286.066008][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.085263][   T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.105394][   T26] usb 3-1: New USB device found, idVendor=28bd, idProduct=0934, bcdDevice= 0.00
[  286.124622][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.166775][   T26] usb 3-1: config 0 descriptor??
[  286.205346][ T3890] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.235127][ T3890] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.255253][ T3890] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  286.264333][ T3890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.303499][ T1274] team0 (unregistering): Port device team_slave_1 removed
[  286.312362][ T3890] usb 4-1: config 0 descriptor??
[  286.346342][ T1274] team0 (unregistering): Port device team_slave_0 removed
[  286.384167][ T1274] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  286.429607][ T1274] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  286.591770][ T1274] bond0 (unregistering): Released all slaves
[  286.660254][   T26] input: HID 28bd:0934 Mouse as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:28BD:0934.000C/input/input18
[  286.713398][ T8901] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  286.752714][   T26] uclogic 0003:28BD:0934.000C: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0934] on usb-dummy_hcd.2-1/input0
[  286.805757][ T3890] hid (null): bogus close delimiter
[  286.853462][ T8907] loop1: detected capacity change from 0 to 1024
[  286.856313][ T8908] loop0: detected capacity change from 0 to 8
[  286.880499][ T8908] squashfs: Unknown parameter 'C'
[  286.880527][ T8907] EXT4-fs: Ignoring removed orlov option
[  286.905695][   T26] usb 3-1: USB disconnect, device number 9
[  286.914555][ T8907] EXT4-fs: Ignoring removed nomblk_io_submit option
[  286.954589][ T8907] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  287.025913][ T3890] usb 4-1: language id specifier not provided by device, defaulting to English
[  287.094171][ T8918] EXT4-fs error (device loop1): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.1: corrupt xattr in inline inode
[  287.134689][ T8918] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.1: corrupted in-inode xattr
[  287.169572][ T8919] loop0: detected capacity change from 0 to 8192
[  287.196911][ T8919] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  287.214487][ T8919] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  287.223959][ T8919] REISERFS (device loop0): using ordered data mode
[  287.230636][ T8919] reiserfs: using flush barriers
[  287.237200][ T8919] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  287.254080][ T8919] REISERFS (device loop0): checking transaction log (loop0)
[  287.284596][ T8919] REISERFS (device loop0): Using r5 hash to sort names
[  287.292410][ T8919] REISERFS (device loop0): using 3.5.x disk format
[  287.299307][ T8919] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  287.391066][ T5901] EXT4-fs (loop1): unmounting filesystem.
[  287.404913][ T8927] loop4: detected capacity change from 0 to 1024
[  287.471078][ T8927] EXT4-fs warning (device loop4): ext4_enable_quotas:7012: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  287.569904][ T8927] EXT4-fs (loop4): mount failed
[  287.827984][ T8938] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  287.982676][ T4033] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  288.236755][ T4033] usb 5-1: Using ep0 maxpacket: 16
[  288.385541][ T4033] usb 5-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  288.386748][ T8944] loop2: detected capacity change from 0 to 8
[  288.407589][ T4033] usb 5-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  288.409711][ T8876] loop3: detected capacity change from 0 to 40427
[  288.436473][ T8944] squashfs: Unknown parameter 'C'
[  288.451438][ T4033] usb 5-1: config 0 interface 0 has no altsetting 0
[  288.490965][ T8876] F2FS-fs (loop3): Mismatch valid blocks 5 vs. 7
[  288.523096][ T8876] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-117)
[  288.625316][ T3890] uclogic 0003:256C:006D.000D: failed retrieving Huion firmware version: -71
[  288.634190][ T3890] uclogic 0003:256C:006D.000D: failed probing parameters: -71
[  288.653218][ T4033] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  288.661223][ T3890] uclogic: probe of 0003:256C:006D.000D failed with error -71
[  288.670258][ T4033] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.704546][ T4033] usb 5-1: Product: syz
[  288.705344][ T3890] usb 4-1: USB disconnect, device number 11
[  288.719374][ T4033] usb 5-1: Manufacturer: syz
[  288.723987][ T4033] usb 5-1: SerialNumber: syz
[  288.752030][ T4033] usb 5-1: config 0 descriptor??
[  288.814439][ T4033] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input19
[  288.979150][ T8962] loop1: detected capacity change from 0 to 1024
[  288.990445][ T8962] EXT4-fs: Ignoring removed orlov option
[  288.996450][ T8962] EXT4-fs: Ignoring removed nomblk_io_submit option
[  289.051913][ T8962] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  289.123465][ T8962] EXT4-fs error (device loop1): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.1: corrupt xattr in inline inode
[  289.180481][ T8965] loop0: detected capacity change from 0 to 8192
[  289.324636][ T8965] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  289.325126][ T3894] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  289.348097][ T8962] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.1: corrupted in-inode xattr
[  289.358449][ T8965] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  289.484496][ T8965] REISERFS (device loop0): using ordered data mode
[  289.494509][ T8965] reiserfs: using flush barriers
[  289.531714][ T8965] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  289.551351][ T4237] usb 5-1: USB disconnect, device number 11
[  289.615484][ T8965] REISERFS (device loop0): checking transaction log (loop0)
[  289.641465][ T8965] REISERFS (device loop0): Using r5 hash to sort names
[  289.679368][ T8965] REISERFS (device loop0): using 3.5.x disk format
[  289.715569][ T8965] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  290.139464][ T8981] loop0: detected capacity change from 0 to 8
[  290.164259][ T8981] squashfs: Unknown parameter 'C'
[  290.765110][ T4237] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  291.100513][ T5901] EXT4-fs (loop1): unmounting filesystem.
[  291.125207][ T4237] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  291.136703][ T4237] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.146509][ T4237] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  291.155881][ T4237] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.165564][ T4237] usb 5-1: config 0 descriptor??
[  291.325401][ T3894] usb 3-1: Using ep0 maxpacket: 32
[  291.335610][ T8994] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  291.445337][ T3894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  291.466848][ T3894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.497197][ T3894] usb 3-1: New USB device found, idVendor=28bd, idProduct=0934, bcdDevice= 0.00
[  291.527495][ T3894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.542706][ T9004] loop1: detected capacity change from 0 to 1024
[  291.562587][ T3894] usb 3-1: config 0 descriptor??
[  291.575976][ T9004] EXT4-fs warning (device loop1): ext4_enable_quotas:7012: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  291.594024][ T9004] EXT4-fs (loop1): mount failed
[  291.643419][ T4237] hid (null): bogus close delimiter
[  291.935229][ T4663] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  291.954585][ T4237] usb 5-1: language id specifier not provided by device, defaulting to English
[  292.104025][ T9018] binder: 9015:9018 ioctl 4018620d 0 returned -22
[  292.143986][ T9018] binder: 9015:9018 ioctl c0306201 0 returned -14
[  292.784233][ T3894] input: HID 28bd:0934 Mouse as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:28BD:0934.000F/input/input20
[  292.869352][ T3894] uclogic 0003:28BD:0934.000F: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0934] on usb-dummy_hcd.2-1/input0
[  292.895275][ T4663] usb 2-1: Using ep0 maxpacket: 16
[  293.005818][ T3894] usb 3-1: USB disconnect, device number 10
[  293.007577][ T9021] loop0: detected capacity change from 0 to 8192
[  293.015511][ T4663] usb 2-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  293.042110][ T4663] usb 2-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  293.042919][ T9021] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  293.069577][ T9021] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  293.078857][ T9021] REISERFS (device loop0): using ordered data mode
[  293.085478][ T9021] reiserfs: using flush barriers
[  293.091674][ T9021] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  293.108226][ T9021] REISERFS (device loop0): checking transaction log (loop0)
[  293.111859][ T4663] usb 2-1: config 0 interface 0 has no altsetting 0
[  293.123298][ T9021] REISERFS (device loop0): Using r5 hash to sort names
[  293.131793][ T9021] REISERFS (device loop0): using 3.5.x disk format
[  293.138771][ T9021] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  293.268749][ T9028] loop3: detected capacity change from 0 to 1024
[  293.287175][ T9028] EXT4-fs (loop3): bad geometry: first data block 100663296 is beyond end of filesystem (512)
[  293.325301][ T4663] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  293.352637][ T4663] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.383113][ T4663] usb 2-1: Product: syz
[  293.394659][ T4663] usb 2-1: Manufacturer: syz
[  293.394673][ T9032] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  293.418943][ T4663] usb 2-1: SerialNumber: syz
[  293.454792][ T4663] usb 2-1: config 0 descriptor??
[  293.507562][ T4663] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input21
[  293.839046][ T4237] uclogic 0003:256C:006D.000E: failed retrieving Huion firmware version: -71
[  293.854157][ T4237] uclogic 0003:256C:006D.000E: failed probing parameters: -71
[  293.865768][ T4237] uclogic: probe of 0003:256C:006D.000E failed with error -71
[  293.883924][ T4237] usb 5-1: USB disconnect, device number 12
[  294.685167][ T9051] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.3'.
[  295.150168][ T3894] usb 2-1: USB disconnect, device number 10
[  295.275456][ T9052] binder: 9042:9052 ioctl 4018620d 0 returned -22
[  295.286847][ T9052] binder: 9042:9052 ioctl c0306201 0 returned -14
[  295.832054][ T9065] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  295.992541][ T9064] loop1: detected capacity change from 0 to 8192
[  296.016595][ T9075] loop2: detected capacity change from 0 to 1024
[  296.024869][ T9064] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  296.038172][ T9064] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  296.048692][ T9075] EXT4-fs: Ignoring removed orlov option
[  296.054380][ T9075] EXT4-fs: Ignoring removed nomblk_io_submit option
[  296.061764][ T9064] REISERFS (device loop1): using ordered data mode
[  296.068849][ T9064] reiserfs: using flush barriers
[  296.079289][ T9064] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  296.096390][ T9064] REISERFS (device loop1): checking transaction log (loop1)
[  296.114084][ T9064] REISERFS (device loop1): Using r5 hash to sort names
[  296.121476][ T9064] REISERFS (device loop1): using 3.5.x disk format
[  296.130014][ T9064] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  296.139959][ T9078] loop0: detected capacity change from 0 to 1024
[  296.140502][ T9075] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  296.173592][ T9078] EXT4-fs warning (device loop0): ext4_enable_quotas:7012: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  296.205140][ T4722] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  296.214274][ T9078] EXT4-fs (loop0): mount failed
[  296.256451][ T9075] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.2: corrupt xattr in inline inode
[  296.272142][ T9075] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.2: corrupted in-inode xattr
[  296.371693][ T8639] ==================================================================
[  296.380045][ T8639] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0
[  296.388048][ T8639] Read of size 4 at addr ffff8880531cd000 by task syz-executor.2/8639
[  296.396194][ T8639] 
[  296.398512][ T8639] CPU: 1 PID: 8639 Comm: syz-executor.2 Not tainted 6.1.94-syzkaller #0
[  296.406835][ T8639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  296.416893][ T8639] Call Trace:
[  296.420169][ T8639]  <TASK>
[  296.423097][ T8639]  dump_stack_lvl+0x1e3/0x2cb
[  296.427794][ T8639]  ? nf_tcp_handle_invalid+0x642/0x642
[  296.433260][ T8639]  ? panic+0x764/0x764
[  296.437331][ T8639]  ? _printk+0xd1/0x111
[  296.441487][ T8639]  ? __virt_addr_valid+0x17f/0x520
[  296.446603][ T8639]  ? __virt_addr_valid+0x17f/0x520
[  296.451731][ T8639]  print_report+0x15f/0x4f0
[  296.456233][ T8639]  ? __virt_addr_valid+0x17f/0x520
[  296.461347][ T8639]  ? __virt_addr_valid+0x17f/0x520
[  296.466461][ T8639]  ? __virt_addr_valid+0x44a/0x520
[  296.471577][ T8639]  ? __phys_addr+0xb6/0x170
[  296.476082][ T8639]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  296.481720][ T8639]  kasan_report+0x136/0x160
[  296.486225][ T8639]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  296.491866][ T8639]  ext4_xattr_delete_inode+0xcd0/0xce0
[  296.497335][ T8639]  ? ext4_blocks_for_truncate+0x270/0x270
[  296.503054][ T8639]  ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[  296.509111][ T8639]  ? rcu_read_lock_any_held+0xb3/0x160
[  296.514558][ T8639]  ? ext4_inode_is_fast_symlink+0x262/0x390
[  296.520448][ T8639]  ext4_evict_inode+0xc77/0x1150
[  296.525375][ T8639]  ? _raw_spin_unlock+0x24/0x40
[  296.530234][ T8639]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  296.536129][ T8639]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  296.542004][ T8639]  evict+0x2a4/0x620
[  296.545884][ T8639]  vfs_rmdir+0x381/0x4b0
[  296.550106][ T8639]  do_rmdir+0x3a2/0x590
[  296.554240][ T8639]  ? d_delete_notify+0x150/0x150
[  296.559157][ T8639]  ? syscall_enter_from_user_mode+0x2e/0x230
[  296.565116][ T8639]  __x64_sys_unlinkat+0xdc/0xf0
[  296.569945][ T8639]  do_syscall_64+0x3b/0xb0
[  296.574342][ T8639]  ? clear_bhb_loop+0x45/0xa0
[  296.579002][ T8639]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  296.584881][ T8639] RIP: 0033:0x7f904007c687
[  296.589279][ T8639] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  296.608863][ T8639] RSP: 002b:00007ffe8dc1f238 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  296.617434][ T8639] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f904007c687
[  296.625393][ T8639] RDX: 0000000000000200 RSI: 00007ffe8dc203e0 RDI: 00000000ffffff9c
[  296.633369][ T8639] RBP: 00007f90400d9636 R08: 0000000000000000 R09: 0000000000000000
[  296.641318][ T8639] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffe8dc203e0
[  296.649266][ T8639] R13: 00007f90400d9636 R14: 0000000000048414 R15: 0000000000000008
[  296.657220][ T8639]  </TASK>
[  296.660215][ T8639] 
[  296.662608][ T8639] The buggy address belongs to the physical page:
[  296.669091][ T8639] page:ffffea00014c7340 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x531cd
[  296.675522][ T4033] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  296.679211][ T8639] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  296.693848][ T8639] raw: 00fff00000000000 ffffea0001ffc088 ffffea0001783508 0000000000000000
[  296.702422][ T8639] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  296.710977][ T8639] page dumped because: kasan: bad access detected
[  296.717371][ T8639] page_owner tracks the page as freed
[  296.722711][ T8639] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 9062, tgid 9062 (syz-executor.1), ts 296155753017, free_ts 296362432663
[  296.741700][ T8639]  post_alloc_hook+0x18d/0x1b0
[  296.746442][ T8639]  get_page_from_freelist+0x31a1/0x3320
[  296.751962][ T8639]  __alloc_pages+0x28d/0x770
[  296.756527][ T8639]  __folio_alloc+0xf/0x30
[  296.760831][ T8639]  vma_alloc_folio+0x486/0x990
[  296.765591][ T8639]  wp_page_copy+0x25d/0x18c0
[  296.770159][ T8639]  handle_mm_fault+0x2525/0x5340
[  296.775076][ T8639]  exc_page_fault+0x26f/0x620
[  296.779743][ T8639]  asm_exc_page_fault+0x22/0x30
[  296.784574][ T8639] page last free stack trace:
[  296.789248][ T8639]  free_unref_page_prepare+0xf63/0x1120
[  296.794769][ T8639]  free_unref_page_list+0x663/0x900
[  296.799941][ T8639]  release_pages+0x2836/0x2b40
[  296.804676][ T8639]  tlb_flush_mmu+0xfc/0x210
[  296.809152][ T8639]  tlb_finish_mmu+0xce/0x1f0
[  296.813714][ T8639]  exit_mmap+0x3c3/0x9f0
[  296.817935][ T8639]  __mmput+0x115/0x3c0
[  296.821981][ T8639]  exit_mm+0x226/0x300
[  296.826030][ T8639]  do_exit+0x9f6/0x26a0
[  296.830167][ T8639]  do_group_exit+0x202/0x2b0
[  296.834754][ T8639]  get_signal+0x16f7/0x17d0
[  296.839236][ T8639]  arch_do_signal_or_restart+0xb0/0x1a10
[  296.844854][ T8639]  exit_to_user_mode_loop+0x6a/0x100
[  296.850124][ T8639]  exit_to_user_mode_prepare+0xb1/0x140
[  296.855653][ T8639]  syscall_exit_to_user_mode+0x60/0x270
[  296.861179][ T8639]  do_syscall_64+0x47/0xb0
[  296.865577][ T8639] 
[  296.867878][ T8639] Memory state around the buggy address:
[  296.873491][ T8639]  ffff8880531ccf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  296.881535][ T8639]  ffff8880531ccf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  296.889577][ T8639] >ffff8880531cd000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  296.897609][ T8639]                    ^
[  296.901663][ T8639]  ffff8880531cd080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  296.909711][ T8639]  ffff8880531cd100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
2024/06/16 20:33:55 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  296.917768][ T8639] ==================================================================
[  297.015090][ T4033] usb 1-1: Using ep0 maxpacket: 16
[  297.022943][ T4722] usb 4-1: Using ep0 maxpacket: 32
[  297.154962][ T8639] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  297.162190][ T8639] CPU: 1 PID: 8639 Comm: syz-executor.2 Not tainted 6.1.94-syzkaller #0
[  297.170515][ T8639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  297.180568][ T8639] Call Trace:
[  297.183856][ T8639]  <TASK>
[  297.186785][ T8639]  dump_stack_lvl+0x1e3/0x2cb
[  297.191468][ T8639]  ? nf_tcp_handle_invalid+0x642/0x642
[  297.196936][ T8639]  ? panic+0x764/0x764
[  297.201002][ T8639]  ? preempt_schedule_common+0xa6/0xd0
[  297.206473][ T8639]  ? vscnprintf+0x59/0x80
[  297.210811][ T8639]  panic+0x318/0x764
[  297.214711][ T8639]  ? check_panic_on_warn+0x1d/0xa0
[  297.219825][ T8639]  ? memcpy_page_flushcache+0xfc/0xfc
[  297.225201][ T8639]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  297.231182][ T8639]  ? _raw_spin_unlock+0x40/0x40
[  297.236037][ T8639]  ? print_report+0x4a3/0x4f0
[  297.240710][ T8639]  check_panic_on_warn+0x7e/0xa0
[  297.245645][ T8639]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  297.251277][ T8639]  end_report+0x66/0x110
[  297.255517][ T8639]  kasan_report+0x143/0x160
[  297.260011][ T8639]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  297.265632][ T8639]  ext4_xattr_delete_inode+0xcd0/0xce0
[  297.271079][ T8639]  ? ext4_blocks_for_truncate+0x270/0x270
[  297.276784][ T8639]  ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[  297.282839][ T8639]  ? rcu_read_lock_any_held+0xb3/0x160
[  297.288292][ T8639]  ? ext4_inode_is_fast_symlink+0x262/0x390
[  297.294166][ T8639]  ext4_evict_inode+0xc77/0x1150
[  297.299085][ T8639]  ? _raw_spin_unlock+0x24/0x40
[  297.303923][ T8639]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  297.309799][ T8639]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  297.315677][ T8639]  evict+0x2a4/0x620
[  297.319561][ T8639]  vfs_rmdir+0x381/0x4b0
[  297.323791][ T8639]  do_rmdir+0x3a2/0x590
[  297.327932][ T8639]  ? d_delete_notify+0x150/0x150
[  297.332860][ T8639]  ? syscall_enter_from_user_mode+0x2e/0x230
[  297.338827][ T8639]  __x64_sys_unlinkat+0xdc/0xf0
[  297.343667][ T8639]  do_syscall_64+0x3b/0xb0
[  297.348072][ T8639]  ? clear_bhb_loop+0x45/0xa0
[  297.352736][ T8639]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  297.358616][ T8639] RIP: 0033:0x7f904007c687
[  297.363010][ T8639] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  297.382595][ T8639] RSP: 002b:00007ffe8dc1f238 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  297.390992][ T8639] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f904007c687
[  297.398946][ T8639] RDX: 0000000000000200 RSI: 00007ffe8dc203e0 RDI: 00000000ffffff9c
[  297.406896][ T8639] RBP: 00007f90400d9636 R08: 0000000000000000 R09: 0000000000000000
[  297.414850][ T8639] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffe8dc203e0
[  297.422802][ T8639] R13: 00007f90400d9636 R14: 0000000000048414 R15: 0000000000000008
[  297.430759][ T8639]  </TASK>
[  297.433876][ T8639] Kernel Offset: disabled
[  297.438180][ T8639] Rebooting in 86400 seconds..