last executing test programs:

4m45.225212252s ago: executing program 32 (id=40):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, 0x0, 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000040), 0x12)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_subtree(r2, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000400)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r3, &(0x7f0000000040)={[{0x2b, 'cpu'}, {0x2b, 'pids'}]}, 0xb)

2m43.99230805s ago: executing program 1 (id=191):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = dup2(r5, r4)
close_range(r6, 0xffffffffffffffff, 0x0)

2m43.363887032s ago: executing program 1 (id=192):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020}, 0x8b)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = timerfd_create(0x0, 0x0)
read(r1, &(0x7f0000000380)=""/189, 0x8)
timerfd_settime(r1, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="b4050000fdff7f006110000000000000c60000000000000095000000000000009f33ef60916e6e911689a9396e7f889b817fd98cd824598949714ffaac8a6f770600dccae0f21f3ca90022d182054d54d53cd2b6db714e4beb5447000001eecd163199e28f7a674d5926000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2fe88afc50027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000fe0000b347abe6352a080f8140e5fd10747b6ecdb34533e1f10f35540546bf636ef897ed9bbe5026450200000000eb9e140000c8f7a187eaf60f3a17f0f046a307a403c17e9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb133e8833fed288a8eb3f591402503c2bbea4e16328dda19ecbc2b2f1065639d52090edcd03fcfe9b8603ef9a4f0855b0df0d9a39f0585d1c6c1c47a01d8eb71132744a2cf9f4db08ff74bcaa80d9f541b364ec4ebcdd11f553dc8a32458907ab99d738b2583203177a778b83f08f0f8c723e86ba548bd408e38db59f3a6e2d26416bb70a05969bd902e98690226ac9ad2dbe5692b58fd1d3f4b9358f988b8de97ed67dc242fba01d1d35ccb45df4a56aa410b3d52a86f653826c2871fe80031f8b63edbbc4553e0bb4de0dc090f5a529c8417ed8df02aa5366ca50a4a7c0fede698e353167bdd9e30a07dc0bdae73d156969722617f419d552f059aa4bf0ad4eefa3e5c7730499dafcf8da73093989565bc5d34f14d577be013c37dc81f67a5e3e53a402b325406011f3cca0b72dc7c2e38"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

2m42.386414716s ago: executing program 1 (id=196):
r0 = syz_open_procfs(0x0, 0x0)
fchdir(r0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000500)=""/168, 0xa8)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

2m40.816362702s ago: executing program 1 (id=199):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f0000000300), 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x50007a2)
syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file2\x00', 0x3800090, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

2m39.827985288s ago: executing program 1 (id=201):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
open$dir(&(0x7f0000000140)='./file0\x00', 0x0, 0x100)
r2 = open(&(0x7f0000000200)='./bus\x00', 0x1612c2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80)
close_range(r0, 0xffffffffffffffff, 0x0)

2m36.332430256s ago: executing program 1 (id=208):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='ns\x00')
fchdir(r0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r1 = open(0x0, 0x0, 0x0)
getdents(r1, &(0x7f0000000500)=""/168, 0xa8)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

2m33.288681009s ago: executing program 33 (id=208):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='ns\x00')
fchdir(r0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r1 = open(0x0, 0x0, 0x0)
getdents(r1, &(0x7f0000000500)=""/168, 0xa8)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

2m30.604841276s ago: executing program 0 (id=216):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020}, 0x8b)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = timerfd_create(0x0, 0x0)
read(r1, &(0x7f0000000380)=""/189, 0x8)
timerfd_settime(r1, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="b4050000fdff7f006110000000000000c60000000000000095000000000000009f33ef60916e6e911689a9396e7f889b817fd98cd824598949714ffaac8a6f770600dccae0f21f3ca90022d182054d54d53cd2b6db714e4beb5447000001eecd163199e28f7a674d5926000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2fe88afc50027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000fe0000b347abe6352a080f8140e5fd10747b6ecdb34533e1f10f35540546bf636ef897ed9bbe5026450200000000eb9e140000c8f7a187eaf60f3a17f0f046a307a403c17e9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb133e8833fed288a8eb3f591402503c2bbea4e16328dda19ecbc2b2f1065639d52090edcd03fcfe9b8603ef9a4f0855b0df0d9a39f0585d1c6c1c47a01d8eb71132744a2cf9f4db08ff74bcaa80d9f541b364ec4ebcdd11f553dc8a32458907ab99d738b2583203177a778b83f08f0f8c723e86ba548bd408e38db59f3a6e2d26416bb70a05969bd902e98690226ac9ad2dbe5692b58fd1d3f4b9358f988b8de97ed67dc242fba01d1d35ccb45df4a56aa410b3d52a86f653826c2871fe80031f8b63edbbc4553e0bb4de0dc090f5a529c8417ed8df02aa5366ca50a4a7c0fede698e353167bdd9e30a07dc0bdae73d156969722617f419d552f059aa4bf0ad4eefa3e5c7730499dafcf8da73093989565bc5d34f14d577be013c37dc81f67a5e3e53a402b325406011f3cca0b72dc7c2e38"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

2m30.155890378s ago: executing program 0 (id=218):
socket$nl_generic(0x10, 0x3, 0x10)
clock_gettime(0x0, &(0x7f0000000300))
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffff"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='0:,:\x00', 0x0)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, 0x0, 0x110)

2m23.576476439s ago: executing program 0 (id=225):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000001c0)=ANY=[])
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000000)="0f080fae04a200400f01c426660f3a15e6160fc76bdbf08666350f2170260fed9c000066b9230b00000f32", 0x2b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)

2m22.9431317s ago: executing program 0 (id=226):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020}, 0x8b)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = timerfd_create(0x0, 0x0)
read(r1, &(0x7f0000000380)=""/189, 0x8)
timerfd_settime(r1, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="b4050000fdff7f006110000000000000c60000000000000095000000000000009f33ef60916e6e911689a9396e7f889b817fd98cd824598949714ffaac8a6f770600dccae0f21f3ca90022d182054d54d53cd2b6db714e4beb5447000001eecd163199e28f7a674d5926000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2fe88afc50027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000fe0000b347abe6352a080f8140e5fd10747b6ecdb34533e1f10f35540546bf636ef897ed9bbe5026450200000000eb9e140000c8f7a187eaf60f3a17f0f046a307a403c17e9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb133e8833fed288a8eb3f591402503c2bbea4e16328dda19ecbc2b2f1065639d52090edcd03fcfe9b8603ef9a4f0855b0df0d9a39f0585d1c6c1c47a01d8eb71132744a2cf9f4db08ff74bcaa80d9f541b364ec4ebcdd11f553dc8a32458907ab99d738b2583203177a778b83f08f0f8c723e86ba548bd408e38db59f3a6e2d26416bb70a05969bd902e98690226ac9ad2dbe5692b58fd1d3f4b9358f988b8de97ed67dc242fba01d1d35ccb45df4a56aa410b3d52a86f653826c2871fe80031f8b63edbbc4553e0bb4de0dc090f5a529c8417ed8df02aa5366ca50a4a7c0fede698e353167bdd9e30a07dc0bdae73d156969722617f419d552f059aa4bf0ad4eefa3e5c7730499dafcf8da73093989565bc5d34f14d577be013c37dc81f67a5e3e53a402b325406011f3cca0b72dc7c2e38"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

2m22.203066456s ago: executing program 0 (id=227):
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x9, 0x6, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x360044, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
r4 = openat$cgroup_subtree(r1, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000100)={[{0x2d, 'pids'}]}, 0x6)

2m17.334855941s ago: executing program 0 (id=234):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b", @ANYRES32, @ANYBLOB], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x7, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x0, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000082c8c7aa", @ANYRES32, @ANYBLOB="000000000000c5d3bef79217143f31135cb3", @ANYRES8, @ANYRES8=r2, @ANYBLOB='\x00'/28], 0x48)
r5 = io_uring_setup(0x653, &(0x7f00000000c0)={0x0, 0xfffffffd, 0x0, 0x1})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0xf, &(0x7f0000000540)={0x1002, 0x0, 0x0, 0x0, 0x28}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYRES64=r0, @ANYRESDEC=r7, @ANYBLOB="aaf01a31af9e81742205a7a71720b60d5d2f8cfe92cc91c4b40f928cb3e0deb9c97638edaa19800130b7df30a93250c938acdaa2799627e4b356c05414c6a245dd342c96c74936fb9f38e436ee98984f4244e9fef3f38ab1ca6199e34e9377da58b21dbadd808769e67f34541235898d32625b3c99e2eb13258721ab008e4c08d501bfbb9d3a6eeb501366625e0e9e854225e07cc09c81f8ea57579348f05109aac104104b51bd616431383b9480b24cf6436ddd7de9a8c10054f8dc262a0f807ace71c0671a867fda5ad15ab0af2f2459b8d2f4712c19a65f76f931902ba1"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r8}, 0x10)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
capset(&(0x7f0000000280)={0x19980330, r1}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x9, 0x0, 0x3})
setreuid(0x0, 0xee00)

2m4.782684387s ago: executing program 3 (id=247):
clock_adjtime(0xffffffd3, &(0x7f0000000340)={0x6})

2m4.162958057s ago: executing program 3 (id=249):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x9, 0x7, 0x10000, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
epoll_create(0x400)
pipe(0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x800008ec0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
read$FUSE(r4, &(0x7f000000b800)={0x2020}, 0xe80)
write$binfmt_elf64(r5, 0x0, 0xfffffe14)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)

2m2.671543469s ago: executing program 3 (id=252):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
bind$can_raw(r0, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000340)=[{{0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}}], 0x8)

2m1.93477931s ago: executing program 34 (id=234):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b", @ANYRES32, @ANYBLOB], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x7, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x0, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000082c8c7aa", @ANYRES32, @ANYBLOB="000000000000c5d3bef79217143f31135cb3", @ANYRES8, @ANYRES8=r2, @ANYBLOB='\x00'/28], 0x48)
r5 = io_uring_setup(0x653, &(0x7f00000000c0)={0x0, 0xfffffffd, 0x0, 0x1})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0xf, &(0x7f0000000540)={0x1002, 0x0, 0x0, 0x0, 0x28}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYRES64=r0, @ANYRESDEC=r7, @ANYBLOB="aaf01a31af9e81742205a7a71720b60d5d2f8cfe92cc91c4b40f928cb3e0deb9c97638edaa19800130b7df30a93250c938acdaa2799627e4b356c05414c6a245dd342c96c74936fb9f38e436ee98984f4244e9fef3f38ab1ca6199e34e9377da58b21dbadd808769e67f34541235898d32625b3c99e2eb13258721ab008e4c08d501bfbb9d3a6eeb501366625e0e9e854225e07cc09c81f8ea57579348f05109aac104104b51bd616431383b9480b24cf6436ddd7de9a8c10054f8dc262a0f807ace71c0671a867fda5ad15ab0af2f2459b8d2f4712c19a65f76f931902ba1"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r8}, 0x10)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
capset(&(0x7f0000000280)={0x19980330, r1}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x9, 0x0, 0x3})
setreuid(0x0, 0xee00)

2m1.792457787s ago: executing program 3 (id=255):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020}, 0x8b)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = timerfd_create(0x0, 0x0)
read(r1, &(0x7f0000000380)=""/189, 0x8)
timerfd_settime(r1, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="b4050000fdff7f006110000000000000c60000000000000095000000000000009f33ef60916e6e911689a9396e7f889b817fd98cd824598949714ffaac8a6f770600dccae0f21f3ca90022d182054d54d53cd2b6db714e4beb5447000001eecd163199e28f7a674d5926000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2fe88afc50027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000fe0000b347abe6352a080f8140e5fd10747b6ecdb34533e1f10f35540546bf636ef897ed9bbe5026450200000000eb9e140000c8f7a187eaf60f3a17f0f046a307a403c17e9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb133e8833fed288a8eb3f591402503c2bbea4e16328dda19ecbc2b2f1065639d52090edcd03fcfe9b8603ef9a4f0855b0df0d9a39f0585d1c6c1c47a01d8eb71132744a2cf9f4db08ff74bcaa80d9f541b364ec4ebcdd11f553dc8a32458907ab99d738b2583203177a778b83f08f0f8c723e86ba548bd408e38db59f3a6e2d26416bb70a05969bd902e98690226ac9ad2dbe5692b58fd1d3f4b9358f988b8de97ed67dc242fba01d1d35ccb45df4a56aa410b3d52a86f653826c2871fe80031f8b63edbbc4553e0bb4de0dc090f5a529c8417ed8df02aa5366ca50a4a7c0fede698e353167bdd9e30a07dc0bdae73d156969722617f419d552f059aa4bf0ad4eefa3e5c7730499dafcf8da73093989565bc5d34f14d577be013c37dc81f67a5e3e53a402b325406011f3cca0b72dc7c2e38"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

2m0.819093929s ago: executing program 3 (id=257):
clock_adjtime(0xffffffd3, &(0x7f0000000340)={0x6})

2m0.307784036s ago: executing program 3 (id=258):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x20000400)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x44a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x180d, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x45c)
unshare(0x20000400)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x280}], 0x1, &(0x7f0000000100)={0x0, 0x3938700}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000000000007111f7ff00000000851000000200000084b74670e00000000000a505e7ffffff0dc76c42634c214c16ac162ba95d728b466460e7a24c72e7f903910f37f9ad5be384defad5d1b8783f795e28b99b26"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'syz_tun\x00'})

1m46.976031843s ago: executing program 2 (id=264):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020}, 0x8b)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = timerfd_create(0x0, 0x0)
read(r1, &(0x7f0000000380)=""/189, 0x8)
timerfd_settime(r1, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="b4050000fdff7f006110000000000000c60000000000000095000000000000009f33ef60916e6e911689a9396e7f889b817fd98cd824598949714ffaac8a6f770600dccae0f21f3ca90022d182054d54d53cd2b6db714e4beb5447000001eecd163199e28f7a674d5926000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2fe88afc50027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000fe0000b347abe6352a080f8140e5fd10747b6ecdb34533e1f10f35540546bf636ef897ed9bbe5026450200000000eb9e140000c8f7a187eaf60f3a17f0f046a307a403c17e9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb133e8833fed288a8eb3f591402503c2bbea4e16328dda19ecbc2b2f1065639d52090edcd03fcfe9b8603ef9a4f0855b0df0d9a39f0585d1c6c1c47a01d8eb71132744a2cf9f4db08ff74bcaa80d9f541b364ec4ebcdd11f553dc8a32458907ab99d738b2583203177a778b83f08f0f8c723e86ba548bd408e38db59f3a6e2d26416bb70a05969bd902e98690226ac9ad2dbe5692b58fd1d3f4b9358f988b8de97ed67dc242fba01d1d35ccb45df4a56aa410b3d52a86f653826c2871fe80031f8b63edbbc4553e0bb4de0dc090f5a529c8417ed8df02aa5366ca50a4a7c0fede698e353167bdd9e30a07dc0bdae73d156969722617f419d552f059aa4bf0ad4eefa3e5c7730499dafcf8da73093989565bc5d34f14d577be013c37dc81f67a5e3e53a402b325406011f3cca0b72dc7c2e38"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

1m45.721820448s ago: executing program 2 (id=265):
clock_adjtime(0xffffffd3, &(0x7f0000000340)={0x6})

1m44.748138912s ago: executing program 35 (id=258):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x20000400)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x44a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x180d, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x45c)
unshare(0x20000400)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x280}], 0x1, &(0x7f0000000100)={0x0, 0x3938700}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000000000007111f7ff00000000851000000200000084b74670e00000000000a505e7ffffff0dc76c42634c214c16ac162ba95d728b466460e7a24c72e7f903910f37f9ad5be384defad5d1b8783f795e28b99b26"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'syz_tun\x00'})

1m44.615002111s ago: executing program 2 (id=268):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x9, 0x7, 0x10000, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
epoll_create(0x400)
pipe(0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x800008ec0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
read$FUSE(r4, &(0x7f000000b800)={0x2020}, 0xe80)
write$binfmt_elf64(r5, 0x0, 0xfffffe14)

1m42.504344418s ago: executing program 2 (id=271):
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x9, 0x6, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x360044, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00')
preadv(r5, &(0x7f00000007c0)=[{0x0}], 0x1, 0x75, 0x0)
r6 = openat$cgroup_subtree(r1, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_subtree(r6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

1m39.169335052s ago: executing program 6 (id=209):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)

1m38.992094002s ago: executing program 2 (id=272):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'vlan0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000300)=ANY=[@ANYBLOB="44000000100003052bbd7000249d020000000000", @ANYRES32=0x0, @ANYBLOB="1544010041800400140012800b0001006d616373656300000400028008000500", @ANYRES32=r1], 0x44}}, 0x4050)

1m38.231459453s ago: executing program 6 (id=274):
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000000900008500000004000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x68, 0x30, 0x829, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0xffffffffffffff6c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x2}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)

1m38.021862134s ago: executing program 2 (id=275):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = syz_open_procfs$namespace(0x0, &(0x7f00000012c0)='ns/net\x00')
ioctl$NS_GET_USERNS(r3, 0xb701, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x19)
io_setup(0x7f, &(0x7f0000000100))
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x7ffffffc]}, 0x8)
close(r6)
connect$pppl2tp(r5, &(0x7f0000000940)=@pppol2tpv3in6={0x18, 0x1, {0x0, r6, 0x2, 0x0, 0x4, 0x0, {0xa, 0x4e20, 0xe61, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}}}, 0x3a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10)
clock_adjtime(0xffffffd3, &(0x7f0000000340)={0x6})

1m33.496543642s ago: executing program 6 (id=280):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x110, r0, 0x107000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4006, &(0x7f0000000b80)={[{@jqfmt_vfsv0}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@grpjquota}, {@quota}]}, 0x1, 0x438, &(0x7f0000001040)="$eJzs28tvG0UYAPBv7SR9k1CVRx9AoCAiHkmTltIDFxBIHEBCgkM5hiStQt0GNUGiVQQBoXJElbgjjkj8BZzggoATEle4o0oVyqWFk9Hau4nt2G6SOnGofz9pk5ndcWY+7449s5MNoGcNpz+SiP0R8UdEDFaz9QWGq79uLy9O/bO8OJVEufz230ml3K3lxam8aP66fXmmL6LweRJHm9Q7f+XqhclSaeZylh9buPjB2PyVq8/PXpw8P3N+5tLEmTOnTo6/eHrihY7EmcZ168jHc8cOv/7u9Tenzl5/75fvkjz+hjg6ZLjdwafK5Q5X110HatJJXxcbwoYUq900+iv9fzCKsXryBuO1z7raOGBLlcvl8oOtDy+VgXtYEt1uAdAd+Rd9Ov/Nt20aeuwIN1+uToDSuG9nW/VIXxSyMv0N89tOGo6Is0v/fp1usTX3IQAA6vyQjn+eazb+K0TtfaH7sjWUoYi4PyIORsTpiDgUEQ9EVMo+FBEPb7D+xkWSteOfwo1NBbZO6fjvpWxtq378l4/+YqiY5Q5U4u9Pzs2WZk5k78lI9O9K8+Nt6vjx1d+/bHWsdvyXbmn9+Vgwa8eNvl31r5meXJi8m5hr3fw04khfs/iTlZWAJCIOR8SRTdYx+8y3x1odu3P8bXRgnan8TcTT1fO/FA3x55L265Nju6M0c2IsvyrW+vW3a2+1qv+u4u+A9PzvbXr9r8Q/lNSu185vvI5rf37Rck6z2et/IHmnbt9HkwsLl8cjBpI3qo2u3T/RUG5itXwa/8jxLP6B+v5/MFbfiaMRkV7Ej0TEoxHxWNb2xyPiiYg43ib+n1958v3Nxb+7zV/tjDT+6Q2d/9XEQDTuaZ4oXvjp+7pKh9Ybf2Tn/1QlNZLtWc/n33ratbmrGQAAAP5/ChGxP5LC6Eq6UBgdrf4P/6HYWyjNzS88e27uw0vT1WcEhqK/kN/pGqy5HzqeTevz/ERD/mR23/ir4p5KfnRqrjTd7eChx+1r0f9TfxW73Tpgy3leC3qX/g+9S/+H3qX/Q+9q0v/3dKMdwPZr9v3/SRfaAWy/hv5v2Q96iPk/9C79H3qX/g89aX5P3PkheQmJNYko7Ihm3IOJ2BHN6PYnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8FwAA///05OWN")
r1 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x101042, 0x0)
pwrite64(r1, 0x0, 0x0, 0x4fed0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000000780)=""/115, 0x73)
write$FUSE_ATTR(r1, &(0x7f0000000180)={0x78, 0x0, 0x0, {0x1, 0x8, 0x0, {0x2, 0x0, 0x39, 0x6994, 0x2, 0x1, 0x80000000, 0x1, 0x2, 0x1000, 0x3, 0x0, 0x0, 0xfff, 0xfffffffb}}}, 0x78)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)

1m21.50738517s ago: executing program 36 (id=275):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = syz_open_procfs$namespace(0x0, &(0x7f00000012c0)='ns/net\x00')
ioctl$NS_GET_USERNS(r3, 0xb701, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x19)
io_setup(0x7f, &(0x7f0000000100))
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x7ffffffc]}, 0x8)
close(r6)
connect$pppl2tp(r5, &(0x7f0000000940)=@pppol2tpv3in6={0x18, 0x1, {0x0, r6, 0x2, 0x0, 0x4, 0x0, {0xa, 0x4e20, 0xe61, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}}}, 0x3a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10)
clock_adjtime(0xffffffd3, &(0x7f0000000340)={0x6})

1m17.523709661s ago: executing program 37 (id=280):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x110, r0, 0x107000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4006, &(0x7f0000000b80)={[{@jqfmt_vfsv0}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@grpjquota}, {@quota}]}, 0x1, 0x438, &(0x7f0000001040)="$eJzs28tvG0UYAPBv7SR9k1CVRx9AoCAiHkmTltIDFxBIHEBCgkM5hiStQt0GNUGiVQQBoXJElbgjjkj8BZzggoATEle4o0oVyqWFk9Hau4nt2G6SOnGofz9pk5ndcWY+7449s5MNoGcNpz+SiP0R8UdEDFaz9QWGq79uLy9O/bO8OJVEufz230ml3K3lxam8aP66fXmmL6LweRJHm9Q7f+XqhclSaeZylh9buPjB2PyVq8/PXpw8P3N+5tLEmTOnTo6/eHrihY7EmcZ168jHc8cOv/7u9Tenzl5/75fvkjz+hjg6ZLjdwafK5Q5X110HatJJXxcbwoYUq900+iv9fzCKsXryBuO1z7raOGBLlcvl8oOtDy+VgXtYEt1uAdAd+Rd9Ov/Nt20aeuwIN1+uToDSuG9nW/VIXxSyMv0N89tOGo6Is0v/fp1usTX3IQAA6vyQjn+eazb+K0TtfaH7sjWUoYi4PyIORsTpiDgUEQ9EVMo+FBEPb7D+xkWSteOfwo1NBbZO6fjvpWxtq378l4/+YqiY5Q5U4u9Pzs2WZk5k78lI9O9K8+Nt6vjx1d+/bHWsdvyXbmn9+Vgwa8eNvl31r5meXJi8m5hr3fw04khfs/iTlZWAJCIOR8SRTdYx+8y3x1odu3P8bXRgnan8TcTT1fO/FA3x55L265Nju6M0c2IsvyrW+vW3a2+1qv+u4u+A9PzvbXr9r8Q/lNSu185vvI5rf37Rck6z2et/IHmnbt9HkwsLl8cjBpI3qo2u3T/RUG5itXwa/8jxLP6B+v5/MFbfiaMRkV7Ej0TEoxHxWNb2xyPiiYg43ib+n1958v3Nxb+7zV/tjDT+6Q2d/9XEQDTuaZ4oXvjp+7pKh9Ybf2Tn/1QlNZLtWc/n33ratbmrGQAAAP5/ChGxP5LC6Eq6UBgdrf4P/6HYWyjNzS88e27uw0vT1WcEhqK/kN/pGqy5HzqeTevz/ERD/mR23/ir4p5KfnRqrjTd7eChx+1r0f9TfxW73Tpgy3leC3qX/g+9S/+H3qX/Q+9q0v/3dKMdwPZr9v3/SRfaAWy/hv5v2Q96iPk/9C79H3qX/g89aX5P3PkheQmJNYko7Ihm3IOJ2BHN6PYnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8FwAA///05OWN")
r1 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x101042, 0x0)
pwrite64(r1, 0x0, 0x0, 0x4fed0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000000780)=""/115, 0x73)
write$FUSE_ATTR(r1, &(0x7f0000000180)={0x78, 0x0, 0x0, {0x1, 0x8, 0x0, {0x2, 0x0, 0x39, 0x6994, 0x2, 0x1, 0x80000000, 0x1, 0x2, 0x1000, 0x3, 0x0, 0x0, 0xfff, 0xfffffffb}}}, 0x78)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)

10.901789313s ago: executing program 9 (id=480):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x5, 0x2})
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000380)={0x0, 0xffffff80, 0x2})

10.424740702s ago: executing program 4 (id=483):
r0 = gettid()
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setpriority(0x0, 0xffffffffffffffff, 0x100)
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000351000/0x2000)=nil)
r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
lseek(r2, 0x100000000, 0x1)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000e00)=[{{&(0x7f00000000c0)={0x2, 0x4e21, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_retopts={{0x18, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@local]}]}}}], 0x18}}], 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000018110000000000000000004de8fe09c83b3b3a8d0a1c7873ced232ec694a387d81f9bf6c", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x18)
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
preadv(r6, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x3, &(0x7f0000000140), 0x1, 0x25f, &(0x7f0000000b00)="$eJzs3U1oHGUYB/Bn9oOYZJGoF0FQQUQkEOJN8BIvCgEJ4kFQISLiRUkETfC268mLF88iOXkJpbemPZZeQi8thZ7SNof00tKGHhoK/YAp+xXSdttsupuZNvP7wWZmknfmeQfm/74T2GECKKyJiJiJiHJETEZENSKSvQ3ebX8mOpsro+vzEWn61a2k1a693dbdbzwiGhHxcUScKSXxcyViee3brTsbn3/w91L1/f/XvhnN9CQ7trc2v9j5b+6vE7MfLZ+/eGMuiZmoPXJew5f0+F0liXj9MIq9IJJK3j2gH1/+cfxSM/dvRMR7rfzfTdsiHuyu9ZLW/7l54a2s+wsMV5pWm3NgIwUKpxQRtc5Nams9SqWpqfY9/OXyWOmXxd9+n/xpcWnhx7xHKmBYahGbn50aOTneWk9KU538Xyu38w8cVfXOcvVK8+dOOd/eAMO0f6Cb8//k9/UPQ/6hcA6U/1ey6ROQjU7+W8l+LP/X8+oTkI0Dzf9P+xoA8FLy/z8U1zPzX82nT0A2zP9QXPIPxSX/UFzyD8W1N/8AQLGkI30+KNzo7gAcFTkPPwAAAAAAAAAAAAAAAAAAQA8ro+vz3U9WNc/+G7H9aURUetUvt95H3H352NjtpNlsV9LebSDfvTPgAQZ0LOenr1+9mm/9c2/nW7++ENH4MyKmK5Unr7+kc/09v9f2+Xv1hwELDOiTrw/ryLW+Wt1fPaz6/ZndiDjdHH+me40/pXiztew9/tSG8JqEX+8NeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAy8zAAAP//JS12Fg==")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

9.908888969s ago: executing program 9 (id=485):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1, 0x0, 0x0)
pread64(r4, &(0x7f0000000a00)=""/139, 0x8b, 0x0)

9.584823035s ago: executing program 8 (id=488):
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f00000020c0)=""/4100, 0x1004}], 0x1)

8.997397881s ago: executing program 5 (id=489):
r0 = syz_open_dev$evdev(&(0x7f0000000440), 0x2, 0x509101)
ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000480)=[0x1106, 0x758baa39])
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crct10dif-generic)\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x800)
syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r3)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f0000000080)={0x5, 0x2})
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000200))
syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), r3)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r1, 0x4020565b, &(0x7f0000000380)={0x0, 0xffffff80, 0x2})

7.905429678s ago: executing program 8 (id=491):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x10, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7.850353527s ago: executing program 4 (id=492):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x7a, &(0x7f0000000000)={@local, @multicast, @void, {@ipv6={0x86dd, @gre_packet={0x9, 0x6, "7893e6", 0x44, 0x2f, 0x1, @private1, @local, {[], {{0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x3, {{0x9, 0x1, 0x0, 0x3, 0x0, 0x3, 0x4, 0x54}, 0x1, {0xd}}}, {0x8, 0x22eb, 0x0, {{0x2, 0x2, 0x6, 0x0, 0x0, 0x1, 0x2, 0xfb}, 0x2, {0x6, 0x1, 0x3, 0x17, 0x0, 0x0, 0x3}}}, {0x8, 0x6558, 0x3}}}}}}}, 0x0)

6.363680367s ago: executing program 9 (id=494):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020}, 0x8b)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = timerfd_create(0x0, 0x0)
read(r1, &(0x7f0000000380)=""/189, 0x8)
timerfd_settime(r1, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008500"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="b4050000fdff7f006110000000000000c60000000000000095000000000000009f33ef60916e6e911689a9396e7f889b817fd98cd824598949714ffaac8a6f770600dccae0f21f3ca90022d182054d54d53cd2b6db714e4beb5447000001eecd163199e28f7a674d5926000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2fe88afc50027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000fe0000b347abe6352a080f8140e5fd10747b6ecdb34533e1f10f35540546bf636ef897ed9bbe5026450200000000eb9e140000c8f7a187eaf60f3a17f0f046a307a403c17e9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb133e8833fed288a8eb3f591402503c2bbea4e16328dda19ecbc2b2f1065639d52090edcd03fcfe9b8603ef9a4f0855b0df0d9a39f0585d1c6c1c47a01d8eb71132744a2cf9f4db08ff74bcaa80d9f541b364ec4ebcdd11f553dc8a32458907ab99d738b2583203177a778b83f08f0f8c723e86ba548bd408e38db59f3a6e2d26416bb70a05969bd902e98690226ac9ad2dbe5692b58fd1d3f4b9358f988b8de97ed67dc242fba01d1d35ccb45df4a56aa410b3d52a86f653826c2871fe80031f8b63edbbc4553e0bb4de0dc090f5a529c8417ed8df02aa5366ca50a4a7c0fede698e353167bdd9e30a07dc0bdae73d156969722617f419d552f059aa4bf0ad4eefa3e5c7730499dafcf8da73093989565bc5d34f14d577be013c37dc81f67a5e3e53a402b325406011f3cca0b72dc7c2e38"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

6.348899912s ago: executing program 5 (id=495):
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x40, 0x185901)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J]\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3%\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1o\xb8\x8f]\x14\x1d\x00\x00\x00\x00\x00', 0x1)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)

5.360633626s ago: executing program 5 (id=496):
openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0)
socket(0x11, 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1a04"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TUNSETOFFLOAD(r1, 0x4010744d, 0x20000000)

5.336191261s ago: executing program 8 (id=497):
r0 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffeffe, 0x0, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20)
io_uring_register$IORING_REGISTER_FILE_ALLOC_RANGE(r0, 0x19, &(0x7f0000000280)={0x5, 0x7, 0x8}, 0x0)

5.139287209s ago: executing program 4 (id=498):
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8, 0x80012, 0xffffffffffffffff, 0x80000000)

4.964812363s ago: executing program 7 (id=499):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0x10)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

4.615225157s ago: executing program 9 (id=500):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000440)='wlan0\x00', 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x400c8c6, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x4004084, 0x0, 0x0)

4.547440406s ago: executing program 4 (id=501):
r0 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x4000000, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SYMLINKAT={0x26, 0x40, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r3}})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

4.28470361s ago: executing program 7 (id=502):
r0 = gettid()
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setpriority(0x0, 0xffffffffffffffff, 0x100)
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000351000/0x2000)=nil)
r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
lseek(r2, 0x100000000, 0x1)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000e00)=[{{&(0x7f00000000c0)={0x2, 0x4e21, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_retopts={{0x18, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@local]}]}}}], 0x18}}], 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000018110000000000000000004de8fe09c83b3b3a8d0a1c7873ced232ec694a387d81f9bf6c", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x18)
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
preadv(r6, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x3, &(0x7f0000000140), 0x1, 0x25f, &(0x7f0000000b00)="$eJzs3U1oHGUYB/Bn9oOYZJGoF0FQQUQkEOJN8BIvCgEJ4kFQISLiRUkETfC268mLF88iOXkJpbemPZZeQi8thZ7SNof00tKGHhoK/YAp+xXSdttsupuZNvP7wWZmknfmeQfm/74T2GECKKyJiJiJiHJETEZENSKSvQ3ebX8mOpsro+vzEWn61a2k1a693dbdbzwiGhHxcUScKSXxcyViee3brTsbn3/w91L1/f/XvhnN9CQ7trc2v9j5b+6vE7MfLZ+/eGMuiZmoPXJew5f0+F0liXj9MIq9IJJK3j2gH1/+cfxSM/dvRMR7rfzfTdsiHuyu9ZLW/7l54a2s+wsMV5pWm3NgIwUKpxQRtc5Nams9SqWpqfY9/OXyWOmXxd9+n/xpcWnhx7xHKmBYahGbn50aOTneWk9KU538Xyu38w8cVfXOcvVK8+dOOd/eAMO0f6Cb8//k9/UPQ/6hcA6U/1ey6ROQjU7+W8l+LP/X8+oTkI0Dzf9P+xoA8FLy/z8U1zPzX82nT0A2zP9QXPIPxSX/UFzyD8W1N/8AQLGkI30+KNzo7gAcFTkPPwAAAAAAAAAAAAAAAAAAQA8ro+vz3U9WNc/+G7H9aURUetUvt95H3H352NjtpNlsV9LebSDfvTPgAQZ0LOenr1+9mm/9c2/nW7++ENH4MyKmK5Unr7+kc/09v9f2+Xv1hwELDOiTrw/ryLW+Wt1fPaz6/ZndiDjdHH+me40/pXiztew9/tSG8JqEX+8NeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAy8zAAAP//JS12Fg==")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

4.066891623s ago: executing program 5 (id=503):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
socket(0x10, 0x3, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x88e00, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x140b, 0x111, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8004)
r2 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r6 = dup(r5)
write$UHID_INPUT(r6, 0x0, 0x0)
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
ioctl$TCSETSF(r8, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x515f3154, 0x0, "78e114100985a79874342a70e113b40072d01f"})
write$UHID_INPUT(r8, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1010}}, 0x1b7)
read$FUSE(r8, &(0x7f0000002080)={0x2020}, 0x2)
recvmmsg(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

3.984264652s ago: executing program 9 (id=504):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0)

3.840844626s ago: executing program 4 (id=505):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}}, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x10, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.384183199s ago: executing program 8 (id=506):
r0 = socket$kcm(0x10, 0x2, 0x4)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000080)="5c00000013006bcc9e3be3066e17aa31086b876c1d0000007ea60864160af36510002b0008000200300017d34460bc24eab556a705251e6182fffffffff60a84c9f4d4938037e786a6d0001000000e4509c5bb5b64f6985300000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

2.816589365s ago: executing program 7 (id=507):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x40, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1608}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}], @NL80211_ATTR_MESH_ID={0x7}]}, 0x40}}, 0x0)

1.840166987s ago: executing program 8 (id=508):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x7a, &(0x7f0000000000)={@local, @multicast, @void, {@ipv6={0x86dd, @gre_packet={0x9, 0x6, "7893e6", 0x44, 0x2f, 0x1, @private1, @local, {[], {{0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x3, {{0x9, 0x1, 0x0, 0x3, 0x0, 0x3, 0x4, 0x54}, 0x1, {0xd}}}, {0x8, 0x22eb, 0x0, {{0x2, 0x2, 0x6, 0x0, 0x0, 0x1, 0x2, 0xfb}, 0x2, {0x6, 0x1, 0x3, 0x17, 0x0, 0x0, 0x3}}}, {0x8, 0x6558, 0x3}}}}}}}, 0x0)

1.53451506s ago: executing program 4 (id=518):
io_setup(0x81, &(0x7f0000001440)=<r0=>0x0)
r1 = syz_io_uring_setup(0x2af8, &(0x7f0000000380)={0x0, 0x0, 0x13090}, &(0x7f0000000100), &(0x7f0000000080))
io_pgetevents(r0, 0x2, 0x2, &(0x7f0000000000)=[{}, {}], &(0x7f0000000040)={0x77359400}, 0x0)
io_submit(r0, 0x1, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

996.330642ms ago: executing program 7 (id=509):
unshare(0x24020400)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc}, 0x10)

760.161036ms ago: executing program 7 (id=510):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000380)={0x2020}, 0x8b)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = timerfd_create(0x0, 0x0)
read(r1, &(0x7f0000000380)=""/189, 0x8)
timerfd_settime(r1, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008500"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="b4050000fdff7f006110000000000000c60000000000000095000000000000009f33ef60916e6e911689a9396e7f889b817fd98cd824598949714ffaac8a6f770600dccae0f21f3ca90022d182054d54d53cd2b6db714e4beb5447000001eecd163199e28f7a674d5926000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2fe88afc50027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000fe0000b347abe6352a080f8140e5fd10747b6ecdb34533e1f10f35540546bf636ef897ed9bbe5026450200000000eb9e140000c8f7a187eaf60f3a17f0f046a307a403c17e9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb133e8833fed288a8eb3f591402503c2bbea4e16328dda19ecbc2b2f1065639d52090edcd03fcfe9b8603ef9a4f0855b0df0d9a39f0585d1c6c1c47a01d8eb71132744a2cf9f4db08ff74bcaa80d9f541b364ec4ebcdd11f553dc8a32458907ab99d738b2583203177a778b83f08f0f8c723e86ba548bd408e38db59f3a6e2d26416bb70a05969bd902e98690226ac9ad2dbe5692b58fd1d3f4b9358f988b8de97ed67dc242fba01d1d35ccb45df4a56aa410b3d52a86f653826c2871fe80031f8b63edbbc4553e0bb4de0dc090f5a529c8417ed8df02aa5366ca50a4a7c0fede698e353167bdd9e30a07dc0bdae73d156969722617f419d552f059aa4bf0ad4eefa3e5c7730499dafcf8da73093989565bc5d34f14d577be013c37dc81f67a5e3e53a402b325406011f3cca0b72dc7c2e38"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

583.323276ms ago: executing program 9 (id=511):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x1d, 0x3, 0x1)
syz_emit_ethernet(0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff81001900080045ff001a0000a981c27015dc00"/44], 0x0)
getsockopt$nfc_llcp(r0, 0x65, 0x2, 0x0, 0x20000028)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0x1}, &(0x7f0000000000), &(0x7f00000002c0)}, 0x20)
r2 = socket(0x11, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xff}}, 0x14)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r2, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d2061fd7"], 0xdd12}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000070000000100010009"], 0x48)
r7 = syz_open_dev$evdev(&(0x7f00000000c0), 0x20000000000, 0x822b01)
poll(&(0x7f0000000000)=[{r7, 0x92e0}, {r6, 0x5021}], 0x2, 0x40000)
ioctl$EVIOCGRAB(r7, 0x40044590, &(0x7f0000000100))
write$char_usb(r7, &(0x7f0000000040)="e2", 0x1068)
mmap(&(0x7f0000569000/0x1000)=nil, 0x1000, 0x0, 0x28011, 0xffffffffffffffff, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
gettid()

284.516734ms ago: executing program 5 (id=512):
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8, 0x80012, 0xffffffffffffffff, 0x80000000)

120.598663ms ago: executing program 5 (id=513):
socket$inet_dccp(0x2, 0x6, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYRES8=r0], 0x2)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r1, 0x1, 0x4c, 0x0, 0x0)

40.159151ms ago: executing program 7 (id=514):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000440)='wlan0\x00', 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x400c8c6, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x4004084, 0x0, 0x0)

0s ago: executing program 8 (id=515):
r0 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000000), 0x2, 0x2)
r2 = epoll_create(0x1)
r3 = dup3(r1, r2, 0x0)
read$FUSE(r3, &(0x7f0000000040)={0x2020}, 0x2020)
read(r0, &(0x7f0000000080)=""/120, 0x78)

kernel console output (not intermixed with test programs):

thout journal. Quota mode: writeback.
[  293.444543][ T6059] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  293.518743][ T6056] loop4: detected capacity change from 0 to 1024
[  293.587947][ T6044] syz.2.25 (6044) used greatest stack depth: 3832 bytes left
[  293.633982][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.649273][ T6057] loop0: detected capacity change from 0 to 2048
[  293.691089][ T3997] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-8
[  293.701526][ T3997] EXT4-fs error (device loop2): ext4_release_dquot:6933: comm kworker/u8:20: Failed to release dquot type 0
[  293.740889][ T4689] hfsplus: b-tree write err: -5, ino 4
[  293.872627][ T6057] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.885700][ T6057] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  294.286845][ T6070] loop3: detected capacity change from 0 to 256
[  294.299020][ T6070] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  294.352699][ T6070] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  294.745276][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.097420][   T34] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.291059][   T34] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.564110][   T34] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.740525][   T34] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.055369][   T34] bridge_slave_1: left allmulticast mode
[  296.061330][   T34] bridge_slave_1: left promiscuous mode
[  296.076923][   T34] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.108041][   T34] bridge_slave_0: left allmulticast mode
[  296.114256][   T34] bridge_slave_0: left promiscuous mode
[  296.120992][   T34] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.830817][   T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.129878][ T5806] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  297.161658][ T5806] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  297.184913][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  297.210913][   T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.251132][   T34] bond0 (unregistering): Released all slaves
[  297.269059][ T5806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  297.305971][ T5806] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  297.319466][ T5806] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  298.091467][ T6098] loop3: detected capacity change from 0 to 2048
[  298.149421][ T6100] loop2: detected capacity change from 0 to 256
[  298.207540][ T6100] exfat: Invalid gid '0x00000000ffffffff'
[  298.263560][ T6098] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.743297][ T6112] loop2: detected capacity change from 0 to 128
[  298.778632][   T34] hsr_slave_0: left promiscuous mode
[  298.851078][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.863932][   T34] hsr_slave_1: left promiscuous mode
[  298.927542][ T6112] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  298.954241][   T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.962004][   T34] batman_adv: batadv0: Removing interface: batadv_slave_0
[  299.065209][   T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  299.073099][   T34] batman_adv: batadv0: Removing interface: batadv_slave_1
[  299.143008][ T6112] ext4 filesystem being mounted at /9/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  299.218047][   T34] veth1_macvtap: left promiscuous mode
[  299.224548][   T34] veth0_macvtap: left promiscuous mode
[  299.230608][   T34] veth1_vlan: left promiscuous mode
[  299.236483][   T34] veth0_vlan: left promiscuous mode
[  299.275193][ T6116] loop0: detected capacity change from 0 to 1024
[  299.428638][   T52] Bluetooth: hci2: command tx timeout
[  299.470813][ T6112] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #2: comm syz.2.50: No space for directory leaf checksum. Please run e2fsck -D.
[  299.486973][ T6112] EXT4-fs error (device loop2): __ext4_find_entry:1652: inode #2: comm syz.2.50: checksumming directory block 0
[  299.795769][ T4867] hfsplus: b-tree write err: -5, ino 4
[  299.831151][ T5792] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  299.907023][    C0] hrtimer: interrupt took 303008 ns
[  300.291615][   T34] team0 (unregistering): Port device team_slave_1 removed
[  300.399407][   T34] team0 (unregistering): Port device team_slave_0 removed
[  301.064340][ T6128] loop2: detected capacity change from 0 to 512
[  301.339792][ T5849] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  301.563307][   T52] Bluetooth: hci2: command tx timeout
[  301.673096][ T5849] usb 1-1: config 0 has an invalid interface number: 135 but max is 0
[  301.680722][ T6128] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  301.681489][ T5849] usb 1-1: config 0 has an invalid interface association descriptor of length 2, skipping
[  301.694499][ T6128] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  301.721133][ T5849] usb 1-1: config 0 has no interface number 0
[  301.728656][ T5849] usb 1-1: config 0 interface 135 altsetting 15 bulk endpoint 0x6 has invalid maxpacket 16
[  301.741012][ T5849] usb 1-1: config 0 interface 135 has no altsetting 0
[  302.083499][ T6135] loop3: detected capacity change from 0 to 1024
[  302.101650][ T6140] loop1: detected capacity change from 0 to 256
[  302.157227][ T6135] EXT4-fs: Ignoring removed i_version option
[  302.185806][ T6140] exfat: Unknown parameter 'ÿÿÿÿ01777777777777777777777'
[  302.262726][ T6135] EXT4-fs (loop3): stripe (255) is not aligned with cluster size (16), stripe is disabled
[  302.431361][ T5849] usb 1-1: New USB device found, idVendor=1546, idProduct=1104, bcdDevice=8d.01
[  302.441154][ T5849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.449769][ T5849] usb 1-1: Product: syz
[  302.454605][ T5849] usb 1-1: Manufacturer: syz
[  302.459482][ T5849] usb 1-1: SerialNumber: syz
[  302.608184][ T5849] usb 1-1: config 0 descriptor??
[  302.743091][ T6126] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  302.801203][ T6093] chnl_net:caif_netlink_parms(): no params data found
[  302.906365][ T6135] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.108497][ T5849] cdc_ether 1-1:0.135: invalid descriptor buffer length
[  303.116056][ T5849] usb 1-1: bad CDC descriptors
[  303.244462][ T6140] overlay: ./bus is not a directory
[  303.306154][ T5849] usb 1-1: USB disconnect, device number 2
[  303.593849][   T52] Bluetooth: hci2: command tx timeout
[  304.063385][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.136353][ T6162] loop1: detected capacity change from 0 to 512
[  305.147787][ T6162] EXT4-fs: Ignoring removed i_version option
[  305.154259][ T6162] EXT4-fs: Ignoring removed nobh option
[  305.270703][ T6162] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  305.287076][ T6162] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  305.414727][ T6162] EXT4-fs (loop1): 1 truncate cleaned up
[  305.428168][ T6162] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.652589][   T52] Bluetooth: hci2: command tx timeout
[  307.215771][ T6093] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.223684][ T6093] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.235754][ T6093] bridge_slave_0: entered allmulticast mode
[  307.245085][ T6093] bridge_slave_0: entered promiscuous mode
[  307.519673][ T5799] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.545336][ T6093] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.553982][ T6093] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.561813][ T6093] bridge_slave_1: entered allmulticast mode
[  307.571297][ T6093] bridge_slave_1: entered promiscuous mode
[  307.721723][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  307.836494][ T6170] loop0: detected capacity change from 0 to 2048
[  308.268992][ T6178] loop1: detected capacity change from 0 to 256
[  308.417520][ T6178] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  308.528967][ T6093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  308.598851][ T6093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  308.655630][ T6178] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  308.669556][ T6178] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  308.680106][ T6178] UDF-fs: Scanning with blocksize 512 failed
[  308.792912][ T6178] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  308.812431][ T6178] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  309.119417][ T6093] team0: Port device team_slave_0 added
[  309.160167][ T6010] udevd[6010]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[  309.199892][ T6093] team0: Port device team_slave_1 added
[  309.270015][ T6193] fuse: Bad value for 'fd'
[  309.391908][ T6009] udevd[6009]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[  309.553852][ T6093] batman_adv: batadv0: Adding interface: batadv_slave_0
[  309.561085][ T6093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  309.592906][ T6093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  309.748076][ T6093] batman_adv: batadv0: Adding interface: batadv_slave_1
[  309.755538][ T6093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  309.782797][ T6093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  310.739181][ T6199] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  311.298958][ T6198] netlink: 12 bytes leftover after parsing attributes in process `syz.3.73'.
[  311.446075][ T6210] loop2: detected capacity change from 0 to 512
[  311.626144][ T6210] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent
[  312.051348][ T6093] hsr_slave_0: entered promiscuous mode
[  312.259540][ T6093] hsr_slave_1: entered promiscuous mode
[  314.251133][ T6228] loop1: detected capacity change from 0 to 8192
[  316.596669][ T6093] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  316.744431][ T6093] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  317.454668][ T6093] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  317.608625][ T6093] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  320.623589][   T29] audit: type=1326 audit(1731996119.635:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.1.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  320.648843][   T29] audit: type=1326 audit(1731996119.635:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.1.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  320.672370][   T29] audit: type=1326 audit(1731996119.635:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.1.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  320.694975][   T29] audit: type=1326 audit(1731996119.645:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.1.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  320.717535][   T29] audit: type=1326 audit(1731996119.645:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.1.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  320.740040][   T29] audit: type=1326 audit(1731996119.645:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.1.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  320.765003][   T29] audit: type=1326 audit(1731996119.645:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.1.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  320.789471][   T29] audit: type=1326 audit(1731996119.645:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.1.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  320.812146][   T29] audit: type=1326 audit(1731996119.645:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.1.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9dd6b7d0f0 code=0x7ffc0000
[  320.834707][   T29] audit: type=1326 audit(1731996119.655:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6261 comm="syz.1.90" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  321.095462][ T6093] 8021q: adding VLAN 0 to HW filter on device bond0
[  321.296340][ T6093] 8021q: adding VLAN 0 to HW filter on device team0
[  321.465964][ T3683] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.473826][ T3683] bridge0: port 1(bridge_slave_0) entered forwarding state
[  321.667079][ T3683] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.674986][ T3683] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.228213][ T6093] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  323.346870][ T6278] loop1: detected capacity change from 0 to 16
[  323.355817][ T6278] erofs: Unknown parameter 'ÿÿÿÿt’5Æ;À
â�}	ï7_cŠúÏèðÎîËN”Øü÷û"LŽ��õ‚öaÂm)p÷«ñ„°ƒº'6~—'
[  323.533857][ T6276] loop2: detected capacity change from 0 to 8192
[  326.856721][ T6288] loop1: detected capacity change from 0 to 2048
[  327.018278][ T6288] Alternate GPT is invalid, using primary GPT.
[  327.025868][ T6288]  loop1: p1 p2 p3
[  327.159598][ T6093] 8021q: adding VLAN 0 to HW filter on device batadv0
[  328.193273][ T5856] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  328.466414][ T5856] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  328.479591][ T5856] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  328.490011][ T5856] usb 2-1: New USB device found, idVendor=046d, idProduct=c29b, bcdDevice= 0.00
[  328.499528][ T5856] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.615644][ T5856] usb 2-1: config 0 descriptor??
[  329.116961][ T6300] vlan2: entered promiscuous mode
[  329.394078][ T5856] usbhid 2-1:0.0: can't add hid device: -71
[  329.400849][ T5856] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  329.478710][ T5856] usb 2-1: USB disconnect, device number 2
[  330.113691][ T6308] loop2: detected capacity change from 0 to 2048
[  330.243520][ T6308] EXT4-fs error (device loop2): __ext4_fill_super:5489: inode #2: comm syz.2.98: casefold flag without casefold feature
[  330.294359][ T6308] EXT4-fs (loop2): get root inode failed
[  330.300497][ T6308] EXT4-fs (loop2): mount failed
[  330.328036][ T6093] veth0_vlan: entered promiscuous mode
[  330.401738][ T6093] veth1_vlan: entered promiscuous mode
[  330.505779][ T6093] veth0_macvtap: entered promiscuous mode
[  330.529023][ T6093] veth1_macvtap: entered promiscuous mode
[  330.588289][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.599301][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.609492][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.620367][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.630465][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.641255][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.651405][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.662477][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.683933][ T6093] batman_adv: batadv0: Interface activated: batadv_slave_0
[  330.703222][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.714028][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.724286][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.735092][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.745249][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.756099][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.766243][ T6093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.782276][ T6093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.799137][ T6093] batman_adv: batadv0: Interface activated: batadv_slave_1
[  330.819369][ T6093] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  330.828656][ T6093] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  330.837920][ T6093] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  330.847216][ T6093] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.644332][ T5857] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  332.812394][ T5858] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  332.963283][ T5857] usb 4-1: Using ep0 maxpacket: 16
[  333.045160][ T5857] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  333.055989][ T5857] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  333.065406][ T5857] usb 4-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  333.101828][ T5858] usb 2-1: Using ep0 maxpacket: 8
[  333.181914][ T5858] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  333.193950][ T5858] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  333.424194][ T5857] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  333.434100][ T5857] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.445165][ T5857] usb 4-1: Product: syz
[  333.449596][ T5857] usb 4-1: Manufacturer: syz
[  333.455386][ T5857] usb 4-1: SerialNumber: syz
[  333.536048][ T5858] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  333.548602][ T5858] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.557980][ T5858] usb 2-1: Product: syz
[  333.562562][ T5858] usb 2-1: Manufacturer: syz
[  333.567456][ T5858] usb 2-1: SerialNumber: syz
[  334.341805][ T5857] usb 4-1: 0:2 : does not exist
[  335.373735][ T6340] loop2: detected capacity change from 0 to 16
[  335.404048][ T6340] loop2: detected capacity change from 0 to 256
[  335.918764][ T5857] usb 4-1: USB disconnect, device number 3
[  338.686001][ T6009] udevd[6009]: setting mode of /dev/bus/usb/004/003 to 020664 failed: No such file or directory
[  339.184333][ T6009] udevd[6009]: setting owner of /dev/bus/usb/004/003 to uid=0, gid=0 failed: No such file or directory
[  340.753253][ T5858] cdc_ncm 2-1:1.0: failed GET_NTB_PARAMETERS
[  340.759741][ T5858] cdc_ncm 2-1:1.0: bind() failure
[  340.777928][ T5858] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  340.785284][ T5858] cdc_ncm 2-1:1.1: bind() failure
[  342.753776][ T5858] usb 2-1: USB disconnect, device number 3
[  345.886152][ T6340] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  346.585371][ T6009] udevd[6009]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  347.170798][ T6351] loop3: detected capacity change from 0 to 8192
[  349.998034][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  349.998119][   T29] audit: type=1326 audit(1731996150.075:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6366 comm="syz.0.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  350.027617][   T29] audit: type=1326 audit(1731996150.075:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6366 comm="syz.0.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  350.056950][   T29] audit: type=1326 audit(1731996150.075:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6366 comm="syz.0.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  350.079643][   T29] audit: type=1326 audit(1731996150.075:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6366 comm="syz.0.111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  352.238398][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  352.245530][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  355.017542][ T6405] loop1: detected capacity change from 0 to 1024
[  358.166773][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  358.178688][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  358.193316][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  358.207088][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  358.218529][ T5806] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  358.243909][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  359.538756][ T6430] can0: slcan on ptm0.
[  359.828658][ T6418] can0 (unregistered): slcan off ptm0.
[  360.401543][ T5806] Bluetooth: hci5: command tx timeout
[  362.509802][ T5806] Bluetooth: hci5: command tx timeout
[  363.548484][ T6416] chnl_net:caif_netlink_parms(): no params data found
[  364.388765][ T6445] loop2: detected capacity change from 0 to 2048
[  364.526339][ T6445] EXT4-fs error (device loop2): __ext4_fill_super:5489: inode #2: comm syz.2.121: casefold flag without casefold feature
[  364.544128][ T5806] Bluetooth: hci5: command tx timeout
[  364.608283][ T6445] EXT4-fs (loop2): get root inode failed
[  364.614559][ T6445] EXT4-fs (loop2): mount failed
[  365.722635][ T6466] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input6
[  365.815940][   T29] audit: type=1326 audit(1731996165.895:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  365.839803][   T29] audit: type=1326 audit(1731996165.895:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  365.862827][   T29] audit: type=1326 audit(1731996165.895:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  365.885475][   T29] audit: type=1326 audit(1731996165.895:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  365.910682][   T29] audit: type=1326 audit(1731996165.905:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  365.933930][   T29] audit: type=1326 audit(1731996165.905:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  365.956558][   T29] audit: type=1326 audit(1731996165.905:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  365.979364][   T29] audit: type=1326 audit(1731996165.905:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  366.002008][   T29] audit: type=1326 audit(1731996165.905:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  366.028312][   T29] audit: type=1326 audit(1731996165.905:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd6b7e759 code=0x7ffc0000
[  366.614998][ T5806] Bluetooth: hci5: command tx timeout
[  367.318179][ T6469] netlink: 72 bytes leftover after parsing attributes in process `syz.3.125'.
[  369.635790][ T6477] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input7
[  372.103302][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  372.103385][   T29] audit: type=1326 audit(1731996169.995:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz.0.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  372.133050][   T29] audit: type=1326 audit(1731996169.995:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz.0.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  372.158315][   T29] audit: type=1326 audit(1731996170.145:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz.0.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  372.181787][   T29] audit: type=1326 audit(1731996170.145:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz.0.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  372.204425][   T29] audit: type=1326 audit(1731996170.145:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz.0.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  372.227014][   T29] audit: type=1326 audit(1731996170.355:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz.0.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  372.252538][   T29] audit: type=1326 audit(1731996170.355:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz.0.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  372.276003][   T29] audit: type=1326 audit(1731996170.355:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz.0.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  372.298727][   T29] audit: type=1326 audit(1731996170.525:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz.0.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  372.321703][   T29] audit: type=1326 audit(1731996170.525:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz.0.126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  374.182460][ T5849] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  375.254016][ T6416] bridge0: port 1(bridge_slave_0) entered blocking state
[  375.262027][ T6416] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.270363][ T6416] bridge_slave_0: entered allmulticast mode
[  375.279663][ T6416] bridge_slave_0: entered promiscuous mode
[  375.297456][ T5914] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  375.602884][ T5914] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  375.614319][ T5914] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  375.624569][ T5914] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  375.642602][ T5914] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  375.651995][ T5914] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  375.702702][   T60] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.860528][ T6416] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.868461][ T6416] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.876611][ T6416] bridge_slave_1: entered allmulticast mode
[  375.885830][ T6416] bridge_slave_1: entered promiscuous mode
[  375.999587][ T5914] usb 2-1: config 0 descriptor??
[  376.014392][   T60] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  376.600044][ T5914] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  376.762855][ T5914] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[  376.927002][ T5914] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  377.147512][   T60] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.237135][ T5914] usb 2-1: USB disconnect, device number 4
[  377.426823][ T6416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  377.457366][ T6416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  377.877517][   T60] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.571703][ T6416] team0: Port device team_slave_0 added
[  378.686174][ T6416] team0: Port device team_slave_1 added
[  379.586019][ T6416] batman_adv: batadv0: Adding interface: batadv_slave_0
[  379.593499][ T6416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.620121][ T6416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  379.676800][   T60] bridge_slave_1: left allmulticast mode
[  379.682946][   T60] bridge_slave_1: left promiscuous mode
[  379.689669][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.922485][ T6502] slcan: can't register candev
[  380.078266][ T5807] Bluetooth: hci4: command 0x0406 tx timeout
[  380.085045][ T5807] Bluetooth: hci3: command 0x0406 tx timeout
[  380.091305][ T5807] Bluetooth: hci0: command 0x0406 tx timeout
[  380.098732][ T5807] Bluetooth: hci1: command 0x0406 tx timeout
[  380.652540][   T60] bridge_slave_0: left allmulticast mode
[  380.658519][   T60] bridge_slave_0: left promiscuous mode
[  380.665450][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.311938][ T6513] loop2: detected capacity change from 0 to 1024
[  382.355404][ T6513] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  382.409806][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  382.409883][   T29] audit: type=1800 audit(1731996182.535:54): pid=6513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.136" name="bus" dev="loop2" ino=18 res=0 errno=0
[  382.604864][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  382.737195][ T6514] loop1: detected capacity change from 0 to 1024
[  382.784728][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  382.914599][   T60] bond0 (unregistering): Released all slaves
[  383.075548][ T6514] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.153382][ T6416] batman_adv: batadv0: Adding interface: batadv_slave_1
[  383.160599][ T6416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  383.187272][ T6416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  384.809496][ T5799] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.912811][ T6416] hsr_slave_0: entered promiscuous mode
[  385.031220][ T6416] hsr_slave_1: entered promiscuous mode
[  385.122716][ T6416] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  385.130678][ T6416] Cannot create hsr debugfs directory
[  385.277476][   T60] hsr_slave_0: left promiscuous mode
[  385.366438][   T60] hsr_slave_1: left promiscuous mode
[  385.473356][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  385.481244][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  385.608280][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  385.616484][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  385.626840][ T6529] futex_wake_op: syz.0.140 tries to shift op by -1; fix this program
[  385.642314][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.674144][   T60] veth1_macvtap: left promiscuous mode
[  385.679994][   T60] veth0_macvtap: left promiscuous mode
[  385.686617][   T60] veth1_vlan: left promiscuous mode
[  385.692316][   T60] veth0_vlan: left promiscuous mode
[  387.038512][   T60] team0 (unregistering): Port device team_slave_1 removed
[  387.143571][   T29] audit: type=1326 audit(1731996187.235:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6539 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc8fb7e759 code=0x7fc00000
[  387.155452][   T60] team0 (unregistering): Port device team_slave_0 removed
[  387.742318][   T29] audit: type=1326 audit(1731996187.765:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6539 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbc8fb7e759 code=0x7fc00000
[  387.765516][   T29] audit: type=1326 audit(1731996187.765:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6539 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc8fb7e759 code=0x7fc00000
[  387.788293][   T29] audit: type=1326 audit(1731996187.765:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6539 comm="syz.3.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc8fb7e759 code=0x7fc00000
[  392.695322][ T6416] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  392.876571][ T6416] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  393.129466][ T6416] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  393.335699][ T6416] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  393.968787][ T6416] 8021q: adding VLAN 0 to HW filter on device bond0
[  394.021044][ T6416] 8021q: adding VLAN 0 to HW filter on device team0
[  394.115208][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.123154][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  394.140627][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.148512][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  395.747614][   T29] audit: type=1326 audit(1731996195.845:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz.0.159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  396.112833][   T29] audit: type=1326 audit(1731996196.005:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz.0.159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  396.135709][   T29] audit: type=1326 audit(1731996196.005:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz.0.159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  396.158708][   T29] audit: type=1326 audit(1731996196.005:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz.0.159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  396.181407][   T29] audit: type=1326 audit(1731996196.035:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz.0.159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  396.204193][   T29] audit: type=1326 audit(1731996196.035:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz.0.159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  396.229440][   T29] audit: type=1326 audit(1731996196.035:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz.0.159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  396.253016][   T29] audit: type=1326 audit(1731996196.035:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz.0.159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  396.275686][   T29] audit: type=1326 audit(1731996196.035:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz.0.159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  396.299312][   T29] audit: type=1326 audit(1731996196.035:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6603 comm="syz.0.159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b6697e759 code=0x7ffc0000
[  398.378548][ T6627] loop2: detected capacity change from 0 to 16
[  398.445927][ T6627] erofs: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ18446744073709551615ÿâÓÞün§ÙÖõ&×*4c•NªÊ3iV�Eè»lö»?†˜¡¨lѾéνŸ�B¸š^š'•¥÷‡×ƒjuÂL¶¢]÷®äCíJô(©¨¸¹§HytÏpd
NG·°nÁ+'X
[  398.445927][ T6627] '
[  398.759506][ T6627] loop2: detected capacity change from 0 to 512
[  398.825144][ T6416] 8021q: adding VLAN 0 to HW filter on device batadv0
[  398.853761][ T6627] ext3: Unknown parameter 'uid<00000000000000000000'
[  399.025311][ T6627] cgroup: Unknown subsys name 'cpuset'
[  399.228692][ T6629] loop3: detected capacity change from 0 to 128
[  399.542018][ T6629] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  399.722842][ T6629] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  401.054094][ T5802] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  403.637518][ T6667] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  403.740129][ T6416] veth0_vlan: entered promiscuous mode
[  403.798016][ T6416] veth1_vlan: entered promiscuous mode
[  404.054100][ T6416] veth0_macvtap: entered promiscuous mode
[  404.083732][ T6416] veth1_macvtap: entered promiscuous mode
[  404.148742][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.160654][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.171604][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.186529][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.196770][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.210723][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.224009][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.235222][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.250567][ T6416] batman_adv: batadv0: Interface activated: batadv_slave_0
[  404.331033][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.341874][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.352306][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.363206][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.373427][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.384261][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.394429][ T6416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.408489][ T6416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.425751][ T6416] batman_adv: batadv0: Interface activated: batadv_slave_1
[  404.552708][ T6416] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  404.561844][ T6416] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  404.571122][ T6416] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  404.580356][ T6416] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  405.334520][ T6685] can0: slcan on ptm0.
[  405.690475][ T6684] can0 (unregistered): slcan off ptm0.
[  411.352484][ T5858] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  411.621357][ T5858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  411.632933][ T5858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  411.643174][ T5858] usb 1-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[  411.652801][ T5858] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.885249][ T5858] usb 1-1: config 0 descriptor??
[  413.630713][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  413.637989][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  413.971458][ T5858] usbhid 1-1:0.0: can't add hid device: -71
[  413.978452][ T5858] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  414.039093][ T5858] usb 1-1: USB disconnect, device number 3
[  419.504445][ T5810] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  419.506698][ T6769] loop2: detected capacity change from 0 to 2048
[  419.523133][ T5810] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  419.546104][ T5810] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  419.699992][ T6769]  loop2: p2 < > p4
[  419.734181][ T6769] loop2: p4 size 8192 extends beyond EOD, truncated
[  419.779989][ T5810] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  420.033525][ T5810] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  420.045288][ T5810] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  420.514293][ T3943] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.155898][ T3943] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.430197][ T6786] loop1: detected capacity change from 0 to 512
[  421.457660][ T3943] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.480354][ T6786] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  421.513100][   T44] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  421.578699][ T3943] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.597064][ T6786] EXT4-fs (loop1): 1 truncate cleaned up
[  421.610814][ T6786] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.968853][   T44] usb 1-1: Using ep0 maxpacket: 16
[  422.104019][   T44] usb 1-1: unable to get BOS descriptor or descriptor too short
[  422.136453][   T44] usb 1-1: config 2 has an invalid interface number: 22 but max is 0
[  422.145234][   T44] usb 1-1: config 2 has no interface number 0
[  422.151603][   T44] usb 1-1: config 2 interface 22 has no altsetting 0
[  422.170131][ T5810] Bluetooth: hci2: command tx timeout
[  422.219578][   T44] usb 1-1: New USB device found, idVendor=0451, idProduct=5416, bcdDevice= 1.00
[  422.234367][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.242813][   T44] usb 1-1: Product: syz
[  422.247224][   T44] usb 1-1: Manufacturer: syz
[  422.252209][   T44] usb 1-1: SerialNumber: syz
[  422.263368][ T3943] bridge_slave_1: left allmulticast mode
[  422.269301][ T3943] bridge_slave_1: left promiscuous mode
[  422.278990][ T3943] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.452297][ T3943] bridge_slave_0: left allmulticast mode
[  422.458370][ T3943] bridge_slave_0: left promiscuous mode
[  422.465328][ T3943] bridge0: port 1(bridge_slave_0) entered disabled state
[  422.535472][   T44] usb-storage 1-1:2.22: USB Mass Storage device detected
[  422.611971][   T44] usb-storage 1-1:2.22: Quirks match for vid 0451 pid 5416: 2
[  422.957292][   T44] usb 1-1: USB disconnect, device number 4
[  423.306911][ T3943] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  423.536904][ T3943] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  423.689037][ T3943] bond0 (unregistering): Released all slaves
[  424.267633][ T5810] Bluetooth: hci2: command tx timeout
[  424.755563][ T5799] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.807767][ T3943] hsr_slave_0: left promiscuous mode
[  424.881093][ T3943] hsr_slave_1: left promiscuous mode
[  424.967968][ T3943] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  424.976055][ T3943] batman_adv: batadv0: Removing interface: batadv_slave_0
[  425.084624][ T3943] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  425.098128][ T3943] batman_adv: batadv0: Removing interface: batadv_slave_1
[  425.349752][ T3943] veth1_macvtap: left promiscuous mode
[  425.355972][ T3943] veth0_macvtap: left promiscuous mode
[  425.361936][ T3943] veth1_vlan: left promiscuous mode
[  425.367709][ T3943] veth0_vlan: left promiscuous mode
[  426.382485][ T5810] Bluetooth: hci2: command tx timeout
[  426.564592][ T6817] syz.0.206[6817] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  426.565536][ T6817] syz.0.206[6817] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  426.578004][ T6817] syz.0.206[6817] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  428.288562][ T3943] team0 (unregistering): Port device team_slave_1 removed
[  428.356713][ T3943] team0 (unregistering): Port device team_slave_0 removed
[  428.452822][ T5810] Bluetooth: hci2: command tx timeout
[  429.070033][ T6763] chnl_net:caif_netlink_parms(): no params data found
[  429.151799][ T6821] loop2: detected capacity change from 0 to 256
[  429.245683][ T6821] exfat: Unknown parameter 'ÿÿÿÿ01777777777777777777777'
[  430.090391][ T4198] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.269603][ T6831] capability: warning: `syz.0.213' uses 32-bit capabilities (legacy support in use)
[  430.333553][ T5801] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  430.344891][ T5801] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  430.462882][ T5801] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  430.477153][ T5801] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  430.489491][ T5801] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  430.499746][ T5801] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  430.614326][ T4198] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.968978][ T4198] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.300997][ T4198] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.462646][ T6763] bridge0: port 1(bridge_slave_0) entered blocking state
[  431.470572][ T6763] bridge0: port 1(bridge_slave_0) entered disabled state
[  431.480394][ T6763] bridge_slave_0: entered allmulticast mode
[  431.489711][ T6763] bridge_slave_0: entered promiscuous mode
[  431.750375][ T6763] bridge0: port 2(bridge_slave_1) entered blocking state
[  431.758454][ T6763] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.766495][ T6763] bridge_slave_1: entered allmulticast mode
[  431.776205][ T6763] bridge_slave_1: entered promiscuous mode
[  432.353257][ T4198] bridge_slave_1: left allmulticast mode
[  432.363166][ T4198] bridge_slave_1: left promiscuous mode
[  432.369932][ T4198] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.539330][ T4198] bridge_slave_0: left allmulticast mode
[  432.545528][ T4198] bridge_slave_0: left promiscuous mode
[  432.552407][ T4198] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.662390][ T5801] Bluetooth: hci3: command tx timeout
[  434.723545][ T5801] Bluetooth: hci3: command tx timeout
[  435.055974][ T6867] libceph: resolve '0' (ret=-3): failed
[  436.487643][ T4198] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  436.531469][ T4198] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  436.616352][ T4198] bond0 (unregistering): Released all slaves
[  436.796333][ T6763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  436.815720][ T5801] Bluetooth: hci3: command tx timeout
[  436.881181][ T6763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  437.444353][ T6763] team0: Port device team_slave_0 added
[  437.553909][ T6763] team0: Port device team_slave_1 added
[  438.048529][ T4198] hsr_slave_0: left promiscuous mode
[  438.074087][ T4198] hsr_slave_1: left promiscuous mode
[  438.111910][ T4198] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  438.120872][ T4198] batman_adv: batadv0: Removing interface: batadv_slave_0
[  438.140270][ T4198] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  438.148466][ T4198] batman_adv: batadv0: Removing interface: batadv_slave_1
[  438.173421][ T4198] veth1_macvtap: left promiscuous mode
[  438.179325][ T4198] veth0_macvtap: left promiscuous mode
[  438.185628][ T4198] veth1_vlan: left promiscuous mode
[  438.191246][ T4198] veth0_vlan: left promiscuous mode
[  438.837641][ T4198] team0 (unregistering): Port device team_slave_1 removed
[  438.852512][ T5801] Bluetooth: hci3: command tx timeout
[  438.880456][ T4198] team0 (unregistering): Port device team_slave_0 removed
[  439.454999][ T6763] batman_adv: batadv0: Adding interface: batadv_slave_0
[  439.462412][ T6763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  439.488954][ T6763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  439.712896][ T6832] chnl_net:caif_netlink_parms(): no params data found
[  439.751739][ T6763] batman_adv: batadv0: Adding interface: batadv_slave_1
[  439.759118][ T6763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  439.785668][ T6763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  441.387669][ T6763] hsr_slave_0: entered promiscuous mode
[  441.590562][ T6763] hsr_slave_1: entered promiscuous mode
[  443.670136][ T6832] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.680046][ T6832] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.687974][ T6832] bridge_slave_0: entered allmulticast mode
[  443.697365][ T6832] bridge_slave_0: entered promiscuous mode
[  444.040284][ T6832] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.048113][ T6832] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.056214][ T6832] bridge_slave_1: entered allmulticast mode
[  444.065634][ T6832] bridge_slave_1: entered promiscuous mode
[  445.099993][ T6832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  445.329882][ T6832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.639781][ T6832] team0: Port device team_slave_0 added
[  446.718426][ T6832] team0: Port device team_slave_1 added
[  447.116722][ T6763] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  447.225647][ T6832] batman_adv: batadv0: Adding interface: batadv_slave_0
[  447.232957][ T6832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  447.259627][ T6832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  447.284344][ T6763] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  447.374015][ T6763] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  447.447674][ T6832] batman_adv: batadv0: Adding interface: batadv_slave_1
[  447.455139][ T6832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  447.483016][ T6832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  447.506822][ T6763] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  449.533006][ T6832] hsr_slave_0: entered promiscuous mode
[  449.644657][ T6832] hsr_slave_1: entered promiscuous mode
[  449.712463][ T6832] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  449.720688][ T6832] Cannot create hsr debugfs directory
[  450.924495][ T6962] loop2: detected capacity change from 0 to 1024
[  451.061363][ T6763] 8021q: adding VLAN 0 to HW filter on device bond0
[  451.164240][ T6962] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  451.177494][ T6763] 8021q: adding VLAN 0 to HW filter on device team0
[  451.210880][ T4198] bridge0: port 1(bridge_slave_0) entered blocking state
[  451.218754][ T4198] bridge0: port 1(bridge_slave_0) entered forwarding state
[  451.361412][ T4198] bridge0: port 2(bridge_slave_1) entered blocking state
[  451.369300][ T4198] bridge0: port 2(bridge_slave_1) entered forwarding state
[  451.770374][ T6763] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  451.781998][ T6763] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  451.946885][ T6832] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  452.245933][ T6832] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  452.281179][ T6832] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  452.511735][ T6832] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  453.093981][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  453.416153][ T6990] loop3: detected capacity change from 0 to 512
[  455.253718][ T6990] fscrypt: Error allocating hmac(sha512): -2
[  456.108686][ T6763] 8021q: adding VLAN 0 to HW filter on device batadv0
[  456.206044][ T6832] 8021q: adding VLAN 0 to HW filter on device bond0
[  456.313690][ T6832] 8021q: adding VLAN 0 to HW filter on device team0
[  456.390917][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  456.398866][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  456.416134][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.424089][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  456.593489][ T6832] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  456.604207][ T6832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  458.039871][ T7025] warning: `syz.2.248' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  458.912901][ T6832] 8021q: adding VLAN 0 to HW filter on device batadv0
[  459.584296][ T6763] veth0_vlan: entered promiscuous mode
[  459.751280][ T6763] veth1_vlan: entered promiscuous mode
[  459.974300][ T6763] veth0_macvtap: entered promiscuous mode
[  460.023862][ T6763] veth1_macvtap: entered promiscuous mode
[  460.143052][ T6763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  460.153927][ T6763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  460.167345][ T6763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  460.178253][ T6763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  460.188434][ T6763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  460.199438][ T6763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  460.221700][ T6763] batman_adv: batadv0: Interface activated: batadv_slave_0
[  460.254221][ T6763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  460.265094][ T6763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  460.275302][ T6763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  460.286270][ T6763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  460.297487][ T6763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  460.308314][ T6763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  460.330701][ T6763] batman_adv: batadv0: Interface activated: batadv_slave_1
[  460.351931][ T6763] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  460.361241][ T6763] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  460.370468][ T6763] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  460.379789][ T6763] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  460.923316][ T5810] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  461.003971][ T5810] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  461.024169][ T5810] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  461.091448][ T5810] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  461.130283][ T5810] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  461.149037][ T5810] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  462.204687][ T7075] loop3: detected capacity change from 0 to 128
[  463.316894][ T5801] Bluetooth: hci5: command tx timeout
[  463.509242][ T7075] EXT4-fs (loop3): Test dummy encryption mode enabled
[  463.540795][ T6832] veth0_vlan: entered promiscuous mode
[  463.569408][ T7057] chnl_net:caif_netlink_parms(): no params data found
[  463.641649][ T6832] veth1_vlan: entered promiscuous mode
[  463.656306][ T7075] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  463.754544][ T3997] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  463.821312][ T7075] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  463.994752][ T3997] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.560445][ T3997] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.884169][ T3997] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.083425][ T7092] fscrypt (loop3): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))")
[  465.336002][ T5801] Bluetooth: hci5: command tx timeout
[  465.717798][ T3997] bridge_slave_1: left allmulticast mode
[  465.723995][ T3997] bridge_slave_1: left promiscuous mode
[  465.730653][ T3997] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.833036][ T3997] bridge_slave_0: left allmulticast mode
[  465.839019][ T3997] bridge_slave_0: left promiscuous mode
[  465.846959][ T3997] bridge0: port 1(bridge_slave_0) entered disabled state
[  466.550201][ T3997] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  466.609359][ T3997] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  466.647284][ T3997] bond0 (unregistering): Released all slaves
[  466.721772][ T6832] veth0_macvtap: entered promiscuous mode
[  467.040341][ T6832] veth1_macvtap: entered promiscuous mode
[  467.393905][ T6832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.406099][ T6832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.417414][ T6832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.429360][ T6832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.440422][ T6832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.451930][ T6832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.464021][ T6832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.475931][ T6832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.504460][ T6832] batman_adv: batadv0: Interface activated: batadv_slave_0
[  467.505022][ T5801] Bluetooth: hci5: command tx timeout
[  467.545603][ T6832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.556787][ T6832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.567090][ T6832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.577968][ T6832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.588151][ T6832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.599144][ T6832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.609301][ T6832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.620167][ T6832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.640909][ T6832] batman_adv: batadv0: Interface activated: batadv_slave_1
[  467.681373][ T6832] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  467.690987][ T6832] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  467.700165][ T6832] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  467.709313][ T6832] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  467.914503][ T3997] hsr_slave_0: left promiscuous mode
[  467.963286][ T3997] hsr_slave_1: left promiscuous mode
[  468.014755][ T3997] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  468.025122][ T3997] batman_adv: batadv0: Removing interface: batadv_slave_0
[  468.054247][ T3997] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  468.062004][ T3997] batman_adv: batadv0: Removing interface: batadv_slave_1
[  468.091310][ T3997] veth1_macvtap: left promiscuous mode
[  468.097814][ T3997] veth0_macvtap: left promiscuous mode
[  468.103860][ T3997] veth1_vlan: left promiscuous mode
[  468.109465][ T3997] veth0_vlan: left promiscuous mode
[  468.758575][ T3997] team0 (unregistering): Port device team_slave_1 removed
[  468.866264][ T3997] team0 (unregistering): Port device team_slave_0 removed
[  469.399280][ T7057] bridge0: port 1(bridge_slave_0) entered blocking state
[  469.407447][ T7057] bridge0: port 1(bridge_slave_0) entered disabled state
[  469.416825][ T7057] bridge_slave_0: entered allmulticast mode
[  469.430225][ T7057] bridge_slave_0: entered promiscuous mode
[  469.448332][ T7057] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.456202][ T7057] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.464162][ T7057] bridge_slave_1: entered allmulticast mode
[  469.473307][ T7057] bridge_slave_1: entered promiscuous mode
[  469.591603][ T5801] Bluetooth: hci5: command tx timeout
[  469.797074][ T7057] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  469.864809][ T7057] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  470.206447][ T7057] team0: Port device team_slave_0 added
[  470.302615][ T7057] team0: Port device team_slave_1 added
[  470.744728][ T7057] batman_adv: batadv0: Adding interface: batadv_slave_0
[  470.751938][ T7057] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  470.784207][ T7057] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  470.859520][ T7057] batman_adv: batadv0: Adding interface: batadv_slave_1
[  470.871302][ T7057] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  470.900629][ T7057] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  472.063399][ T7057] hsr_slave_0: entered promiscuous mode
[  472.235431][ T7057] hsr_slave_1: entered promiscuous mode
[  472.322515][ T7057] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  472.330366][ T7057] Cannot create hsr debugfs directory
[  474.774098][ T3719] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  474.782371][ T3719] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  474.866440][ T7057] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  474.946719][ T7057] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  474.956947][ T3943] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  474.965234][ T3943] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  475.114184][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  475.120926][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  475.135737][ T7057] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  475.321926][ T7057] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  476.586609][ T7178] netlink: 64 bytes leftover after parsing attributes in process `syz.5.42'.
[  476.602201][ T7178] netlink: 64 bytes leftover after parsing attributes in process `syz.5.42'.
[  477.441589][ T7057] 8021q: adding VLAN 0 to HW filter on device bond0
[  477.732735][ T7057] 8021q: adding VLAN 0 to HW filter on device team0
[  477.850539][ T5810] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  477.859949][ T5810] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  477.865410][ T4198] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.874835][ T4198] bridge0: port 1(bridge_slave_0) entered forwarding state
[  477.960464][ T5810] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  478.004191][ T5810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  478.016606][ T5810] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  478.026343][ T5810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  478.081401][ T4198] bridge0: port 2(bridge_slave_1) entered blocking state
[  478.089249][ T4198] bridge0: port 2(bridge_slave_1) entered forwarding state
[  478.120282][ T5802] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  479.724409][ T7189] chnl_net:caif_netlink_parms(): no params data found
[  480.159683][ T5810] Bluetooth: hci0: command tx timeout
[  480.757881][   T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  480.766119][   T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  481.700188][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  481.708495][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  482.212423][ T5810] Bluetooth: hci0: command tx timeout
[  483.215876][ T7057] 8021q: adding VLAN 0 to HW filter on device batadv0
[  483.406814][ T7189] bridge0: port 1(bridge_slave_0) entered blocking state
[  483.424582][ T7189] bridge0: port 1(bridge_slave_0) entered disabled state
[  483.432784][ T7189] bridge_slave_0: entered allmulticast mode
[  483.442420][ T7189] bridge_slave_0: entered promiscuous mode
[  483.483064][ T7230] netlink: 8 bytes leftover after parsing attributes in process `syz.2.272'.
[  483.616876][ T7189] bridge0: port 2(bridge_slave_1) entered blocking state
[  483.625499][ T7189] bridge0: port 2(bridge_slave_1) entered disabled state
[  483.633763][ T7189] bridge_slave_1: entered allmulticast mode
[  483.643548][ T7189] bridge_slave_1: entered promiscuous mode
[  484.269595][ T7189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  484.362522][ T5810] Bluetooth: hci0: command tx timeout
[  484.367337][ T7189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  485.226501][   T60] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  485.441002][ T7189] team0: Port device team_slave_0 added
[  485.518195][ T7189] team0: Port device team_slave_1 added
[  485.622595][   T60] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  485.898302][   T60] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  486.247920][   T60] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  486.339245][ T7189] batman_adv: batadv0: Adding interface: batadv_slave_0
[  486.347291][ T7189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  486.374136][ T7189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  486.382466][ T5810] Bluetooth: hci0: command tx timeout
[  486.584612][ T7189] batman_adv: batadv0: Adding interface: batadv_slave_1
[  486.591809][ T7189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  486.618520][ T7189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  487.259954][ T7189] hsr_slave_0: entered promiscuous mode
[  487.304444][ T7189] hsr_slave_1: entered promiscuous mode
[  487.322459][ T7189] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  487.330303][ T7189] Cannot create hsr debugfs directory
[  487.384504][   T60] bridge_slave_1: left allmulticast mode
[  487.390408][   T60] bridge_slave_1: left promiscuous mode
[  487.397556][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.457855][   T60] bridge_slave_0: left allmulticast mode
[  487.463942][   T60] bridge_slave_0: left promiscuous mode
[  487.470640][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.484940][ T7258] syz.2.275[7258] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  487.485398][ T7258] syz.2.275[7258] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  487.497657][ T7258] syz.2.275[7258] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  488.518341][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  488.657244][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  488.723088][ T7269] loop6: detected capacity change from 0 to 512
[  488.757067][   T60] bond0 (unregistering): Released all slaves
[  488.776576][ T7271] loop5: detected capacity change from 0 to 512
[  488.791359][ T7269] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  488.897853][ T7271] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  488.937538][ T7269] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  488.972881][ T7269] EXT4-fs (loop6): 1 truncate cleaned up
[  488.980423][ T7269] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  489.122970][ T7271] EXT4-fs (loop5): 1 truncate cleaned up
[  489.130714][ T7271] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  489.845568][ T7057] veth0_vlan: entered promiscuous mode
[  489.953737][ T6763] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  490.592932][ T7057] veth1_vlan: entered promiscuous mode
[  490.798313][   T60] hsr_slave_0: left promiscuous mode
[  490.922773][   T60] hsr_slave_1: left promiscuous mode
[  490.988146][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  490.996826][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  491.110713][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  491.118923][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  491.354506][   T60] veth1_macvtap: left promiscuous mode
[  491.360336][   T60] veth0_macvtap: left promiscuous mode
[  491.366705][   T60] veth1_vlan: left promiscuous mode
[  491.372445][   T60] veth0_vlan: left promiscuous mode
[  493.818527][   T60] team0 (unregistering): Port device team_slave_1 removed
[  493.848665][   T60] team0 (unregistering): Port device team_slave_0 removed
[  494.903431][ T7057] veth0_macvtap: entered promiscuous mode
[  495.050384][ T7057] veth1_macvtap: entered promiscuous mode
[  495.344384][ T7057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.355420][ T7057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.365830][ T7057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.376691][ T7057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.386957][ T7057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.397842][ T7057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.413552][ T7057] batman_adv: batadv0: Interface activated: batadv_slave_0
[  495.474243][ T7189] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  495.729506][ T7057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.740463][ T7057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.753999][ T7057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.766026][ T7057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.776375][ T7057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.787247][ T7057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.802762][ T7057] batman_adv: batadv0: Interface activated: batadv_slave_1
[  496.075144][ T7057] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  496.084502][ T7057] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  496.093885][ T7057] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  496.103087][ T7057] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.123769][ T7189] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  496.375601][ T7189] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  496.598932][ T7189] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  498.732807][ T7189] 8021q: adding VLAN 0 to HW filter on device bond0
[  499.103531][ T7189] 8021q: adding VLAN 0 to HW filter on device team0
[  499.216927][ T4867] bridge0: port 1(bridge_slave_0) entered blocking state
[  499.224852][ T4867] bridge0: port 1(bridge_slave_0) entered forwarding state
[  499.480106][ T7313] loop5: detected capacity change from 0 to 512
[  499.571923][ T4867] bridge0: port 2(bridge_slave_1) entered blocking state
[  499.579804][ T4867] bridge0: port 2(bridge_slave_1) entered forwarding state
[  499.598539][ T7313] EXT4-fs (loop5): SIPHASH is not a valid default hash value
[  502.300246][ T5801] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  502.320177][ T5801] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  502.334205][ T5801] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  502.348936][ T5801] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  502.360658][ T5801] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  502.380366][ T5801] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  503.675470][ T7189] 8021q: adding VLAN 0 to HW filter on device batadv0
[  503.883102][ T7325] chnl_net:caif_netlink_parms(): no params data found
[  504.532520][ T5801] Bluetooth: hci4: command tx timeout
[  505.824630][ T5810] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  505.848987][ T5810] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  505.858984][ T5810] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  505.875963][ T5810] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  505.891340][ T5810] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  505.902419][ T5810] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  505.938256][ T7277] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.975413][ T4689] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.570146][ T4689] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.617188][ T5810] Bluetooth: hci4: command tx timeout
[  506.828453][ T5852] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  506.878895][ T4689] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.017844][ T5852] usb 6-1: Using ep0 maxpacket: 16
[  507.043652][ T5852] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  507.052776][ T5852] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  507.063433][ T5852] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  507.170829][ T5852] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  507.180338][ T5852] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.188937][ T5852] usb 6-1: Product: syz
[  507.193506][ T5852] usb 6-1: Manufacturer: syz
[  507.198408][ T5852] usb 6-1: SerialNumber: syz
[  507.235770][ T4689] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.606779][ T7325] bridge0: port 1(bridge_slave_0) entered blocking state
[  507.614693][ T7325] bridge0: port 1(bridge_slave_0) entered disabled state
[  507.626569][ T7325] bridge_slave_0: entered allmulticast mode
[  507.635761][ T7325] bridge_slave_0: entered promiscuous mode
[  507.843193][ T5852] usb 6-1: 0:2 : does not exist
[  507.876244][ T7325] bridge0: port 2(bridge_slave_1) entered blocking state
[  507.886535][ T7325] bridge0: port 2(bridge_slave_1) entered disabled state
[  507.894554][ T7325] bridge_slave_1: entered allmulticast mode
[  507.903876][ T7325] bridge_slave_1: entered promiscuous mode
[  508.013661][ T5810] Bluetooth: hci6: command tx timeout
[  508.231189][ T4689] bridge_slave_1: left allmulticast mode
[  508.241472][ T4689] bridge_slave_1: left promiscuous mode
[  508.248322][ T4689] bridge0: port 2(bridge_slave_1) entered disabled state
[  508.265977][ T4689] bridge_slave_0: left allmulticast mode
[  508.272655][ T4689] bridge_slave_0: left promiscuous mode
[  508.279836][ T4689] bridge0: port 1(bridge_slave_0) entered disabled state
[  508.692544][ T5810] Bluetooth: hci4: command tx timeout
[  508.900203][ T4689] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  508.922891][ T4689] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  508.983167][ T4689] bond0 (unregistering): Released all slaves
[  508.993701][ T5852] usb 6-1: USB disconnect, device number 2
[  509.248477][ T7374] udevd[7374]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  509.503235][ T7325] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  509.549857][ T7189] veth0_vlan: entered promiscuous mode
[  509.708787][ T7325] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  509.781962][ T4689] hsr_slave_0: left promiscuous mode
[  509.790187][ T4689] hsr_slave_1: left promiscuous mode
[  509.809546][ T4689] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  509.819223][ T4689] batman_adv: batadv0: Removing interface: batadv_slave_0
[  509.835089][ T4689] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  509.842917][ T4689] batman_adv: batadv0: Removing interface: batadv_slave_1
[  509.866679][ T4689] veth1_macvtap: left promiscuous mode
[  509.873202][ T4689] veth0_macvtap: left promiscuous mode
[  509.880311][ T4689] veth1_vlan: left promiscuous mode
[  509.886284][ T4689] veth0_vlan: left promiscuous mode
[  510.056377][ T5810] Bluetooth: hci6: command tx timeout
[  510.575441][ T4689] team0 (unregistering): Port device team_slave_1 removed
[  510.621250][ T4689] team0 (unregistering): Port device team_slave_0 removed
[  510.780261][ T5810] Bluetooth: hci4: command tx timeout
[  511.109598][ T7364] chnl_net:caif_netlink_parms(): no params data found
[  511.173223][ T7325] team0: Port device team_slave_0 added
[  511.310034][ T7325] team0: Port device team_slave_1 added
[  511.325444][ T3719] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  511.333271][ T7189] veth1_vlan: entered promiscuous mode
[  511.333728][ T3719] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  511.640154][ T7325] batman_adv: batadv0: Adding interface: batadv_slave_0
[  511.648110][ T7325] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  511.674744][ T7325] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  511.746304][ T3943] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  511.754684][ T3943] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  511.790871][ T7325] batman_adv: batadv0: Adding interface: batadv_slave_1
[  511.799168][ T7325] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  511.829198][ T7325] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  512.168703][ T5810] Bluetooth: hci6: command tx timeout
[  512.349879][ T4689] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  512.424188][ T7189] veth0_macvtap: entered promiscuous mode
[  512.894615][ T7189] veth1_macvtap: entered promiscuous mode
[  513.179010][ T4689] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  513.540699][ T4689] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  513.740772][ T7325] hsr_slave_0: entered promiscuous mode
[  513.964602][ T7325] hsr_slave_1: entered promiscuous mode
[  514.000902][ T7325] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  514.009416][ T7325] Cannot create hsr debugfs directory
[  514.128889][ T4689] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.382233][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  514.492832][ T5810] Bluetooth: hci6: command tx timeout
[  514.631175][ T7393] loop5: detected capacity change from 0 to 128
[  514.854513][ T7393] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  514.889817][ T7393] ext4 filesystem being mounted at /18/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  514.955725][ T7364] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.964431][ T7364] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.972465][ T7364] bridge_slave_0: entered allmulticast mode
[  514.980823][ T7364] bridge_slave_0: entered promiscuous mode
[  515.020433][ T7393] syz.5.292 (pid 7393) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  515.046062][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  515.056782][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  515.066829][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  515.077629][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  515.087781][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  515.101641][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  515.117752][ T7189] batman_adv: batadv0: Interface activated: batadv_slave_0
[  515.142895][ T7364] bridge0: port 2(bridge_slave_1) entered blocking state
[  515.150555][ T7364] bridge0: port 2(bridge_slave_1) entered disabled state
[  515.158539][ T7364] bridge_slave_1: entered allmulticast mode
[  515.169169][ T7364] bridge_slave_1: entered promiscuous mode
[  515.443772][ T7393] fscrypt (loop5, inode 12): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))")
[  515.796686][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  515.807613][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  515.820088][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  515.831461][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  515.841521][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  515.852243][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  515.866293][ T7189] batman_adv: batadv0: Interface activated: batadv_slave_1
[  516.004883][ T6763] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  516.080657][ T7364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  516.112347][ T4689] bridge_slave_1: left allmulticast mode
[  516.118296][ T4689] bridge_slave_1: left promiscuous mode
[  516.128796][ T4689] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.209427][ T4689] bridge_slave_0: left allmulticast mode
[  516.215535][ T4689] bridge_slave_0: left promiscuous mode
[  516.222238][ T4689] bridge0: port 1(bridge_slave_0) entered disabled state
[  516.532131][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  516.883444][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  516.896886][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  516.923050][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  516.960997][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  517.017438][ T4689] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  517.080915][ T4689] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  517.137299][ T4689] bond0 (unregistering): Released all slaves
[  517.369181][ T7189] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  517.378482][ T7189] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  517.387754][ T7189] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  517.396928][ T7189] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  517.426532][ T7364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  517.514802][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  517.559724][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  517.875990][ T7364] team0: Port device team_slave_0 added
[  518.027513][ T7364] team0: Port device team_slave_1 added
[  518.358901][ T4689] hsr_slave_0: left promiscuous mode
[  518.379846][ T4689] hsr_slave_1: left promiscuous mode
[  518.389680][ T4689] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  518.397659][ T4689] batman_adv: batadv0: Removing interface: batadv_slave_0
[  518.418109][ T4689] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  518.426016][ T4689] batman_adv: batadv0: Removing interface: batadv_slave_1
[  518.503280][ T4689] veth1_macvtap: left promiscuous mode
[  518.509069][ T4689] veth0_macvtap: left promiscuous mode
[  518.515121][ T4689] veth1_vlan: left promiscuous mode
[  518.520672][ T4689] veth0_vlan: left promiscuous mode
[  519.380667][ T4689] team0 (unregistering): Port device team_slave_1 removed
[  519.485853][ T4689] team0 (unregistering): Port device team_slave_0 removed
[  520.078499][ T7364] batman_adv: batadv0: Adding interface: batadv_slave_0
[  520.085860][ T7364] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  520.112679][ T7364] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  520.289859][ T7364] batman_adv: batadv0: Adding interface: batadv_slave_1
[  520.297886][ T7364] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  520.327116][ T7364] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  520.467498][ T7325] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  520.584833][ T7325] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  520.675935][ T7325] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  520.745300][ T7325] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  521.340487][ T7364] hsr_slave_0: entered promiscuous mode
[  521.524343][ T7364] hsr_slave_1: entered promiscuous mode
[  521.612783][ T7364] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  521.620976][ T7364] Cannot create hsr debugfs directory
[  521.992736][ T7441] can0: slcan on ptm0.
[  522.822678][ T7434] can0 (unregistered): slcan off ptm0.
[  524.126564][ T7447] veth0_vlan: entered allmulticast mode
[  524.509108][ T7451] ªªªªªª: renamed from vlan0
[  524.646088][ T7325] 8021q: adding VLAN 0 to HW filter on device bond0
[  524.704627][ T7325] 8021q: adding VLAN 0 to HW filter on device team0
[  524.744249][   T34] bridge0: port 1(bridge_slave_0) entered blocking state
[  524.751926][   T34] bridge0: port 1(bridge_slave_0) entered forwarding state
[  524.768250][   T34] bridge0: port 2(bridge_slave_1) entered blocking state
[  524.776071][   T34] bridge0: port 2(bridge_slave_1) entered forwarding state
[  525.454839][ T7325] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  525.936643][ T7364] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  526.033677][ T7364] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  526.146506][ T7364] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  526.254348][ T7364] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  526.413914][ T7467] netlink: 'syz.7.311': attribute type 2 has an invalid length.
[  526.421840][ T7467] netlink: 'syz.7.311': attribute type 2 has an invalid length.
[  526.429982][ T7467] netlink: 'syz.7.311': attribute type 1 has an invalid length.
[  526.971095][ T7473] netlink: 'syz.7.312': attribute type 29 has an invalid length.
[  526.987634][ T7473] netlink: 'syz.7.312': attribute type 29 has an invalid length.
[  526.999613][ T7473] netlink: 'syz.7.312': attribute type 29 has an invalid length.
[  527.013544][ T7473] netlink: 'syz.7.312': attribute type 29 has an invalid length.
[  527.511736][ T7477] netlink: 'syz.7.313': attribute type 10 has an invalid length.
[  527.569638][ T7477] 8021q: adding VLAN 0 to HW filter on device bond0
[  527.583760][ T7477] team0: Port device bond0 added
[  527.670956][ T7325] 8021q: adding VLAN 0 to HW filter on device batadv0
[  528.097818][ T7364] 8021q: adding VLAN 0 to HW filter on device bond0
[  528.317407][ T7364] 8021q: adding VLAN 0 to HW filter on device team0
[  528.380942][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  528.388893][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  528.400982][ T7486] netlink: 'syz.5.316': attribute type 29 has an invalid length.
[  528.484603][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  528.492589][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  528.657686][ T7489] netlink: 'syz.5.316': attribute type 29 has an invalid length.
[  529.397612][ T4689] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  529.406905][ T4689] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  529.543174][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  529.543259][   T29] audit: type=1326 audit(1731996329.615:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  529.572870][   T29] audit: type=1326 audit(1731996329.645:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  529.595564][   T29] audit: type=1326 audit(1731996329.645:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  529.618332][   T29] audit: type=1326 audit(1731996329.655:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  529.641890][   T29] audit: type=1326 audit(1731996329.655:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  529.665121][   T29] audit: type=1326 audit(1731996329.655:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  529.688119][   T29] audit: type=1326 audit(1731996329.655:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  529.710974][   T29] audit: type=1326 audit(1731996329.815:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  529.913818][ T4689] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  529.921923][ T4689] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  529.934070][   T29] audit: type=1326 audit(1731996329.865:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  529.961775][   T29] audit: type=1326 audit(1731996329.865:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.5.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  530.690131][ T7325] veth0_vlan: entered promiscuous mode
[  530.759921][ T7325] veth1_vlan: entered promiscuous mode
[  530.978749][ T7325] veth0_macvtap: entered promiscuous mode
[  531.085821][ T7325] veth1_macvtap: entered promiscuous mode
[  531.189096][ T7364] 8021q: adding VLAN 0 to HW filter on device batadv0
[  531.403625][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  531.416609][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  531.428312][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  531.439183][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  531.449466][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  531.464813][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  531.482369][ T7325] batman_adv: batadv0: Interface activated: batadv_slave_0
[  531.869749][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  531.880670][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  531.892325][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  531.903518][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  531.913722][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  531.924464][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  531.946614][ T7325] batman_adv: batadv0: Interface activated: batadv_slave_1
[  532.283987][ T7325] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  532.293312][ T7325] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  532.303855][ T7325] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  532.313388][ T7325] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  534.521062][ T7364] veth0_vlan: entered promiscuous mode
[  534.668049][ T7364] veth1_vlan: entered promiscuous mode
[  535.275958][ T7364] veth0_macvtap: entered promiscuous mode
[  535.302844][ T7364] veth1_macvtap: entered promiscuous mode
[  535.403143][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.416128][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.426760][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.437579][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.447770][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.458567][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.469770][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  535.481670][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.491860][ T7568] Illegal XDP return value 4294967282 on prog  (id 131) dev N/A, expect packet loss!
[  535.507481][ T7364] batman_adv: batadv0: Interface activated: batadv_slave_0
[  535.720848][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  535.731682][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.743396][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  535.755331][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.765609][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  535.776438][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.791574][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  535.803972][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  535.829763][ T7364] batman_adv: batadv0: Interface activated: batadv_slave_1
[  535.970361][ T7364] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  535.979660][ T7364] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  535.996906][ T7364] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  536.007761][ T7364] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  536.503567][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  536.510331][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  537.765736][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  537.765821][   T29] audit: type=1326 audit(1731996337.895:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.5.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  537.892426][   T29] audit: type=1326 audit(1731996337.975:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.5.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  537.915770][   T29] audit: type=1326 audit(1731996338.005:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.5.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  537.939780][   T29] audit: type=1326 audit(1731996338.005:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.5.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  537.963077][   T29] audit: type=1326 audit(1731996338.015:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.5.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  537.986124][   T29] audit: type=1326 audit(1731996338.015:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.5.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  538.008991][   T29] audit: type=1326 audit(1731996338.015:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.5.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  538.031639][   T29] audit: type=1326 audit(1731996338.065:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.5.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  538.055085][   T29] audit: type=1326 audit(1731996338.065:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.5.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  538.078445][   T29] audit: type=1326 audit(1731996338.065:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.5.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504977e759 code=0x7ffc0000
[  538.420148][ T7603] validate_nla: 2 callbacks suppressed
[  538.420226][ T7603] netlink: 'syz.7.343': attribute type 29 has an invalid length.
[  538.476631][ T7604] netlink: 'syz.7.343': attribute type 29 has an invalid length.
[  538.521101][ T7606] netlink: 'syz.7.343': attribute type 29 has an invalid length.
[  538.577241][ T7603] netlink: 'syz.7.343': attribute type 29 has an invalid length.
[  538.657946][ T7603] netlink: 'syz.7.343': attribute type 29 has an invalid length.
[  538.703865][ T7604] netlink: 'syz.7.343': attribute type 29 has an invalid length.
[  539.731879][ T7623] syzkaller0: entered promiscuous mode
[  539.740371][ T7623] syzkaller0: entered allmulticast mode
[  540.583258][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  540.591369][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  540.683589][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  540.691683][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  542.062966][ T7653] syzkaller0: tun_chr_ioctl cmd 1074812118
[  543.653895][ T5801] Bluetooth: hci2: command 0x0406 tx timeout
[  543.691301][ T7682] netlink: 'syz.9.362': attribute type 10 has an invalid length.
[  543.931817][ T7682] batman_adv: batadv0: Adding interface: team0
[  543.938467][ T7682] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  543.964251][ T7682] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  544.192968][ T7683] netlink: 'syz.9.362': attribute type 10 has an invalid length.
[  544.200967][ T7683] netlink: 2 bytes leftover after parsing attributes in process `syz.9.362'.
[  544.210496][ T7683] team0: entered promiscuous mode
[  544.215947][ T7683] team_slave_0: entered promiscuous mode
[  544.223038][ T7683] team_slave_1: entered promiscuous mode
[  544.236882][ T7683] 8021q: adding VLAN 0 to HW filter on device team0
[  544.245058][ T7683] batman_adv: batadv0: Interface activated: team0
[  544.251902][ T7683] batman_adv: batadv0: Interface deactivated: team0
[  544.258953][ T7683] batman_adv: batadv0: Removing interface: team0
[  544.393932][ T7683] bridge0: port 3(team0) entered blocking state
[  544.400912][ T7683] bridge0: port 3(team0) entered disabled state
[  544.408168][ T7683] team0: entered allmulticast mode
[  544.413805][ T7683] team_slave_0: entered allmulticast mode
[  544.419790][ T7683] team_slave_1: entered allmulticast mode
[  544.434167][ T7683] bridge0: port 3(team0) entered blocking state
[  544.441120][ T7683] bridge0: port 3(team0) entered forwarding state
[  544.548260][ T7696] netlink: 'syz.8.364': attribute type 29 has an invalid length.
[  544.576427][ T7696] netlink: 'syz.8.364': attribute type 29 has an invalid length.
[  544.624944][ T7696] netlink: 'syz.8.364': attribute type 29 has an invalid length.
[  544.667672][ T7696] netlink: 'syz.8.364': attribute type 29 has an invalid length.
[  544.833354][ T7698] netlink: 'syz.8.364': attribute type 29 has an invalid length.
[  544.885052][ T7696] netlink: 'syz.8.364': attribute type 29 has an invalid length.
[  544.949332][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  544.949433][   T29] audit: type=1326 audit(1731996345.075:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.7.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  544.979222][   T29] audit: type=1326 audit(1731996345.075:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.7.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  545.004026][   T29] audit: type=1326 audit(1731996345.105:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.7.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  545.262581][   T29] audit: type=1326 audit(1731996345.175:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.7.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  545.285905][   T29] audit: type=1326 audit(1731996345.175:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.7.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  545.310348][   T29] audit: type=1326 audit(1731996345.175:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.7.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  545.333625][   T29] audit: type=1326 audit(1731996345.175:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.7.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  545.356708][   T29] audit: type=1326 audit(1731996345.195:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.7.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  545.383409][   T29] audit: type=1326 audit(1731996345.195:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.7.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  545.411782][   T29] audit: type=1326 audit(1731996345.205:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.7.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=102 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  545.676150][ T3683] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  545.684439][ T3683] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  545.892382][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  545.900477][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  550.645657][ T7782] netlink: 'syz.7.393': attribute type 21 has an invalid length.
[  551.389273][   T29] kauditd_printk_skb: 45 callbacks suppressed
[  551.389361][   T29] audit: type=1326 audit(1731996351.515:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.9.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f473257e759 code=0x7ffc0000
[  551.610113][   T29] audit: type=1326 audit(1731996351.615:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.9.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f473257e759 code=0x7ffc0000
[  551.633119][   T29] audit: type=1326 audit(1731996351.735:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.9.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f473257e759 code=0x7ffc0000
[  551.906822][   T29] audit: type=1326 audit(1731996351.805:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.9.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f473257e759 code=0x7ffc0000
[  551.931081][   T29] audit: type=1326 audit(1731996351.805:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.9.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f473257e759 code=0x7ffc0000
[  551.953982][   T29] audit: type=1326 audit(1731996351.815:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.9.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=102 compat=0 ip=0x7f473257e759 code=0x7ffc0000
[  551.979264][   T29] audit: type=1326 audit(1731996351.815:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.9.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f473257e759 code=0x7ffc0000
[  552.002885][   T29] audit: type=1326 audit(1731996351.845:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.9.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f473257e759 code=0x7ffc0000
[  552.026127][   T29] audit: type=1326 audit(1731996351.845:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.9.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f473257e759 code=0x7ffc0000
[  552.048918][   T29] audit: type=1326 audit(1731996351.885:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.9.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f473257e759 code=0x7ffc0000
[  552.431944][ T7804] netlink: 'syz.7.401': attribute type 1 has an invalid length.
[  552.440132][ T7804] netlink: 105120 bytes leftover after parsing attributes in process `syz.7.401'.
[  557.272964][   T29] kauditd_printk_skb: 44 callbacks suppressed
[  557.273047][   T29] audit: type=1326 audit(1731996357.375:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.4.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb79d7e759 code=0x7ffc0000
[  557.446698][   T29] audit: type=1326 audit(1731996357.455:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.4.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb79d7e759 code=0x7ffc0000
[  557.469641][   T29] audit: type=1326 audit(1731996357.455:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.4.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb79d7e759 code=0x7ffc0000
[  557.495487][   T29] audit: type=1326 audit(1731996357.455:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.4.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb79d7e759 code=0x7ffc0000
[  557.518975][   T29] audit: type=1326 audit(1731996357.475:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.4.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb79d7e759 code=0x7ffc0000
[  557.541948][   T29] audit: type=1326 audit(1731996357.475:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.4.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb79d7e759 code=0x7ffc0000
[  557.565070][   T29] audit: type=1326 audit(1731996357.485:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.4.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb79d7e759 code=0x7ffc0000
[  557.591224][   T29] audit: type=1326 audit(1731996357.505:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.4.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb79d7e759 code=0x7ffc0000
[  557.621682][   T29] audit: type=1326 audit(1731996357.505:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.4.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb79d7e759 code=0x7ffc0000
[  557.645261][   T29] audit: type=1326 audit(1731996357.535:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.4.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb79d7e759 code=0x7ffc0000
[  558.450811][ T7905] loop8: detected capacity change from 0 to 128
[  558.573093][ T7905] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  558.702396][ T7905] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  559.005089][ T7915] syzkaller0: entered promiscuous mode
[  559.010861][ T7915] syzkaller0: entered allmulticast mode
[  559.050708][ T7910] pim6reg1: entered promiscuous mode
[  559.057180][ T7910] pim6reg1: entered allmulticast mode
[  559.662819][ T7189] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  560.493538][ T7940] netlink: 'syz.4.447': attribute type 11 has an invalid length.
[  562.385146][ T7966] loop5: detected capacity change from 0 to 128
[  562.552610][ T7966] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  562.621106][ T7966] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  562.831795][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  562.831874][   T29] audit: type=1326 audit(1731996362.955:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7979 comm="syz.8.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43037e759 code=0x7ffc0000
[  563.013070][   T29] audit: type=1326 audit(1731996363.055:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7979 comm="syz.8.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43037e759 code=0x7ffc0000
[  563.041188][   T29] audit: type=1326 audit(1731996363.085:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7979 comm="syz.8.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb43037e759 code=0x7ffc0000
[  563.065562][   T29] audit: type=1326 audit(1731996363.125:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7979 comm="syz.8.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43037e759 code=0x7ffc0000
[  563.088446][   T29] audit: type=1326 audit(1731996363.125:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7979 comm="syz.8.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43037e759 code=0x7ffc0000
[  563.375837][   T29] audit: type=1326 audit(1731996363.275:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7979 comm="syz.8.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb43037e759 code=0x7ffc0000
[  563.398842][   T29] audit: type=1326 audit(1731996363.275:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7979 comm="syz.8.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43037e759 code=0x7ffc0000
[  563.423340][   T29] audit: type=1326 audit(1731996363.275:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7979 comm="syz.8.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43037e759 code=0x7ffc0000
[  563.449608][   T29] audit: type=1326 audit(1731996363.285:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7979 comm="syz.8.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb43037e759 code=0x7ffc0000
[  563.475800][   T29] audit: type=1326 audit(1731996363.295:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7979 comm="syz.8.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb43037e759 code=0x7ffc0000
[  563.614053][ T6763] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  563.852945][ T5852] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  563.999958][ T7993] netlink: 44 bytes leftover after parsing attributes in process `syz.5.461'.
[  564.009448][ T7993] veth0_to_bond: entered allmulticast mode
[  564.018146][ T7993] netlink: 'syz.5.461': attribute type 2 has an invalid length.
[  564.026279][ T7993] netlink: 4 bytes leftover after parsing attributes in process `syz.5.461'.
[  564.094916][ T5852] usb 10-1: too many endpoints for config 0 interface 0 altsetting 255: 66, using maximum allowed: 30
[  564.106478][ T5852] usb 10-1: config 0 interface 0 altsetting 255 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  564.118081][ T5852] usb 10-1: config 0 interface 0 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 66
[  564.131849][ T5852] usb 10-1: config 0 interface 0 has no altsetting 0
[  564.144965][ T5852] usb 10-1: New USB device found, idVendor=05ac, idProduct=0218, bcdDevice= 0.00
[  564.156907][ T5852] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.314956][ T5852] usb 10-1: config 0 descriptor??
[  564.646295][ T8002] mkiss: ax0: crc mode is auto.
[  564.652347][ T5852] usb 10-1: string descriptor 0 read error: -71
[  564.727828][ T5852] appletouch 10-1:0.0: Failed to read mode from device.
[  564.736091][ T5852] appletouch 10-1:0.0: probe with driver appletouch failed with error -5
[  564.803205][ T5852] usb 10-1: USB disconnect, device number 2
[  567.252307][ T8029] loop4: detected capacity change from 0 to 128
[  567.333870][ T8029] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  567.446317][ T8029] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  568.231532][   T29] kauditd_printk_skb: 9 callbacks suppressed
[  568.231610][   T29] audit: type=1326 audit(1731996368.355:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.7.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  568.263642][   T29] audit: type=1326 audit(1731996368.355:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.7.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  568.287285][   T29] audit: type=1326 audit(1731996368.395:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.7.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  568.419572][ T7364] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  568.471020][   T29] audit: type=1326 audit(1731996368.455:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.7.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  568.494590][   T29] audit: type=1326 audit(1731996368.485:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.7.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  568.517505][   T29] audit: type=1326 audit(1731996368.485:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.7.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  568.540229][   T29] audit: type=1326 audit(1731996368.505:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.7.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  568.567479][   T29] audit: type=1326 audit(1731996368.505:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.7.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  568.591642][   T29] audit: type=1326 audit(1731996368.505:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.7.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  568.614344][   T29] audit: type=1326 audit(1731996368.515:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.7.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6119b7e759 code=0x7ffc0000
[  572.455791][ T8075] loop4: detected capacity change from 0 to 128
[  572.638681][ T8075] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  572.836023][ T8075] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  574.311407][ T7364] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  580.483959][ T8172] netlink: 4 bytes leftover after parsing attributes in process `syz.7.507'.
[  582.054230][ T5810] =====================================================
[  582.061475][ T5810] BUG: KMSAN: uninit-value in hci_rx_work+0x10a8/0x1130
[  582.071382][ T5810]  hci_rx_work+0x10a8/0x1130
[  582.077077][ T5810]  process_scheduled_works+0xae0/0x1c40
[  582.083071][ T5810]  worker_thread+0xea7/0x14f0
[  582.087967][ T5810]  kthread+0x3e2/0x540
[  582.092366][ T5810]  ret_from_fork+0x6d/0x90
[  582.096995][ T5810]  ret_from_fork_asm+0x1a/0x30
[  582.102090][ T5810] 
[  582.104523][ T5810] Uninit was created at:
[  582.109618][ T5810]  kmem_cache_alloc_node_noprof+0x6bf/0xb80
[  582.116101][ T5810]  kmalloc_reserve+0x13d/0x4a0
[  582.121090][ T5810]  __alloc_skb+0x363/0x7b0
[  582.125786][ T5810]  vhci_write+0x127/0x900
[  582.130385][ T5810]  vfs_write+0xb2b/0x1540
[  582.135069][ T5810]  ksys_write+0x240/0x4b0
[  582.139649][ T5810]  __x64_sys_write+0x93/0xe0
[  582.144767][ T5810]  x64_sys_call+0x3161/0x3c30
[  582.149691][ T5810]  do_syscall_64+0xcd/0x1e0
[  582.156105][ T5810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.162396][ T5810] 
[  582.164870][ T5810] CPU: 1 UID: 0 PID: 5810 Comm: kworker/u9:10 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0
[  582.178290][ T5810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  582.189513][ T5810] Workqueue: hci2 hci_rx_work
[  582.194525][ T5810] =====================================================
[  582.201593][ T5810] Disabling lock debugging due to kernel taint
[  582.208053][ T5810] Kernel panic - not syncing: kmsan.panic set ...
[  582.214638][ T5810] CPU: 1 UID: 0 PID: 5810 Comm: kworker/u9:10 Tainted: G    B              6.12.0-syzkaller-00239-gc6d64479d609 #0
[  582.226976][ T5810] Tainted: [B]=BAD_PAGE
[  582.231273][ T5810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  582.241534][ T5810] Workqueue: hci2 hci_rx_work
[  582.246432][ T5810] Call Trace:
[  582.249844][ T5810]  <TASK>
[  582.252917][ T5810]  dump_stack_lvl+0x216/0x2d0
[  582.257866][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  582.263895][ T5810]  dump_stack+0x1e/0x30
[  582.268299][ T5810]  panic+0x4e2/0xcf0
[  582.272445][ T5810]  ? kmsan_get_metadata+0x111/0x1c0
[  582.277887][ T5810]  kmsan_report+0x2c7/0x2d0
[  582.282589][ T5810]  ? kmsan_get_metadata+0x13e/0x1c0
[  582.287975][ T5810]  ? __msan_warning+0x95/0x120
[  582.292960][ T5810]  ? hci_rx_work+0x10a8/0x1130
[  582.297910][ T5810]  ? process_scheduled_works+0xae0/0x1c40
[  582.303841][ T5810]  ? worker_thread+0xea7/0x14f0
[  582.308913][ T5810]  ? kthread+0x3e2/0x540
[  582.313379][ T5810]  ? ret_from_fork+0x6d/0x90
[  582.318139][ T5810]  ? ret_from_fork_asm+0x1a/0x30
[  582.323309][ T5810]  ? filter_irq_stacks+0x60/0x1a0
[  582.328556][ T5810]  ? kmsan_get_metadata+0x13e/0x1c0
[  582.333939][ T5810]  ? kmsan_get_metadata+0x13e/0x1c0
[  582.339306][ T5810]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  582.345955][ T5810]  ? kmsan_get_metadata+0x13e/0x1c0
[  582.351349][ T5810]  ? kmsan_get_metadata+0x13e/0x1c0
[  582.356749][ T5810]  ? kmsan_get_metadata+0x13e/0x1c0
[  582.362145][ T5810]  ? kmsan_get_metadata+0x13e/0x1c0
[  582.367551][ T5810]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  582.374129][ T5810]  ? kmsan_get_metadata+0x13e/0x1c0
[  582.379548][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  582.385561][ T5810]  __msan_warning+0x95/0x120
[  582.390359][ T5810]  hci_rx_work+0x10a8/0x1130
[  582.395125][ T5810]  ? __pfx_hci_rx_work+0x10/0x10
[  582.400219][ T5810]  process_scheduled_works+0xae0/0x1c40
[  582.406012][ T5810]  worker_thread+0xea7/0x14f0
[  582.410899][ T5810]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  582.416909][ T5810]  kthread+0x3e2/0x540
[  582.421177][ T5810]  ? __pfx_worker_thread+0x10/0x10
[  582.426499][ T5810]  ? __pfx_kthread+0x10/0x10
[  582.431326][ T5810]  ret_from_fork+0x6d/0x90
[  582.435914][ T5810]  ? __pfx_kthread+0x10/0x10
[  582.440728][ T5810]  ret_from_fork_asm+0x1a/0x30
[  582.445757][ T5810]  </TASK>
[  582.449244][ T5810] Kernel Offset: disabled
[  582.453674][ T5810] Rebooting in 86400 seconds..