last executing test programs:

2m0.349201129s ago: executing program 0 (id=874):
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_int(r3, 0x0, 0x33, 0x0, 0x0)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0x14)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x4000172, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1000008)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)

1m59.133910755s ago: executing program 0 (id=875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1m58.925503003s ago: executing program 0 (id=876):
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000013ecf1021c79ab98b2cc9ac6fb3bfd5489d20c46398f38d095d5f115b74e304d5579a154bfe758abfb08cbe6f2a7a36b0fe24e73fa4a71bf00c4e12a958625dfb03872876952a807716ed537b0ef5c6283c97562c43b910db3c764cdf88c1a01a543d1c5aed79a036f46254973d5d6d2de1c6763f1d5143d9f98bbb928d5b7ecae85dcb2a90e1cb67d84beb675f907a3c09bca69f8bf5e0c115060c7aa24bc1d17a28999ac0000000000000000000000beadd1fa6a28fe199c0065343c20bb075d24c34515e5d94a0cc96aeceff696af05b1dd0600986a34d78ccce27214634c1dbde0845d3c6f9e3a54338fcac7effbaec144fb8ceee7dc7d7ce39b28cd773d628c85704832691f3c924f1fabc3d0f2bf0cbfda3093e1accfd272dd7cbcaf9c7fb3baf6fecd9e1ccf7cff159e269416af"], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000540), 0x0, 0x7a, &(0x7f0000000580), 0x0, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0x93, 0x8, 0x8, &(0x7f0000000640)}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000800)={0xbf, <r1=>0x0}, 0x8)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='rdma.current\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x7, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r6, 0x28, 0xfff7fffc, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
lseek(r7, 0xc6c3, 0x0)

1m57.718590109s ago: executing program 0 (id=879):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
brk(0x55555ede6001)
syz_pidfd_open(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x82)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)

1m56.491738305s ago: executing program 0 (id=892):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={<r0=>0xffffffffffffffff, 0x9, 0x2, 0x20e1})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000004000000010000000000000020000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYBLOB="8515b4", @ANYRESHEX=r0, @ANYBLOB='\x00'/28], 0x50)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r1, 0x0, 0x13, 0x0, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x9461a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000a79324f52ae0000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ad1a901804441b9c34a7c6238888c9a9ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb250ae41887603b92495"], &(0x7f0000000040)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0)
preadv(r5, &(0x7f0000003540)=[{&(0x7f0000000180)=""/76, 0x4c}], 0x1, 0xfffffffe, 0xd)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x2, 0x300, 0x8000, 0xe}, 0x9c)
r7 = socket$inet(0x2, 0x6, 0x0)
recvmmsg(r7, &(0x7f00000066c0), 0xa0d, 0xf0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)

1m55.925198472s ago: executing program 0 (id=887):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$ARCH_GET_FS(0x1e, r0, 0x0, 0x1003)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timerfd_create(0x8, 0x80800)
r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0xd7, 0x0)
mmap$usbfs(&(0x7f0000ff6000/0x3000)=nil, 0x3000, 0x0, 0x13, r4, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000080)={0x0, 0x700, &(0x7f0000000200)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x9, 0x2}, 0x10}, 0x1, 0xfdffffff}, 0x4008810)
flistxattr(r2, 0x0, 0x0)
munmap(&(0x7f0000ff6000/0x3000)=nil, 0x3000)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
memfd_create(&(0x7f0000000040)=').\'\'.\\\x00', 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1m53.989372806s ago: executing program 32 (id=887):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$ARCH_GET_FS(0x1e, r0, 0x0, 0x1003)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timerfd_create(0x8, 0x80800)
r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0xd7, 0x0)
mmap$usbfs(&(0x7f0000ff6000/0x3000)=nil, 0x3000, 0x0, 0x13, r4, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000080)={0x0, 0x700, &(0x7f0000000200)={&(0x7f0000000380)={0x2, 0x9, 0x0, 0x9, 0x2}, 0x10}, 0x1, 0xfdffffff}, 0x4008810)
flistxattr(r2, 0x0, 0x0)
munmap(&(0x7f0000ff6000/0x3000)=nil, 0x3000)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
memfd_create(&(0x7f0000000040)=').\'\'.\\\x00', 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

14.594287347s ago: executing program 4 (id=1158):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0xb, 0xfffffffffffffff8}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
semget$private(0x0, 0x4000000009, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/igmp\x00')
pread64(r1, &(0x7f0000000180)=""/15, 0xfffffe9c, 0x358)

13.348603062s ago: executing program 4 (id=1166):
r0 = gettid()
sched_setscheduler(r0, 0x1, &(0x7f0000000000)=0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0xe)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket(0x200000000000011, 0x2, 0x0)
getpid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$dri(0x0, 0x534, 0x14000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)={0x1c, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_ABORT_SCAN(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="379500000000000000007200000008000300", @ANYRES32=r6], 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000070000008500000021000000b70000000000000095"], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

10.3022059s ago: executing program 4 (id=1179):
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x8}, 0x1c)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$sock_proto_private(r1, 0x8b20, &(0x7f0000000080))
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shmget$private(0x0, 0x1000, 0x0, &(0x7f00008f0000/0x1000)=nil)
shmctl$SHM_LOCK(0x0, 0xb)
shmctl$SHM_UNLOCK(0x0, 0xc)
syz_open_dev$video(&(0x7f0000000000), 0x2fed, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x2c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x2c}}, 0x0)

9.129390856s ago: executing program 5 (id=1183):
r0 = syz_open_dev$sndctrl(&(0x7f0000000140), 0xf, 0x30041)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000180)={{0x7, 0x5, 0x200000, 0xa, 'syz0\x00', 0x8001}, 0x1, [0xffffffffffffffff, 0xfffffffffffffffa, 0x1, 0xffffffff, 0x4fa, 0xffffffff, 0x8000000000000000, 0x8, 0xd9, 0x0, 0xffc00000, 0x8, 0x8000, 0x4, 0x3, 0x6, 0xffffffffffff7fff, 0x7, 0x4, 0x8, 0xeb, 0xfff, 0x5, 0x8, 0x8, 0x6, 0x8, 0x7, 0x8, 0x0, 0x0, 0xffffffff, 0x1, 0xfffffffffffffffb, 0x2, 0x9, 0x5, 0x3, 0x2, 0x8, 0x2, 0xe, 0xfffffffffffffffa, 0xa, 0x3, 0x3, 0x9, 0xb, 0xa00, 0x0, 0x1, 0xfffffffffffffffe, 0x1, 0x9, 0x306e, 0xb, 0x64, 0x8e, 0x7, 0xff, 0x7fcd, 0x0, 0x9, 0xffffffffffffffff, 0x2, 0x0, 0x2, 0x7fffffff, 0x0, 0x1, 0x81, 0xffff, 0xc50c, 0x81, 0x80000000, 0x1, 0x5, 0x9, 0xc470, 0xc769, 0x80000000, 0x2, 0x1, 0x9, 0xffffffff, 0x4, 0xcdcd, 0xffc, 0x4, 0x3, 0xfffffffffffffffb, 0x8000000, 0x9, 0x8001, 0x2, 0x8000000000000000, 0x6, 0x8, 0xffffffffffffffed, 0x2, 0x0, 0x2, 0xd, 0x7, 0xfffffffffffff801, 0x5, 0xbef, 0x1, 0x1, 0x2, 0x80000001, 0x2, 0x9, 0x75ee, 0x80, 0x8, 0x5b, 0xfffffffffffffff9, 0x9, 0x5000000, 0xf, 0x0, 0x7, 0xffffffffffffffff, 0x33ea, 0x167b, 0x9, 0x101]})
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r1, &(0x7f0000001600)=""/233, 0xe9)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x68a140, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x14d002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x80000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x18, 0x0, 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r6, &(0x7f00000002c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x10, 0x3, 0x0)

9.019677125s ago: executing program 4 (id=1185):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, 0x0, 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000280)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x15, 0x2, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0xffffffff}, @exp_smc={0xfe, 0x6}, @exp_fastopen={0xfe, 0xf, 0xf989, "9fca59893b5031248415bc"}, @timestamp={0x8, 0xa, 0x200, 0x9}, @sack={0x5, 0xa, [0x2, 0x2]}, @exp_fastopen={0xfe, 0x9, 0xf989, "43ecdca921"}, @fastopen={0x22, 0x2}]}}}}}}}, 0x0)

8.813231785s ago: executing program 3 (id=1186):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_CLAIM_PORT(r0, 0x80045518, 0x0)

8.551629033s ago: executing program 2 (id=1187):
set_mempolicy(0x4005, &(0x7f0000000080)=0x7, 0x2)
syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
accept(r1, &(0x7f0000000180)=@hci, &(0x7f0000000280)=0x80)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$pokeuser(0x6, r3, 0x0, 0xfffffffffffffffe)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000002c0)=0x2, 0x4)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
futex(0x0, 0x6, 0x0, 0x0, 0x0, 0x0)

6.598370346s ago: executing program 5 (id=1188):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x200}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$loop(0x0, 0x207, 0x161a81)
r2 = memfd_create(&(0x7f0000000840)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdc\xc0*rw[\r\x98\xf6\xd3\xbf\xa1\xcf\x8e\xc2\x8c\f\xee}g\xfe\xae\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\x01\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x1f\x88Z0\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdf\x00\x10\x00\x00\x00\x00\x00\x00\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k\xce\xbc\x0e#\x89\x96n8\xc5\xefo\xb8\x8f]\xf1\xe0;)I\xc5\xb0\x01\xdb\x99S\xc1\x02z\xa7\x19 \xe8/rH\xfd\x9e-\xf8\x83<\x1c\x89\xf6%\xde\x16(\xbc\xdd\xf4\xe3F\x91\x91\x10\xbc\x87q\x8a\x12\x04\xb1W\xc9(\x13wU\x1eT\xd4}`n\xaau\x03\xd9,\x01\xef\x98Y\xf4nE%?@D\xa4?\x8dq}=\xae#sZ\xe6W^\xc5\xb0ur\xe5\xe3\xe9\x82\x80', 0x0)
pwritev(r2, &(0x7f0000000180)=[{&(0x7f00000002c0)="01", 0x1}], 0x1, 0xd34, 0x9)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x2, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f0000000180)={[{@subsystem='hugetlb'}, {@cpuset_v2_mode}, {@subsystem='cpuacct'}]})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = request_key(&(0x7f0000000240)='encrypted\x00', &(0x7f0000000280)={'syz', 0x2}, &(0x7f0000000400)='-\x00', 0xfffffffffffffffc)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000440)={r5, 0x35, 0x32}, &(0x7f0000000480)={'enc=', 'raw', ' hash=', {'cmac(camellia-asm)\x00'}}, &(0x7f0000000500)="00dc57cb612b6320ba578257c93921e60304551bf1c07fc28bd3c31638b54bedd5caacf835a20fa77c0882a81de29da028065bc88f", &(0x7f0000000540)=""/50)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in6=@empty, @in6=@remote, @in6=@local, @in6=@empty, 0x0, 0x0, 0x0, 0x3506, 0x2}]}]}, 0xa0}}, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
r7 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r2, 0x0, 0x24002de8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r0}, 0x10)

6.597994146s ago: executing program 1 (id=1189):
unshare(0x24020400)
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f00000000c0)=@abs={0x1}, 0x6e)
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)

6.469121326s ago: executing program 2 (id=1190):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000003e0a0000000000002d000000000000007404000001ed0a00250000001700000007040000000000007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184a0b139d8d4209c8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d876e42f2429d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e58"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$CEC_G_MODE(0xffffffffffffffff, 0x80046108, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000100)={0x9, "5660359c3245d1c42317afad7d48ed51000000000000000100", <r5=>0xffffffffffffffff})
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000100))
epoll_pwait2(r6, &(0x7f0000000340)=[{}], 0x1, 0x0, 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f00000001c0)={0x80000, "340b7832ceefdad118cf501922d6974a270000c50f0000002ddc7d00", <r7=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r5, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r7})
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x3f00}, @TCA_CTINFO_ACT={0x18}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)

6.434975776s ago: executing program 3 (id=1191):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)

6.375706615s ago: executing program 4 (id=1192):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x2)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000480)={{0x1, 0x1, 0x1, 0x0, 0xfffffffe}})

5.779309213s ago: executing program 1 (id=1193):
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={&(0x7f0000000100)=@in6={0xa, 0xfffd, 0x100, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1b}}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000001d80)='~', 0x1}], 0x1, &(0x7f0000000300)=[{0x18, 0x84, 0x0, 'b'}], 0x18}, 0x41)

4.411516578s ago: executing program 3 (id=1194):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0xfc, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x9}, {0x0, 0xb}}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_flower={{0xb}, {0xb4, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_DST_MASK={0x14, 0x22, [0x0, 0xff, 0xff, 0xffffff00]}, @TCA_FLOWER_KEY_ENC_OPTS={0x74, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x24, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0xa}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0xbd}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xfe}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x10}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x24, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0xe}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0xb}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0xa5}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0xd}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x24, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x5f}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x40}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0xfc}]}]}, @TCA_FLOWER_KEY_PORT_SRC_MAX={0x6, 0x58, 0x4e21}, @TCA_FLOWER_KEY_UDP_SRC_MASK={0x6}, @TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}, @TCA_FLOWER_KEY_ICMPV6_TYPE_MASK={0x5}, @TCA_FLOWER_KEY_SCTP_DST_MASK={0x6}]}}]}, 0xfc}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

4.300960737s ago: executing program 2 (id=1195):
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x8}, 0x1c)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$sock_proto_private(r1, 0x8b20, &(0x7f0000000080))
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shmget$private(0x0, 0x1000, 0x0, &(0x7f00008f0000/0x1000)=nil)
shmctl$SHM_LOCK(0x0, 0xb)
shmctl$SHM_UNLOCK(0x0, 0xc)
syz_open_dev$video(&(0x7f0000000000), 0x2fed, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x2c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x2c}}, 0x0)

4.212874456s ago: executing program 4 (id=1196):
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

3.020189222s ago: executing program 1 (id=1197):
socket$netlink(0x10, 0x3, 0x10)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)}, 0x0)

3.019308252s ago: executing program 5 (id=1198):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000200)=0x4, 0x12)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f00000000c0)={0x1, 'ip6gretap0\x00', 0x4}, 0x18)

2.962705672s ago: executing program 3 (id=1199):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0xc, 0x80)
mkdir(0x0, 0x92)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x11, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x100}, [@call={0x85, 0x0, 0x0, 0x41}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}]}, &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=<r6=>0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7)
sendmsg$NFC_CMD_DEV_UP(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r8, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}]}, 0x1c}}, 0x0)
sendmsg$NFC_CMD_START_POLL(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r8, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}]}, 0x24}}, 0x0)

2.876779131s ago: executing program 2 (id=1200):
r0 = syz_open_dev$sndctrl(&(0x7f0000000140), 0xf, 0x30041)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000180)={{0x7, 0x5, 0x200000, 0xa, 'syz0\x00', 0x8001}, 0x1, [0xffffffffffffffff, 0xfffffffffffffffa, 0x1, 0xffffffff, 0x4fa, 0xffffffff, 0x8000000000000000, 0x8, 0xd9, 0x0, 0xffc00000, 0x8, 0x8000, 0x4, 0x3, 0x6, 0xffffffffffff7fff, 0x7, 0x4, 0x8, 0xeb, 0xfff, 0x5, 0x8, 0x8, 0x6, 0x8, 0x7, 0x8, 0x0, 0x0, 0xffffffff, 0x1, 0xfffffffffffffffb, 0x2, 0x9, 0x5, 0x3, 0x2, 0x8, 0x2, 0xe, 0xfffffffffffffffa, 0xa, 0x3, 0x3, 0x9, 0xb, 0xa00, 0x0, 0x1, 0xfffffffffffffffe, 0x1, 0x9, 0x306e, 0xb, 0x64, 0x8e, 0x7, 0xff, 0x7fcd, 0x0, 0x9, 0xffffffffffffffff, 0x2, 0x0, 0x2, 0x7fffffff, 0x0, 0x1, 0x81, 0xffff, 0xc50c, 0x81, 0x80000000, 0x1, 0x5, 0x9, 0xc470, 0xc769, 0x80000000, 0x2, 0x1, 0x9, 0xffffffff, 0x4, 0xcdcd, 0xffc, 0x4, 0x3, 0xfffffffffffffffb, 0x8000000, 0x9, 0x8001, 0x2, 0x8000000000000000, 0x6, 0x8, 0xffffffffffffffed, 0x2, 0x0, 0x2, 0xd, 0x7, 0xfffffffffffff801, 0x5, 0xbef, 0x1, 0x1, 0x2, 0x80000001, 0x2, 0x9, 0x75ee, 0x80, 0x8, 0x5b, 0xfffffffffffffff9, 0x9, 0x5000000, 0xf, 0x0, 0x7, 0xffffffffffffffff, 0x33ea, 0x167b, 0x9, 0x101]})
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r1, &(0x7f0000001600)=""/233, 0xe9)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x68a140, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x14d002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x80000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x18, 0x0, 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r6, &(0x7f00000002c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x10, 0x3, 0x0)

2.61903153s ago: executing program 5 (id=1201):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb0}}, 0x4)

2.56522527s ago: executing program 1 (id=1202):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, 0x0, 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000280)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x15, 0x2, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0xffffffff}, @exp_smc={0xfe, 0x6}, @exp_fastopen={0xfe, 0xf, 0xf989, "9fca59893b5031248415bc"}, @timestamp={0x8, 0xa, 0x200, 0x9}, @sack={0x5, 0xa, [0x2, 0x2]}, @exp_fastopen={0xfe, 0x9, 0xf989, "43ecdca921"}, @fastopen={0x22, 0x2}]}}}}}}}, 0x0)

1.614251727s ago: executing program 3 (id=1203):
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
mknod(0x0, 0x8001420, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x6d8c, 0x0, 0x1, 0x250}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x2000})
io_uring_enter(r5, 0x8aa, 0x0, 0x0, 0x0, 0x0)

1.062586985s ago: executing program 5 (id=1204):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)

1.061766485s ago: executing program 2 (id=1205):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x54}}, 0x0)

1.045419745s ago: executing program 1 (id=1206):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x2)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000480)={{0x1, 0x1, 0x1, 0x0, 0xfffffffe}})

125.094381ms ago: executing program 3 (id=1207):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000020c0)={0x2020}, 0x2020)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r4, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000002c0)=[{0x0, 0x1a000}], 0x1, 0x2a}}], 0x48}, 0x0)

124.635231ms ago: executing program 2 (id=1208):
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
read(r1, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000400)={0x131, @tick, 0x0, {0x4}})
tkill(r0, 0x7)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0xc0305302, &(0x7f0000000480))

76.941691ms ago: executing program 5 (id=1209):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x200}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$loop(0x0, 0x207, 0x161a81)
r2 = memfd_create(&(0x7f0000000840)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdc\xc0*rw[\r\x98\xf6\xd3\xbf\xa1\xcf\x8e\xc2\x8c\f\xee}g\xfe\xae\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\x01\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x1f\x88Z0\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdf\x00\x10\x00\x00\x00\x00\x00\x00\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k\xce\xbc\x0e#\x89\x96n8\xc5\xefo\xb8\x8f]\xf1\xe0;)I\xc5\xb0\x01\xdb\x99S\xc1\x02z\xa7\x19 \xe8/rH\xfd\x9e-\xf8\x83<\x1c\x89\xf6%\xde\x16(\xbc\xdd\xf4\xe3F\x91\x91\x10\xbc\x87q\x8a\x12\x04\xb1W\xc9(\x13wU\x1eT\xd4}`n\xaau\x03\xd9,\x01\xef\x98Y\xf4nE%?@D\xa4?\x8dq}=\xae#sZ\xe6W^\xc5\xb0ur\xe5\xe3\xe9\x82\x80', 0x0)
pwritev(r2, &(0x7f0000000180)=[{&(0x7f00000002c0)="01", 0x1}], 0x1, 0xd34, 0x9)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x2, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f0000000180)={[{@subsystem='hugetlb'}, {@cpuset_v2_mode}, {@subsystem='cpuacct'}]})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = request_key(&(0x7f0000000240)='encrypted\x00', &(0x7f0000000280)={'syz', 0x2}, &(0x7f0000000400)='-\x00', 0xfffffffffffffffc)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000440)={r5, 0x35, 0x32}, &(0x7f0000000480)={'enc=', 'raw', ' hash=', {'cmac(camellia-asm)\x00'}}, &(0x7f0000000500)="00dc57cb612b6320ba578257c93921e60304551bf1c07fc28bd3c31638b54bedd5caacf835a20fa77c0882a81de29da028065bc88f", &(0x7f0000000540)=""/50)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in6=@empty, @in6=@remote, @in6=@local, @in6=@empty, 0x0, 0x0, 0x0, 0x3506, 0x2}]}]}, 0xa0}}, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
r7 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r2, 0x0, 0x24002de8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r0}, 0x10)

0s ago: executing program 1 (id=1210):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0xfc, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x9}, {0x0, 0xb}}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_flower={{0xb}, {0xb4, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_DST_MASK={0x14, 0x22, [0x0, 0xff, 0xff, 0xffffff00]}, @TCA_FLOWER_KEY_ENC_OPTS={0x74, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x24, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0xbd}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xfe}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x10}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x24, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0xe}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0xb}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0xa5}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0xd}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x24, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x5f}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x40}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0xfc}]}]}, @TCA_FLOWER_KEY_PORT_SRC_MAX={0x6, 0x58, 0x4e21}, @TCA_FLOWER_KEY_UDP_SRC_MASK={0x6}, @TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}, @TCA_FLOWER_KEY_ICMPV6_TYPE_MASK={0x5}, @TCA_FLOWER_KEY_SCTP_DST_MASK={0x6}]}}]}, 0xfc}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

kernel console output (not intermixed with test programs):

20][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   77.907726][ T4263] Bluetooth: hci3: command 0x040f tx timeout
[   77.913763][ T4263] Bluetooth: hci2: command 0x040f tx timeout
[   77.922391][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   77.940090][ T4252] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.949973][ T4252] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.960208][ T4252] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.969289][ T4252] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.987384][ T4263] Bluetooth: hci1: command 0x040f tx timeout
[   77.993450][ T4263] Bluetooth: hci4: command 0x040f tx timeout
[   77.999691][ T4259] Bluetooth: hci0: command 0x040f tx timeout
[   78.008218][ T4258] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.017174][ T4258] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.025909][ T4258] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.041579][ T4258] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.056015][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.070403][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.080375][ T4253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.091402][ T4253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.103820][ T4253] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.123244][ T4265] device veth0_macvtap entered promiscuous mode
[   78.134260][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   78.145535][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   78.161957][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   78.172538][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   78.186371][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   78.198467][ T4253] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.208120][ T4253] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.217417][ T4253] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.226151][ T4253] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.253818][ T4265] device veth1_macvtap entered promiscuous mode
[   78.310770][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.324595][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.334831][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.345848][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.355732][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.366568][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.378303][ T4265] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.416470][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   78.434540][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   78.444275][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   78.453664][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   78.464552][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.476420][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.486744][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.497800][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.508681][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.519776][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.531547][ T4265] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.573133][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   78.583795][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   78.596569][ T4265] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.605976][ T4265] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.615263][ T4265] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.624094][ T4265] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.666554][ T4254] device veth0_vlan entered promiscuous mode
[   78.674713][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.686003][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.694876][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   78.706474][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   78.738354][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   78.746532][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   78.755364][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   78.775840][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.796559][ T4254] device veth1_vlan entered promiscuous mode
[   78.811994][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.847323][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.863435][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.864991][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   78.887437][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   78.895879][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   78.904588][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.922826][ T4254] device veth0_macvtap entered promiscuous mode
[   78.975186][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   78.990191][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   79.001403][ T4254] device veth1_macvtap entered promiscuous mode
[   79.011922][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.020702][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.028315][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   79.028528][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.036664][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   79.061239][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   79.077366][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.099834][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   79.162367][ T4254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.181741][ T4254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.193435][ T4254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.204507][ T4254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.214539][ T4254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.225173][ T4254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.235133][ T4254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.245881][ T4254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.258692][ T4254] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.268095][ T4337] sch_fq: defrate 0 ignored.
[   79.342319][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   79.363036][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   79.391505][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.408009][ T4254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.421598][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.436989][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.446309][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.454291][ T4254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.483846][ T4254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.508217][ T4254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.517454][ T4341] loop0: detected capacity change from 0 to 2048
[   79.525186][ T4254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.536000][ T4254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.546301][ T4254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.564889][ T4254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.581552][ T4254] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.617602][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   79.626207][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   79.635945][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   79.650547][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   79.660275][ T4341] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   79.690677][ T4341] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.6: bg 0: block 362: padding at end of block bitmap is not set
[   79.728460][ T4341] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[   79.746588][ T4254] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.764029][ T4341] EXT4-fs (loop0): This should not happen!! Data will be lost
[   79.764029][ T4341] 
[   79.773924][ T4341] EXT4-fs (loop0): Total free blocks count 0
[   79.780415][ T4341] EXT4-fs (loop0): Free/Dirty block details
[   79.786542][ T4341] EXT4-fs (loop0): free_blocks=0
[   79.792018][ T4254] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.792089][ T4254] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.792122][ T4254] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.801493][ T4341] EXT4-fs (loop0): dirty_blocks=64
[   79.834023][ T4341] EXT4-fs (loop0): Block reservation details
[   79.855291][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.892597][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.925950][ T4341] EXT4-fs (loop0): i_reserved_data_blocks=4
[   79.939481][   T26] audit: type=1804 audit(1737938605.614:2): pid=4348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.6" name="/newroot/1/file0/file1" dev="loop0" ino=15 res=1 errno=0
[   79.972969][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   79.987967][ T4263] Bluetooth: hci2: command 0x0419 tx timeout
[   79.994076][ T4263] Bluetooth: hci3: command 0x0419 tx timeout
[   80.076110][ T4353] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4'.
[   80.085604][ T4263] Bluetooth: hci4: command 0x0419 tx timeout
[   80.091812][ T4263] Bluetooth: hci0: command 0x0419 tx timeout
[   80.098902][ T4268] Bluetooth: hci1: command 0x0419 tx timeout
[   80.105135][ T4353] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   80.113330][ T4353] batman_adv: batadv0: Removing interface: batadv_slave_0
[   80.122968][ T4353] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   80.131391][ T4353] batman_adv: batadv0: Removing interface: batadv_slave_1
[   80.175217][ T4352] loop2: detected capacity change from 0 to 2048
[   80.216651][ T4323] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   80.217090][ T4352] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   80.306368][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.320702][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.363289][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   80.383425][ T4352] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.8: bg 0: block 234: padding at end of block bitmap is not set
[   80.420776][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.433777][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.453608][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   80.483068][ T4352] EXT4-fs (loop2): Remounting filesystem read-only
[   82.191310][ T4369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'.
[   82.259159][ T4258] EXT4-fs (loop2): unmounting filesystem.
[   82.391107][ T4379] loop3: detected capacity change from 0 to 512
[   82.456236][ T4379] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   82.531406][ T4382] loop0: detected capacity change from 0 to 2048
[   82.569361][   T26] audit: type=1804 audit(1737938608.244:3): pid=4379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.12" name="/newroot/1/file0/bus" dev="loop3" ino=18 res=1 errno=0
[   82.645431][ T4382] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   82.672016][ T4369] device hsr_slave_1 left promiscuous mode
[   82.739300][ T4382] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   82.796082][ T4253] EXT4-fs (loop3): unmounting filesystem.
[   82.861228][ T4382] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[   82.897679][ T4382] EXT4-fs (loop0): This should not happen!! Data will be lost
[   82.897679][ T4382] 
[   82.927050][ T4382] EXT4-fs (loop0): Total free blocks count 0
[   82.932218][ T4393] netlink: 'syz.4.15': attribute type 10 has an invalid length.
[   82.933285][ T4382] EXT4-fs (loop0): Free/Dirty block details
[   82.990955][ T4382] EXT4-fs (loop0): free_blocks=2415919104
[   83.000414][ T4393] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.009125][ T4393] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.036287][ T4382] EXT4-fs (loop0): dirty_blocks=32
[   83.073945][ T4382] EXT4-fs (loop0): Block reservation details
[   83.087829][ T4382] EXT4-fs (loop0): i_reserved_data_blocks=2
[   83.117543][ T4398] capability: warning: `syz.1.18' uses deprecated v2 capabilities in a way that may be insecure
[   83.118495][ T4393] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.135430][ T4393] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.144325][ T4393] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.151557][ T4393] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.200717][ T4323] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   83.280249][ T4393] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   83.506129][ T4407] sch_fq: defrate 0 ignored.
[   83.652549][ T4410] loop4: detected capacity change from 0 to 2048
[   83.779205][ T4410] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   84.101552][ T4425] loop3: detected capacity change from 0 to 2048
[   84.220050][ T4430] netlink: 4 bytes leftover after parsing attributes in process `syz.1.30'.
[   84.234166][ T4430] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   84.257451][ T4430] batman_adv: batadv0: Removing interface: batadv_slave_0
[   84.266703][ T4425] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   84.308456][ T4430] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   84.340885][ T4430] batman_adv: batadv0: Removing interface: batadv_slave_1
[   84.365174][ T4425] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.27: bg 0: block 362: padding at end of block bitmap is not set
[   84.444395][ T4425] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[   84.549637][ T4254] EXT4-fs (loop4): unmounting filesystem.
[   84.569258][   T26] audit: type=1804 audit(1737938610.244:4): pid=4437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.27" name="/newroot/4/file0/file1" dev="loop3" ino=15 res=1 errno=0
[   84.595608][ T4425] EXT4-fs (loop3): This should not happen!! Data will be lost
[   84.595608][ T4425] 
[   84.625044][ T4425] EXT4-fs (loop3): Total free blocks count 0
[   84.650719][ T4425] EXT4-fs (loop3): Free/Dirty block details
[   84.679023][ T4425] EXT4-fs (loop3): free_blocks=0
[   84.695744][ T4425] EXT4-fs (loop3): dirty_blocks=64
[   84.714212][ T4425] EXT4-fs (loop3): Block reservation details
[   84.838345][ T4425] EXT4-fs (loop3): i_reserved_data_blocks=4
[   84.853947][ T4436] netlink: 4 bytes leftover after parsing attributes in process `syz.0.28'.
[   85.028599][   T56] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   85.071585][ T4436] device hsr_slave_1 left promiscuous mode
[   85.358035][ T4453] netlink: 'syz.1.34': attribute type 10 has an invalid length.
[   85.391217][ T4453] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.398836][ T4453] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.457436][ T4453] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.464710][ T4453] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.472498][ T4453] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.479708][ T4453] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.517018][ T4453] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   85.579813][ T4448] loop3: detected capacity change from 0 to 8192
[   85.627875][ T4448] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   85.748627][ T4460] netlink: 'syz.0.38': attribute type 10 has an invalid length.
[   85.774044][ T4460] netlink: 40 bytes leftover after parsing attributes in process `syz.0.38'.
[   85.910813][ T4460] team0: Port device geneve0 added
[   85.993076][ T4465] sch_fq: defrate 0 ignored.
[   86.131250][ T4467] netlink: 'syz.3.50': attribute type 10 has an invalid length.
[   86.158189][ T4467] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.166478][ T4467] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.189504][ T4467] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.196694][ T4467] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.204223][ T4467] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.211386][ T4467] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.302638][ T4467] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   86.432124][ T4474] loop4: detected capacity change from 0 to 2048
[   86.462655][ T4472] loop1: detected capacity change from 0 to 2048
[   86.507823][ T4474] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   86.528268][ T4476] netlink: 4 bytes leftover after parsing attributes in process `syz.0.45'.
[   86.549050][ T4474] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.44: bg 0: block 362: padding at end of block bitmap is not set
[   86.558257][ T4472] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   86.576583][ T4474] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[   86.597905][   T26] audit: type=1804 audit(1737938612.274:5): pid=4484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.44" name="/newroot/8/file0/file1" dev="loop4" ino=15 res=1 errno=0
[   86.598728][ T4476] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   86.627188][ T4476] batman_adv: batadv0: Removing interface: batadv_slave_0
[   86.634778][ T4474] EXT4-fs (loop4): This should not happen!! Data will be lost
[   86.634778][ T4474] 
[   86.645725][ T4476] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.653905][ T4474] EXT4-fs (loop4): Total free blocks count 0
[   86.660327][ T4474] EXT4-fs (loop4): Free/Dirty block details
[   86.666349][ T4474] EXT4-fs (loop4): free_blocks=0
[   86.669506][ T4476] batman_adv: batadv0: Removing interface: batadv_slave_1
[   86.671537][ T4474] EXT4-fs (loop4): dirty_blocks=64
[   86.685542][ T4474] EXT4-fs (loop4): Block reservation details
[   86.692197][ T4474] EXT4-fs (loop4): i_reserved_data_blocks=4
[   86.770052][   T33] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   86.790780][   T14] cfg80211: failed to load regulatory.db
[   86.812576][ T4472] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.43: bg 0: block 234: padding at end of block bitmap is not set
[   86.904566][ T4472] EXT4-fs (loop1): Remounting filesystem read-only
[   87.041200][ T4265] EXT4-fs (loop1): unmounting filesystem.
[   87.152058][ T4490] loop4: detected capacity change from 0 to 256
[   87.241320][ T4495] netlink: 4 bytes leftover after parsing attributes in process `syz.2.47'.
[   87.561770][ T4495] device hsr_slave_1 left promiscuous mode
[   87.889786][ T4503] netlink: 24 bytes leftover after parsing attributes in process `syz.3.54'.
[   87.891341][ T4501] loop4: detected capacity change from 0 to 512
[   87.936414][ T4501] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   88.004714][ T4501] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.53: couldn't read orphan inode 26 (err -116)
[   88.037023][ T4501] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   88.056362][ T4501] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.139216][ T4254] EXT4-fs (loop4): unmounting filesystem.
[   88.225082][ T4512] netlink: 'syz.2.58': attribute type 10 has an invalid length.
[   88.237848][ T4512] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.245413][ T4512] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.315584][ T4512] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.322840][ T4512] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.330400][ T4512] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.337594][ T4512] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.385940][ T4512] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   89.435663][ T4533] loop2: detected capacity change from 0 to 512
[   89.518609][ T4533] EXT4-fs (loop2): too many log groups per flexible block group
[   89.552294][ T4533] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   89.597378][ T4542] loop0: detected capacity change from 0 to 2048
[   89.609542][ T4533] EXT4-fs (loop2): mount failed
[   89.708939][ T4542] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   89.870958][ T4542] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.62: bg 0: block 234: padding at end of block bitmap is not set
[   89.899690][ T4550] loop3: detected capacity change from 0 to 764
[   89.982717][ T4542] EXT4-fs (loop0): Remounting filesystem read-only
[   90.204148][ T4558] netlink: 'syz.3.72': attribute type 10 has an invalid length.
[   90.220490][ T4252] EXT4-fs (loop0): unmounting filesystem.
[   90.304463][ T4558] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.311772][ T4558] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.694630][   T26] audit: type=1326 audit(1737938616.364:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4579 comm="syz.0.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   90.701649][ T4580] mmap: syz.0.81 (4580) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   90.774090][   T26] audit: type=1326 audit(1737938616.374:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4579 comm="syz.0.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   90.859330][   T26] audit: type=1326 audit(1737938616.374:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4579 comm="syz.0.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   90.964068][   T26] audit: type=1326 audit(1737938616.374:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4579 comm="syz.0.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   91.053124][   T26] audit: type=1326 audit(1737938616.444:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4579 comm="syz.0.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   91.143848][   T26] audit: type=1326 audit(1737938616.444:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4579 comm="syz.0.81" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   91.217282][ T4588] loop4: detected capacity change from 0 to 2048
[   91.226509][   T26] audit: type=1326 audit(1737938616.794:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4591 comm="syz.2.86" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[   91.311399][   T26] audit: type=1326 audit(1737938616.794:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4591 comm="syz.2.86" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[   91.360318][ T4588] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   91.370273][   T26] audit: type=1326 audit(1737938616.804:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4591 comm="syz.2.86" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[   91.477954][ T4607] netlink: 'syz.0.90': attribute type 10 has an invalid length.
[   91.499772][ T4588] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.85: bg 0: block 234: padding at end of block bitmap is not set
[   91.516215][ T4607] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.524019][ T4607] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.561484][ T4607] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.568737][ T4607] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.573744][ T4588] EXT4-fs (loop4): Remounting filesystem read-only
[   91.576187][ T4607] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.589746][ T4607] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.696451][ T4607] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   91.719545][   T26] kauditd_printk_skb: 21 callbacks suppressed
[   91.719561][   T26] audit: type=1326 audit(1737938617.394:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4591 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[   91.776911][   T26] audit: type=1326 audit(1737938617.424:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4591 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[   91.824208][ T4254] EXT4-fs (loop4): unmounting filesystem.
[   91.906154][ T4617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.94'.
[   92.035658][ T4624] process 'syz.0.97' launched './file0' with NULL argv: empty string added
[   92.256923][ T4633] serio: Serial port ttyS3
[   92.523815][ T4646] netlink: 12 bytes leftover after parsing attributes in process `syz.4.105'.
[   92.651444][ T4651] netlink: 'syz.1.108': attribute type 10 has an invalid length.
[   92.667968][ T4651] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.675336][ T4651] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.677039][ T4652] loop0: detected capacity change from 0 to 2048
[   92.761294][ T4652] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   92.811773][ T4658] smc: net device bond0 applied user defined pnetid SYZ2
[   92.822301][ T4658] smc: net device bond0 erased user defined pnetid SYZ2
[   92.881858][ T4652] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.107: bg 0: block 234: padding at end of block bitmap is not set
[   92.962609][ T4652] EXT4-fs (loop0): Remounting filesystem read-only
[   93.128202][ T4252] EXT4-fs (loop0): unmounting filesystem.
[   93.444294][ T4683] loop4: detected capacity change from 0 to 512
[   93.472130][ T4685] netlink: 'syz.2.122': attribute type 10 has an invalid length.
[   93.499842][ T4683] ext4: Unknown parameter 'fowner'
[   93.506623][ T4685] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.514005][ T4685] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.532983][ T4687] netlink: 8 bytes leftover after parsing attributes in process `syz.1.123'.
[   93.790580][   T26] audit: type=1326 audit(1737938619.464:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4694 comm="syz.0.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   93.846935][   T26] audit: type=1326 audit(1737938619.494:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4694 comm="syz.0.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   93.915532][ T4697] loop2: detected capacity change from 0 to 2048
[   93.940325][   T26] audit: type=1326 audit(1737938619.494:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4694 comm="syz.0.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   93.993307][ T4701] syz.3.130[4701] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   93.993423][ T4701] syz.3.130[4701] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   94.024288][   T26] audit: type=1326 audit(1737938619.494:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4694 comm="syz.0.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   94.035653][ T4697] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   94.154109][ T4697] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.128: bg 0: block 234: padding at end of block bitmap is not set
[   94.179322][   T26] audit: type=1326 audit(1737938619.494:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4694 comm="syz.0.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   94.206977][   T26] audit: type=1326 audit(1737938619.494:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4694 comm="syz.0.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   94.232622][   T26] audit: type=1326 audit(1737938619.494:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4694 comm="syz.0.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   94.258277][ T4697] EXT4-fs (loop2): Remounting filesystem read-only
[   94.281701][   T26] audit: type=1326 audit(1737938619.494:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4694 comm="syz.0.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[   94.373672][ T4716] netlink: 8 bytes leftover after parsing attributes in process `syz.3.135'.
[   94.404102][ T4258] EXT4-fs (loop2): unmounting filesystem.
[   94.420147][ T4716] netlink: 84 bytes leftover after parsing attributes in process `syz.3.135'.
[   94.590739][ T4724] netlink: 'syz.2.139': attribute type 10 has an invalid length.
[   95.072603][ T4749] syz.2.151[4749] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.072722][ T4749] syz.2.151[4749] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   95.417726][ T4762] bond0: option fail_over_mac: unable to set because the bond device has slaves
[   95.498873][ T4323] bond0: (slave bridge0): link status definitely down, disabling slave
[   96.131005][ T4782] netlink: 24 bytes leftover after parsing attributes in process `syz.3.165'.
[   96.555422][ T4794] bond0: option fail_over_mac: unable to set because the bond device has slaves
[   96.567993][   T56] bond0: (slave bridge0): link status definitely down, disabling slave
[   96.643858][ T4797] syz.2.169[4797] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.644287][ T4797] syz.2.169[4797] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.688871][ T4797] RDS: rds_bind could not find a transport for ::c001:20:0:0, load rds_tcp or rds_rdma?
[   98.296795][    C1] sched: RT throttling activated
[   98.563770][ T4822] loop3: detected capacity change from 0 to 128
[   98.704648][ T4822] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[   98.713080][ T4822] System zones: 1-3, 19-19, 35-36
[   98.768402][ T4822] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   98.778401][ T4822] ext4 filesystem being mounted at /38/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   99.247894][ T4826] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  100.296027][ T4846] loop1: detected capacity change from 0 to 128
[  100.491126][   T26] kauditd_printk_skb: 34 callbacks suppressed
[  100.491143][   T26] audit: type=1800 audit(1737938626.164:80): pid=4846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.191" name="file1" dev="loop1" ino=1048597 res=0 errno=0
[  100.746419][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  100.928823][ T4857] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  100.929989][ T4853] loop1: detected capacity change from 0 to 2048
[  101.008918][   T11] bond0: (slave bridge0): link status definitely down, disabling slave
[  101.021571][ T4853] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  101.048601][ T4858] netlink: 'syz.2.196': attribute type 10 has an invalid length.
[  101.218865][ T4853] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.194: bg 0: block 234: padding at end of block bitmap is not set
[  101.248370][ T4853] EXT4-fs (loop1): Remounting filesystem read-only
[  101.351122][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  101.375085][ T4869] loop2: detected capacity change from 0 to 2048
[  101.393750][ T4869] ext4: Unknown parameter 'smackfsdef'
[  101.763048][ T4880] loop2: detected capacity change from 0 to 512
[  101.826629][ T4880] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  101.881333][ T4889] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  101.893125][ T4880] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  101.930415][   T26] audit: type=1326 audit(1737938627.604:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4890 comm="syz.3.210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  101.937497][ T4880] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  102.011886][ T4889] netlink: 'syz.1.209': attribute type 10 has an invalid length.
[  102.036915][   T26] audit: type=1326 audit(1737938627.634:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4890 comm="syz.3.210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  102.067626][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  102.166072][   T26] audit: type=1326 audit(1737938627.634:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4890 comm="syz.3.210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  102.253978][   T26] audit: type=1326 audit(1737938627.634:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4890 comm="syz.3.210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  102.325003][   T26] audit: type=1326 audit(1737938627.634:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4890 comm="syz.3.210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  102.379831][ T4900] loop2: detected capacity change from 0 to 2048
[  102.458132][   T26] audit: type=1326 audit(1737938627.924:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4899 comm="syz.3.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  102.484038][ T4900] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  102.533844][   T26] audit: type=1326 audit(1737938627.954:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4899 comm="syz.3.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  102.578623][   T26] audit: type=1326 audit(1737938627.954:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4899 comm="syz.3.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  102.601832][   T26] audit: type=1326 audit(1737938627.984:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4899 comm="syz.3.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  102.655564][ T4919] netlink: 24 bytes leftover after parsing attributes in process `syz.4.218'.
[  102.691075][ T4900] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.212: bg 0: block 234: padding at end of block bitmap is not set
[  102.755465][ T4922] loop1: detected capacity change from 0 to 512
[  102.767014][ T4900] EXT4-fs (loop2): Remounting filesystem read-only
[  102.802877][ T4922] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  102.837082][ T4922] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  102.861695][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  103.082101][ T4931] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  103.313729][ T4931] netlink: 'syz.4.224': attribute type 10 has an invalid length.
[  103.374842][ T4931] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.382207][ T4931] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.773301][ T4939] loop7: detected capacity change from 0 to 16384
[  103.837082][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  103.941486][ T4939] I/O error, dev loop7, sector 1536 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[  104.302635][ T4955] loop1: detected capacity change from 0 to 2048
[  104.401950][ T4955] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  104.481153][ T4967] netlink: 4 bytes leftover after parsing attributes in process `syz.2.238'.
[  104.622911][ T4955] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.233: bg 0: block 234: padding at end of block bitmap is not set
[  104.681668][ T4955] EXT4-fs (loop1): Remounting filesystem read-only
[  104.748062][ T4969] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.885599][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  104.938330][ T4969] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.126735][ T4969] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.263877][ T4994] sd 0:0:1:0: device reset
[  105.335639][ T4969] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.370128][ T4998] netlink: 20 bytes leftover after parsing attributes in process `syz.1.250'.
[  105.513371][ T4969] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.559965][ T4969] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.614804][ T4969] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.635389][ T5011] tmpfs: Unknown parameter ''
[  105.643422][ T4969] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.686329][ T5012] loop4: detected capacity change from 0 to 2048
[  105.788266][ T5012] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  105.869988][ T5012] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.256: bg 0: block 234: padding at end of block bitmap is not set
[  105.885913][ T5022] device dummy0 entered promiscuous mode
[  105.893613][ T5012] EXT4-fs (loop4): Remounting filesystem read-only
[  105.910499][ T5022] device macvtap1 entered promiscuous mode
[  105.927749][   T26] kauditd_printk_skb: 44 callbacks suppressed
[  105.927766][   T26] audit: type=1326 audit(1737938631.604:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5025 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  105.964295][ T5022] device dummy0 left promiscuous mode
[  106.008652][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  106.045982][   T26] audit: type=1326 audit(1737938631.634:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5025 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  106.108812][   T26] audit: type=1326 audit(1737938631.634:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5025 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  106.145657][   T26] audit: type=1326 audit(1737938631.634:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5025 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  106.172023][   T26] audit: type=1326 audit(1737938631.634:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5025 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  106.232881][   T26] audit: type=1326 audit(1737938631.634:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5025 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  106.303799][   T26] audit: type=1326 audit(1737938631.634:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5025 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  106.379918][   T26] audit: type=1326 audit(1737938631.634:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5025 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  106.452806][   T26] audit: type=1326 audit(1737938631.644:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5025 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  106.533655][   T26] audit: type=1326 audit(1737938631.644:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5025 comm="syz.1.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  106.635830][ T5047] device vxcan0 entered promiscuous mode
[  106.645065][ T5047] device vlan2 entered promiscuous mode
[  106.653043][ T5047] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  106.673824][ T5047] device vxcan0 left promiscuous mode
[  106.841569][ T5051] loop2: detected capacity change from 0 to 2048
[  106.958056][ T5051] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  107.032139][ T5062] netlink: 236 bytes leftover after parsing attributes in process `syz.4.272'.
[  107.055613][ T5051] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.269: bg 0: block 234: padding at end of block bitmap is not set
[  107.084869][ T5062] netlink: 28 bytes leftover after parsing attributes in process `syz.4.272'.
[  107.106244][ T5062] netlink: 28 bytes leftover after parsing attributes in process `syz.4.272'.
[  107.116729][ T5051] EXT4-fs (loop2): Remounting filesystem read-only
[  107.246155][ T5073] sd 0:0:1:0: device reset
[  107.254158][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  107.594259][ T5085] device pim6reg1 entered promiscuous mode
[  107.988240][ T5097] loop4: detected capacity change from 0 to 2048
[  108.080006][ T5097] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  108.120097][ T5106] loop2: detected capacity change from 0 to 1024
[  108.138057][ T5106] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  108.190353][ T5097] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.288: bg 0: block 234: padding at end of block bitmap is not set
[  108.209520][ T5106] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  108.269423][ T5097] EXT4-fs (loop4): Remounting filesystem read-only
[  108.277116][ T5106] JBD2: no valid journal superblock found
[  108.288391][ T5106] EXT4-fs (loop2): error loading journal
[  108.507387][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  108.790995][ T5128] netlink: 4 bytes leftover after parsing attributes in process `syz.1.301'.
[  109.128479][ T5142] syzkaller0: tun_chr_ioctl cmd 2147767520
[  109.226938][ T5144] loop4: detected capacity change from 0 to 128
[  109.304269][ T5144] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  109.312725][ T5144] System zones: 1-3, 19-19, 35-36
[  109.322988][ T5144] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  109.335510][ T5144] ext4 filesystem being mounted at /61/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  110.705790][ T5151] loop0: detected capacity change from 0 to 2048
[  110.791958][ T5151] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  110.982965][ T5151] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.308: bg 0: block 234: padding at end of block bitmap is not set
[  111.026655][ T5151] EXT4-fs (loop0): Remounting filesystem read-only
[  111.295079][ T4252] EXT4-fs (loop0): unmounting filesystem.
[  111.461021][ T5168] loop3: detected capacity change from 0 to 512
[  111.536109][ T5168] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2186: inode #15: comm syz.3.314: corrupted in-inode xattr
[  111.558691][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  111.564747][ T5168] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.314: couldn't read orphan inode 15 (err -117)
[  111.627549][ T5168] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  111.690045][ T5168] EXT4-fs (loop3): shut down requested (2)
[  111.873418][ T5181] netlink: 'syz.1.319': attribute type 10 has an invalid length.
[  111.913429][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  112.349441][ T5199] loop1: detected capacity change from 0 to 2048
[  112.405134][ T5199] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  112.560808][ T5199] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.326: bg 0: block 234: padding at end of block bitmap is not set
[  112.611662][ T5199] EXT4-fs (loop1): Remounting filesystem read-only
[  112.695188][ T5217] loop0: detected capacity change from 0 to 128
[  112.905358][ T5217] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  112.913846][ T5217] System zones: 1-3, 19-19, 35-36
[  112.925007][ T5217] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  112.938803][ T5217] ext4 filesystem being mounted at /68/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  114.053649][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  114.084205][ T5227] loop3: detected capacity change from 0 to 512
[  114.091077][ T5227] =======================================================
[  114.091077][ T5227] WARNING: The mand mount option has been deprecated and
[  114.091077][ T5227]          and is ignored by this kernel. Remove the mand
[  114.091077][ T5227]          option from the mount to silence this warning.
[  114.091077][ T5227] =======================================================
[  114.464011][ T5229] syz.4.332[5229] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.464538][ T5229] syz.4.332[5229] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.577323][ T5230] RDS: rds_bind could not find a transport for ::c001:20:0:0, load rds_tcp or rds_rdma?
[  116.046994][ T5227] EXT4-fs: Ignoring removed oldalloc option
[  116.125486][ T5233] loop2: detected capacity change from 0 to 1024
[  116.270248][ T5227] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.333: Parent and EA inode have the same ino 15
[  116.372192][ T4252] EXT4-fs (loop0): unmounting filesystem.
[  116.386620][ T5233] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  116.430135][ T5233] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.519310][ T5227] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  116.573248][ T5246] netlink: 'syz.1.334': attribute type 10 has an invalid length.
[  116.604177][ T5227] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.333: Parent and EA inode have the same ino 15
[  116.680107][ T5227] EXT4-fs (loop3): 1 orphan inode deleted
[  116.685913][ T5227] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  116.745384][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  116.762520][ T5227] EXT4-fs (loop3): unmounting filesystem.
[  116.904520][ T5251] loop1: detected capacity change from 0 to 128
[  116.934412][ T5251] FAT-fs (loop1): Directory bread(block 162) failed
[  116.964286][ T5251] FAT-fs (loop1): Directory bread(block 163) failed
[  116.987837][ T5251] FAT-fs (loop1): Directory bread(block 164) failed
[  116.994504][ T5251] FAT-fs (loop1): Directory bread(block 165) failed
[  117.003416][ T5251] FAT-fs (loop1): Directory bread(block 166) failed
[  117.010692][ T5251] FAT-fs (loop1): Directory bread(block 167) failed
[  117.037923][ T5251] FAT-fs (loop1): Directory bread(block 168) failed
[  117.044688][ T5251] FAT-fs (loop1): Directory bread(block 169) failed
[  117.092601][ T5251] FAT-fs (loop1): Directory bread(block 162) failed
[  117.140631][ T5251] FAT-fs (loop1): Directory bread(block 163) failed
[  117.162782][ T5251] syz.1.338: attempt to access beyond end of device
[  117.162782][ T5251] loop1: rw=3, sector=226, nr_sectors = 6 limit=128
[  117.229537][ T5251] syz.1.338: attempt to access beyond end of device
[  117.229537][ T5251] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128
[  117.340179][ T5266] device batadv_slave_1 entered promiscuous mode
[  117.484294][ T5269] device batadv_slave_1 left promiscuous mode
[  117.796604][ T5279] loop3: detected capacity change from 0 to 2048
[  117.866347][ T5279] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  117.962752][ T5288] loop4: detected capacity change from 0 to 164
[  118.016158][ T5279] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.345: bg 0: block 234: padding at end of block bitmap is not set
[  118.060116][ T5288] Unable to read rock-ridge attributes
[  118.126955][ T5279] EXT4-fs (loop3): Remounting filesystem read-only
[  118.351626][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  119.000771][   T26] kauditd_printk_skb: 48 callbacks suppressed
[  119.000788][   T26] audit: type=1326 audit(1737938644.674:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5321 comm="syz.0.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[  119.035281][ T5323] loop2: detected capacity change from 0 to 2048
[  119.085524][   T26] audit: type=1326 audit(1737938644.714:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5321 comm="syz.0.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[  119.137109][   T26] audit: type=1326 audit(1737938644.714:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5321 comm="syz.0.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[  119.161896][   T26] audit: type=1326 audit(1737938644.714:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5321 comm="syz.0.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[  119.171894][ T5323] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  119.283189][   T26] audit: type=1326 audit(1737938644.714:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5321 comm="syz.0.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[  119.306062][   T26] audit: type=1326 audit(1737938644.714:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5321 comm="syz.0.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[  119.330516][   T26] audit: type=1326 audit(1737938644.714:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5321 comm="syz.0.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[  119.355720][   T26] audit: type=1326 audit(1737938644.714:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5321 comm="syz.0.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[  119.382948][ T5339] loop3: detected capacity change from 0 to 764
[  119.493231][ T5323] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.365: bg 0: block 234: padding at end of block bitmap is not set
[  119.557417][ T5323] EXT4-fs (loop2): Remounting filesystem read-only
[  119.833492][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  119.924918][ T5353] loop3: detected capacity change from 0 to 512
[  120.015845][ T5353] Quota error (device loop3): v2_read_file_info: Number of blocks too big for quota file size (2103296 > 6144).
[  120.039664][ T5353] EXT4-fs warning (device loop3): ext4_enable_quotas:7029: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  120.064624][ T5353] EXT4-fs (loop3): mount failed
[  120.285220][ T5368] syz.0.382[5368] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.285339][ T5368] syz.0.382[5368] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.499657][ T5374] loop3: detected capacity change from 0 to 2048
[  120.581770][ T5374] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  120.717379][   T26] audit: type=1326 audit(1737938646.394:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5386 comm="syz.0.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1698cd29 code=0x7ffc0000
[  120.767242][ T5374] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.385: bg 0: block 234: padding at end of block bitmap is not set
[  120.829393][ T5374] EXT4-fs (loop3): Remounting filesystem read-only
[  120.844078][ T5392] loop2: detected capacity change from 0 to 512
[  120.883668][ T5392] ext4: Unknown parameter 'smackfstransmute'
[  121.010539][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  121.149597][ T5407] netlink: 'syz.2.398': attribute type 10 has an invalid length.
[  121.783755][ T5424] loop1: detected capacity change from 0 to 2048
[  121.890148][ T5424] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  121.926530][ T5434] netlink: 'syz.4.410': attribute type 10 has an invalid length.
[  121.985270][ T5436] loop2: detected capacity change from 0 to 512
[  121.999239][ T5436] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  122.056174][ T5436] EXT4-fs (loop2): 1 truncate cleaned up
[  122.155385][ T5436] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  122.484971][ T4528] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm kworker/u4:9: bg 0: block 234: padding at end of block bitmap is not set
[  122.850637][ T4528] EXT4-fs (loop1): Remounting filesystem read-only
[  123.004427][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  123.242657][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  124.199943][   T26] kauditd_printk_skb: 7 callbacks suppressed
[  124.199960][   T26] audit: type=1326 audit(1737938649.874:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5460 comm="syz.3.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  124.295944][   T26] audit: type=1326 audit(1737938649.874:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5460 comm="syz.3.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  124.376948][   T26] audit: type=1326 audit(1737938649.874:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5460 comm="syz.3.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  124.384046][ T5474] netlink: 'syz.1.425': attribute type 10 has an invalid length.
[  124.466885][   T26] audit: type=1326 audit(1737938649.904:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5460 comm="syz.3.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  124.564814][   T26] audit: type=1326 audit(1737938649.904:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5460 comm="syz.3.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  124.879342][ T5489] loop4: detected capacity change from 0 to 512
[  124.967951][ T5489] Quota error (device loop4): v2_read_file_info: Number of blocks too big for quota file size (2103296 > 6144).
[  124.980226][ T5489] EXT4-fs warning (device loop4): ext4_enable_quotas:7029: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  124.996494][ T5489] EXT4-fs (loop4): mount failed
[  125.099991][ T5500] tipc: Started in network mode
[  125.108823][ T5500] tipc: Node identity ac14140f, cluster identity 4711
[  125.130341][ T5500] tipc: New replicast peer: 10.1.1.2
[  125.153235][ T5500] tipc: Enabled bearer <udp:syz0>, priority 10
[  125.237755][   T26] audit: type=1326 audit(1737938650.914:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5502 comm="syz.4.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46bb8cd29 code=0x7ffc0000
[  125.321394][   T26] audit: type=1326 audit(1737938650.944:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5502 comm="syz.4.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fe46bb8cd29 code=0x7ffc0000
[  125.396337][   T26] audit: type=1326 audit(1737938649.948:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5502 comm="syz.4.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46bb8cd29 code=0x7ffc0000
[  125.421012][   T26] audit: type=1326 audit(1737938649.948:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5502 comm="syz.4.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46bb8cd29 code=0x7ffc0000
[  125.512110][ T5512] netlink: 'syz.4.441': attribute type 10 has an invalid length.
[  125.686447][ T5516] loop3: detected capacity change from 0 to 2048
[  125.769175][ T5516] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  125.864029][ T5528] loop2: detected capacity change from 0 to 512
[  125.880504][ T5524] syz.1.447[5524] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.880615][ T5524] syz.1.447[5524] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.881244][ T5516] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.444: bg 0: block 234: padding at end of block bitmap is not set
[  125.946698][ T5524] loop1: detected capacity change from 0 to 512
[  125.954910][ T5528] EXT4-fs warning (device loop2): ext4_enable_quotas:7029: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  125.980704][ T5528] EXT4-fs (loop2): mount failed
[  125.998214][ T5516] EXT4-fs (loop3): Remounting filesystem read-only
[  126.049469][ T5524] EXT4-fs (loop1): 1 orphan inode deleted
[  126.065521][ T5524] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  126.068817][   T11] EXT4-fs error (device loop1): ext4_release_dquot:6817: comm kworker/u4:1: Failed to release dquot type 1
[  126.097166][ T5524] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.123933][ T5524] Process accounting resumed
[  126.149715][ T4298] tipc: Node number set to 2886997007
[  126.160178][   T11] EXT4-fs error (device loop1): ext4_release_dquot:6817: comm kworker/u4:1: Failed to release dquot type 1
[  126.228727][ T5524] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  126.313765][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  126.333320][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  126.679640][ T5549] netlink: 'syz.2.456': attribute type 10 has an invalid length.
[  126.751880][ T5555] 9pnet_fd: p9_fd_create_tcp (5555): problem connecting socket to 127.0.0.1
[  127.061438][ T5567] netlink: 'syz.0.464': attribute type 5 has an invalid length.
[  127.081660][ T5563] loop4: detected capacity change from 0 to 2048
[  127.149533][ T5569] loop2: detected capacity change from 0 to 1024
[  127.188746][ T5563] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  127.260642][ T5569] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  127.287204][ T5569] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.434913][ T5563] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.462: bg 0: block 234: padding at end of block bitmap is not set
[  127.460146][ T5563] EXT4-fs (loop4): Remounting filesystem read-only
[  127.708661][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  127.868191][ T5603] loop4: detected capacity change from 0 to 512
[  127.894582][ T5603] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  127.937010][ T5603] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  127.948430][ T5606] syz.0.477[5606] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  127.948540][ T5606] syz.0.477[5606] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.291703][ T5615] netlink: 4 bytes leftover after parsing attributes in process `syz.1.478'.
[  128.352286][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  128.474036][ T5619] syz.4.475[5619] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.474502][ T5619] syz.4.475[5619] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  130.079358][   T26] kauditd_printk_skb: 68 callbacks suppressed
[  130.079374][   T26] audit: type=1326 audit(1737938654.748:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.1.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  130.304767][ T5649] Zero length message leads to an empty skb
[  130.331243][   T26] audit: type=1326 audit(1737938654.748:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.1.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  130.338917][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  130.353668][   T26] audit: type=1326 audit(1737938654.748:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.1.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  130.383245][   T26] audit: type=1326 audit(1737938654.748:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.1.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  130.419669][ T5649] netlink: 'syz.3.493': attribute type 10 has an invalid length.
[  130.458074][   T26] audit: type=1326 audit(1737938654.748:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.1.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  130.537112][   T26] audit: type=1326 audit(1737938654.748:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.1.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  130.616378][   T26] audit: type=1326 audit(1737938654.748:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.1.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  130.690168][   T26] audit: type=1326 audit(1737938654.758:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.1.492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  130.899944][ T5667] loop2: detected capacity change from 0 to 2048
[  130.962356][ T5667] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  131.007059][   T26] audit: type=1326 audit(1737938655.668:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5673 comm="syz.4.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46bb8cd29 code=0x7ffc0000
[  131.097121][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  131.105521][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  131.113850][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  131.122175][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  131.130503][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  131.138825][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  131.147197][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  131.156803][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  131.166809][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  131.175070][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  131.231593][   T26] audit: type=1326 audit(1737938655.668:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5673 comm="syz.4.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe46bb8cd29 code=0x7ffc0000
[  132.464980][ T4263] Bluetooth: hci4: ISO packet for unknown connection handle 0
[  132.657955][ T5691] netlink: 'syz.3.508': attribute type 10 has an invalid length.
[  132.801138][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  132.870771][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  132.877231][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  133.921346][ T5711] tipc: Started in network mode
[  133.926275][ T5711] tipc: Node identity f7, cluster identity 4711
[  134.046969][ T5711] tipc: Node number set to 247
[  135.875619][ T5729] loop3: detected capacity change from 0 to 1024
[  135.960429][ T5729] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  136.009719][ T5729] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.078077][   T26] kauditd_printk_skb: 9 callbacks suppressed
[  136.078094][   T26] audit: type=1804 audit(1737938660.748:301): pid=5729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.524" name="/newroot/109/file1/bus" dev="loop3" ino=18 res=1 errno=0
[  136.299208][ T4298] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  136.505601][ T4298] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  136.535861][ T4298] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  136.554130][ T4298] usb 5-1: New USB device found, idVendor=0f30, idProduct=0111, bcdDevice= 0.00
[  136.565026][ T4298] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.691911][ T4298] usb 5-1: config 0 descriptor??
[  138.403326][ T4298] pantherlord 0003:0F30:0111.0001: unknown main item tag 0x0
[  138.411410][ T4298] pantherlord 0003:0F30:0111.0001: unknown main item tag 0x0
[  139.630156][ T4298] pantherlord 0003:0F30:0111.0001: unknown main item tag 0x0
[  139.654908][ T4298] pantherlord 0003:0F30:0111.0001: unknown main item tag 0x0
[  139.676063][ T4298] pantherlord 0003:0F30:0111.0001: unknown main item tag 0x0
[  139.723873][ T4298] pantherlord 0003:0F30:0111.0001: hidraw0: USB HID v0.03 Device [HID 0f30:0111] on usb-dummy_hcd.4-1/input0
[  139.777119][ T4298] pantherlord 0003:0F30:0111.0001: no output reports found
[  139.814141][ T4298] usb 5-1: USB disconnect, device number 2
[  139.841797][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  139.965460][ T5769] netlink: 20 bytes leftover after parsing attributes in process `syz.1.537'.
[  140.020562][ T5773] capability: warning: `syz.0.539' uses 32-bit capabilities (legacy support in use)
[  141.022245][ T4263] Bluetooth: hci4: link tx timeout
[  141.027891][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  142.350398][ T5802] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  143.152726][ T4263] Bluetooth: hci4: command 0x0406 tx timeout
[  149.169486][ T5854] netlink: 'syz.0.566': attribute type 10 has an invalid length.
[  149.314688][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.322085][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.440065][ T5856] loop2: detected capacity change from 0 to 2048
[  149.550432][ T5856] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  150.212639][ T5871] netlink: 20 bytes leftover after parsing attributes in process `syz.4.565'.
[  150.946967][ T5860] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  151.118851][ T5856] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.567: bg 0: block 234: padding at end of block bitmap is not set
[  152.104037][ T5856] EXT4-fs (loop2): Remounting filesystem read-only
[  152.118811][ T5860] EXT4-fs (loop2): Remounting filesystem read-only
[  152.464903][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  156.071254][   T26] audit: type=1326 audit(1737938680.738:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5913 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[  156.156087][   T26] audit: type=1326 audit(1737938680.738:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5913 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[  156.164449][ T5914] loop2: detected capacity change from 0 to 512
[  156.245219][   T26] audit: type=1326 audit(1737938680.808:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5913 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[  156.389955][ T5917] loop3: detected capacity change from 0 to 2048
[  156.398350][   T26] audit: type=1326 audit(1737938680.808:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5913 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[  156.471879][   T26] audit: type=1326 audit(1737938680.808:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5913 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[  156.523473][   T26] audit: type=1326 audit(1737938680.818:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5913 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[  156.569816][ T5917] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  157.260963][   T26] audit: type=1326 audit(1737938680.818:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5913 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[  157.375104][   T26] audit: type=1326 audit(1737938680.818:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5913 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[  157.429930][ T5914] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  157.431874][ T5917] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.584: bg 0: block 234: padding at end of block bitmap is not set
[  157.465096][ T5917] EXT4-fs (loop3): Remounting filesystem read-only
[  157.478176][ T5914] ext4 filesystem being mounted at /100/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  157.534042][   T26] audit: type=1326 audit(1737938680.828:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5913 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdb1018cd29 code=0x7ffc0000
[  157.674051][   T26] audit: type=1326 audit(1737938680.828:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5913 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdb1018cd63 code=0x7ffc0000
[  157.736358][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  158.093953][ T5934] syz.2.581[5934] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.094461][ T5934] syz.2.581[5934] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.991890][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  160.430725][ T4263] Bluetooth: hci4: link tx timeout
[  160.435954][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  161.512548][ T5956] netlink: 'syz.0.595': attribute type 30 has an invalid length.
[  161.522695][ T5953] input: syz0 as /devices/virtual/input/input5
[  161.555152][ T5954] netlink: 'syz.2.592': attribute type 10 has an invalid length.
[  161.942889][ T5963] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  161.952809][ T5963] F2FS-fs (loop2): Unable to read 1th superblock
[  161.961229][ T5963] I/O error, dev loop2, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  161.970785][ T5963] F2FS-fs (loop2): Unable to read 2th superblock
[  162.806540][ T5973] netlink: 8 bytes leftover after parsing attributes in process `syz.4.601'.
[  162.912251][ T5960] Driver unsupported XDP return value 0 on prog  (id 203) dev N/A, expect packet loss!
[  162.948157][ T4263] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  164.037149][ T4263] Bluetooth: hci4: link tx timeout
[  164.043664][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  164.103979][ T5986] netlink: 'syz.2.606': attribute type 10 has an invalid length.
[  164.349193][ T4263] Bluetooth: hci4: link tx timeout
[  164.354395][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  165.127322][ T5998] random: crng reseeded on system resumption
[  168.990226][    C0] Unknown status report in ack skb
[  169.024932][ T6026] netlink: 'syz.1.620': attribute type 10 has an invalid length.
[  169.069577][ T4263] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  169.427479][ T4263] Bluetooth: hci4: link tx timeout
[  169.432657][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  169.440921][ T4263] Bluetooth: hci4: link tx timeout
[  169.446045][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  169.473260][ T4263] Bluetooth: hci4: link tx timeout
[  169.478534][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  169.504807][ T4263] Bluetooth: hci4: link tx timeout
[  169.510673][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  171.155405][ T6040] loop1: detected capacity change from 0 to 2048
[  172.038460][ T6040] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  175.413531][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  175.792443][ T6070] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  175.803270][ T6070] F2FS-fs (loop4): Unable to read 1th superblock
[  175.867666][ T6070] I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  175.931930][ T6070] F2FS-fs (loop4): Unable to read 2th superblock
[  176.300912][   T26] kauditd_printk_skb: 25 callbacks suppressed
[  176.300928][   T26] audit: type=1326 audit(1737938700.968:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  176.460894][   T26] audit: type=1326 audit(1737938701.068:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  176.514740][ T4263] Bluetooth: hci1: ACL packet for unknown connection handle 0
[  176.535653][ T6078] netlink: 'syz.0.638': attribute type 10 has an invalid length.
[  176.578716][ T4825] bond0: (slave bridge0): link status definitely down, disabling slave
[  176.626944][   T26] audit: type=1326 audit(1737938701.068:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  176.745582][   T26] audit: type=1326 audit(1737938701.068:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  176.777745][ T6082] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  176.812222][ T6082] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  176.838633][   T26] audit: type=1326 audit(1737938701.078:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  176.847124][ T6082] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  176.890446][ T4263] Bluetooth: hci4: link tx timeout
[  176.895652][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  176.903820][ T4263] Bluetooth: hci4: link tx timeout
[  176.909005][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  176.946550][ T4263] Bluetooth: hci4: link tx timeout
[  176.952083][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  176.960578][ T4263] Bluetooth: hci4: link tx timeout
[  176.966337][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  176.976394][ T4263] Bluetooth: hci4: link tx timeout
[  176.981655][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  176.986875][  T126] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  176.990122][   T26] audit: type=1326 audit(1737938701.078:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  177.019379][   T26] audit: type=1326 audit(1737938701.338:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.1.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  177.042288][   T26] audit: type=1326 audit(1737938701.338:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.1.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fded918cd29 code=0x7ffc0000
[  177.064823][   T26] audit: type=1326 audit(1737938701.378:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.1.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fded918b690 code=0x7ffc0000
[  177.088122][   T26] audit: type=1326 audit(1737938701.378:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.1.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fded918c92b code=0x7ffc0000
[  177.279759][  T126] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.305749][  T126] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.390057][  T126] usb 2-1: New USB device found, idVendor=056a, idProduct=0304, bcdDevice= 0.00
[  177.399966][  T126] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.442129][  T126] usb 2-1: config 0 descriptor??
[  177.889075][  T126] usbhid 2-1:0.0: can't add hid device: -71
[  177.915368][  T126] usbhid: probe of 2-1:0.0 failed with error -71
[  177.938691][  T126] usb 2-1: USB disconnect, device number 2
[  178.704805][ T6100] loop3: detected capacity change from 0 to 2048
[  178.869025][ T6100] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  179.396492][ T6119] netlink: 'syz.0.653': attribute type 10 has an invalid length.
[  179.409954][ T6100] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.646: bg 0: block 234: padding at end of block bitmap is not set
[  179.447911][ T6120] netlink: 24 bytes leftover after parsing attributes in process `syz.1.651'.
[  179.667522][ T6100] EXT4-fs (loop3): Remounting filesystem read-only
[  180.859738][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  181.447114][ T6138] random: crng reseeded on system resumption
[  184.865709][   T26] kauditd_printk_skb: 33 callbacks suppressed
[  184.865727][   T26] audit: type=1326 audit(1737938709.528:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.3.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  184.994609][   T26] audit: type=1326 audit(1737938709.528:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.3.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  185.017273][   T26] audit: type=1326 audit(1737938709.528:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.3.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  186.680234][   T26] audit: type=1326 audit(1737938709.528:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.3.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  186.984560][   T26] audit: type=1326 audit(1737938709.528:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.3.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  186.985717][   T26] audit: type=1326 audit(1737938709.528:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.3.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  186.986167][   T26] audit: type=1326 audit(1737938709.528:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.3.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  187.075140][ T6161] netlink: 'syz.0.668': attribute type 10 has an invalid length.
[  187.282731][ T6172] loop1: detected capacity change from 0 to 2048
[  187.496199][ T6172] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  188.260652][ T6172] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.669: bg 0: block 234: padding at end of block bitmap is not set
[  188.284342][ T6172] EXT4-fs (loop1): Remounting filesystem read-only
[  188.557890][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  188.897109][ T6198] random: crng reseeded on system resumption
[  192.754304][ T6221] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  192.815260][ T6225] netlink: 'syz.2.682': attribute type 10 has an invalid length.
[  193.062737][ T6232] loop1: detected capacity change from 0 to 2048
[  193.271995][ T4299] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  193.299514][ T6232] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  194.183654][ T6232] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.687: bg 0: block 234: padding at end of block bitmap is not set
[  194.206963][ T4299] usb 5-1: Using ep0 maxpacket: 32
[  194.215689][ T4299] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  194.236918][ T4299] usb 5-1: config 0 has no interface number 0
[  194.249451][ T6232] EXT4-fs (loop1): Remounting filesystem read-only
[  194.268590][ T4299] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  194.287028][ T4299] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.295077][ T4299] usb 5-1: Product: syz
[  194.314829][ T4299] usb 5-1: Manufacturer: syz
[  194.315153][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  194.320034][ T4299] usb 5-1: SerialNumber: syz
[  194.333110][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  194.385420][ T4299] usb 5-1: config 0 descriptor??
[  194.415336][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  194.450196][ T4299] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  195.437177][ T6256] random: crng reseeded on system resumption
[  196.232039][ T4299] usb 5-1: qt2_attach - failed to power on unit: -71
[  196.255769][ T4299] quatech2: probe of 5-1:0.51 failed with error -71
[  196.354908][ T4299] usb 5-1: USB disconnect, device number 3
[  196.377903][ T6259] binder: 6258:6259 unknown command 1074553620
[  196.387117][ T4268] Bluetooth: hci0: command 0x0406 tx timeout
[  196.392209][ T6259] binder: 6258:6259 ioctl c0306201 200002c0 returned -22
[  196.396998][ T4268] Bluetooth: hci3: command 0x0406 tx timeout
[  196.400291][ T4263] Bluetooth: hci2: command 0x0406 tx timeout
[  196.407244][ T4259] Bluetooth: hci1: command 0x0406 tx timeout
[  196.892206][ T6275] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  196.906856][ T6275] netlink: 'syz.1.699': attribute type 10 has an invalid length.
[  197.849808][ T6281] loop4: detected capacity change from 0 to 2048
[  197.956185][ T6281] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  198.146372][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  199.641338][ T6318] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  199.668895][ T6318] netlink: 'syz.0.714': attribute type 10 has an invalid length.
[  199.718244][ T6322] netlink: 16 bytes leftover after parsing attributes in process `syz.2.716'.
[  199.946838][ T4298] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  200.049928][ T6331] loop1: detected capacity change from 0 to 2048
[  200.107099][ T6331] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  200.166848][ T4298] usb 5-1: Using ep0 maxpacket: 32
[  200.174562][ T4298] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  200.185519][ T4298] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  200.194717][ T4298] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.968751][ T4298] usb 5-1: config 0 descriptor??
[  200.975780][ T6321] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  201.006520][ T4298] hub 5-1:0.0: bad descriptor, ignoring hub
[  201.019076][ T4298] hub: probe of 5-1:0.0 failed with error -5
[  201.058710][ T4298] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  201.256082][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  203.019256][ T6360] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  203.051438][ T6360] netlink: 'syz.3.728': attribute type 10 has an invalid length.
[  203.150463][    T7] usb 5-1: USB disconnect, device number 4
[  204.545672][ T6379] loop2: detected capacity change from 0 to 2048
[  204.673888][ T6379] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  204.894317][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  205.901365][ T6394] binder: 6393:6394 ioctl 4018620d 0 returned -22
[  205.929527][ T6396] input: syz0 as /devices/virtual/input/input8
[  208.232425][ T6406] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  208.267424][ T6406] netlink: 'syz.2.743': attribute type 10 has an invalid length.
[  208.407451][ T6414] netlink: 'syz.1.744': attribute type 11 has an invalid length.
[  209.776264][ T4263] Bluetooth: hci4: link tx timeout
[  209.782139][ T4263] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  209.791453][ T4263] Bluetooth: hci4: link tx timeout
[  209.798296][ T4263] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  211.869004][ T4263] Bluetooth: hci4: command 0x0406 tx timeout
[  214.113386][ T6457] netlink: 'syz.4.758': attribute type 11 has an invalid length.
[  218.325628][ T6492] loop2: detected capacity change from 0 to 2048
[  218.374425][ T6492] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  218.558030][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  220.034533][ T6514] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  220.071829][ T6514] netlink: 'syz.3.782': attribute type 10 has an invalid length.
[  221.806944][   T22] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  222.019165][   T22] usb 1-1: config 0 has an invalid interface number: 225 but max is 0
[  222.055573][   T22] usb 1-1: config 0 has no interface number 0
[  222.064868][   T22] usb 1-1: New USB device found, idVendor=9846, idProduct=9041, bcdDevice=e1.cb
[  222.084345][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.094686][   T22] usb 1-1: Product: syz
[  222.108805][   T22] usb 1-1: Manufacturer: syz
[  222.141037][   T22] usb 1-1: SerialNumber: syz
[  222.225748][   T22] usb 1-1: config 0 descriptor??
[  222.477704][   T22] usb 1-1: USB disconnect, device number 2
[  225.795586][ T6564] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  240.031571][ T6679] input: syz0 as /devices/virtual/input/input9
[  244.222671][ T6727] loop3: detected capacity change from 0 to 2048
[  246.649519][ T6727] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  247.588439][ T6739] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  247.744314][ T6727] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.855: bg 0: block 234: padding at end of block bitmap is not set
[  247.879926][ T6739] EXT4-fs (loop3): Remounting filesystem read-only
[  247.911729][ T6727] EXT4-fs (loop3): Remounting filesystem read-only
[  248.315521][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  250.318597][ T6763] input: syz0 as /devices/virtual/input/input10
[  252.095810][ T6784] loop3: detected capacity change from 0 to 2048
[  253.627109][ T6784] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  253.906167][ T6784] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.862: bg 0: block 234: padding at end of block bitmap is not set
[  254.043270][ T6784] EXT4-fs (loop3): Remounting filesystem read-only
[  254.712191][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  256.558008][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  256.564447][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  256.923644][ T6838] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  258.243963][ T6851] loop3: detected capacity change from 0 to 2048
[  258.354665][ T6851] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  259.080503][ T6851] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.880: bg 0: block 234: padding at end of block bitmap is not set
[  259.224251][ T6851] EXT4-fs (loop3): Remounting filesystem read-only
[  259.339508][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  260.884423][ T6891] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  261.894619][ T6907] loop2: detected capacity change from 0 to 2048
[  262.040031][ T6907] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  262.063278][ T4304] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.186246][ T4304] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.282479][ T4304] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.316851][ T6917] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  262.377287][ T6917] EXT4-fs (loop2): Remounting filesystem read-only
[  262.408581][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  262.418832][ T4304] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.433358][ T4259] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  262.450365][ T4259] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  262.478144][ T4259] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  262.658782][ T4259] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  262.699205][ T4268] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  262.706901][ T4268] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  263.538935][ T4304] tipc: Left network mode
[  264.137891][ T6950] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  264.805396][ T4263] Bluetooth: hci0: command 0x0409 tx timeout
[  264.959429][ T6954] netlink: 'syz.1.904': attribute type 10 has an invalid length.
[  264.988428][ T6954] bond0: (slave netdevsim0): no link monitoring support
[  264.996656][ T6954] bond0: (slave netdevsim0): MII and ETHTOOL support not available for slave, and arp_interval/arp_ip_target module parameters not specified, thus bonding will not detect link failures! see bonding.txt for details
[  265.025429][ T6954] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  265.062839][ T6957] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  266.601641][ T6974] loop2: detected capacity change from 0 to 2048
[  266.725948][ T6974] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  266.868929][ T4259] Bluetooth: hci0: command 0x041b tx timeout
[  267.101528][ T6974] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.909: bg 0: block 234: padding at end of block bitmap is not set
[  267.117489][ T6974] EXT4-fs (loop2): Remounting filesystem read-only
[  268.946970][ T4259] Bluetooth: hci0: command 0x040f tx timeout
[  269.305156][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  270.058946][ T6927] chnl_net:caif_netlink_parms(): no params data found
[  270.393317][ T7016] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  270.607011][ T6970] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  270.750473][ T6927] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.776460][ T6927] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.818840][ T6927] device bridge_slave_0 entered promiscuous mode
[  270.903085][ T7030] loop1: detected capacity change from 0 to 2048
[  270.926857][ T6970] usb 3-1: Using ep0 maxpacket: 16
[  270.936647][ T6970] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  270.956862][ T6970] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  270.996004][ T6970] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  271.206058][ T4259] Bluetooth: hci0: command 0x0419 tx timeout
[  271.780697][ T6970] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  271.865182][ T7030] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  271.907666][ T6970] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.915868][ T6970] usb 3-1: Product: syz
[  271.991618][ T6970] usb 3-1: Manufacturer: syz
[  272.020153][ T6970] usb 3-1: SerialNumber: syz
[  272.102405][ T7030] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.922: bg 0: block 234: padding at end of block bitmap is not set
[  272.120733][ T7030] EXT4-fs (loop1): Remounting filesystem read-only
[  272.265361][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  272.280601][ T6927] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.303893][ T6927] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.314512][ T7046] hugetlbfs: syz.4.924 (7046): Using mlock ulimits for SHM_HUGETLB is obsolete
[  272.332138][ T6927] device bridge_slave_1 entered promiscuous mode
[  272.388205][ T7034] 
: renamed from ipvlan1
[  272.463572][ T6927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  272.585158][ T6970] usb 3-1: 0:2 : does not exist
[  272.679282][ T6927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  272.747188][ T7059] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  272.787780][ T4304] device hsr_slave_0 left promiscuous mode
[  272.804722][ T4304] device bridge_slave_1 left promiscuous mode
[  272.819250][ T4304] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.901425][ T4304] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.000099][ T4304] device veth1_macvtap left promiscuous mode
[  273.010158][ T4304] device veth0_macvtap left promiscuous mode
[  273.030176][ T4304] device veth1_vlan left promiscuous mode
[  273.043853][ T4304] device veth0_vlan left promiscuous mode
[  273.293689][ T4304] bond2 (unregistering): Released all slaves
[  273.317307][ T4304] bond1 (unregistering): Released all slaves
[  273.402406][ T4304] team0 (unregistering): Port device geneve0 removed
[  274.298716][ T6970] usb 3-1: 1:0: failed to get current value for ch 0 (-22)
[  274.336354][ T6970] usb 3-1: USB disconnect, device number 2
[  274.406828][ T4334] udevd[4334]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  275.718391][ T7084] loop2: detected capacity change from 0 to 2048
[  275.759997][ T4304] team0 (unregistering): Port device team_slave_1 removed
[  275.819963][ T7084] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  275.937216][ T7081] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.934: bg 0: block 234: padding at end of block bitmap is not set
[  275.957357][ T4304] team0 (unregistering): Port device team_slave_0 removed
[  275.972118][ T7081] EXT4-fs (loop2): Remounting filesystem read-only
[  276.077857][ T4304] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  276.094727][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  276.233085][ T4304] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  277.150071][ T4304] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  277.159569][ T4304] bond0 (unregistering): Released all slaves
[  277.389968][ T7098] ISOFS: Unable to identify CD-ROM format.
[  278.457080][   T26] audit: type=1326 audit(1737938803.128:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7102 comm="syz.3.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  278.479270][    C1] vkms_vblank_simulate: vblank timer overrun
[  278.535609][   T26] audit: type=1326 audit(1737938803.168:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7102 comm="syz.3.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=102 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  278.610810][   T26] audit: type=1326 audit(1737938803.168:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7102 comm="syz.3.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  278.662658][   T26] audit: type=1326 audit(1737938803.168:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7102 comm="syz.3.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  278.688996][   T26] audit: type=1326 audit(1737938803.168:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7102 comm="syz.3.938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089ed8cd29 code=0x7ffc0000
[  278.711180][    C1] vkms_vblank_simulate: vblank timer overrun
[  278.809892][ T6927] team0: Port device team_slave_0 added
[  278.860333][ T7108] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  278.891770][ T6927] team0: Port device team_slave_1 added
[  279.040081][ T6927] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.070580][ T6927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.181048][ T7118] loop4: detected capacity change from 0 to 2048
[  279.229207][ T7118] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  279.288686][ T6927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.301828][ T6927] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.308893][ T6927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.334908][ T6927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  279.352458][ T7120] netlink: 'syz.3.942': attribute type 10 has an invalid length.
[  279.389207][ T7120] bond0: (slave netdevsim0): no link monitoring support
[  279.526600][ T7120] bond0: (slave netdevsim0): MII and ETHTOOL support not available for slave, and arp_interval/arp_ip_target module parameters not specified, thus bonding will not detect link failures! see bonding.txt for details
[  280.218577][ T7120] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  280.315522][ T7118] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.944: bg 0: block 234: padding at end of block bitmap is not set
[  280.371687][ T7118] EXT4-fs (loop4): Remounting filesystem read-only
[  280.402522][ T6927] device hsr_slave_0 entered promiscuous mode
[  280.416222][ T6927] device hsr_slave_1 entered promiscuous mode
[  280.808326][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  281.252742][ T6927] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  281.301663][ T6927] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  281.341324][ T6927] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  281.414859][ T6927] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  281.540158][ T7157] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  281.724059][ T6927] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.379076][ T5720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  282.397875][ T5720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  282.415241][ T6927] 8021q: adding VLAN 0 to HW filter on device team0
[  282.535720][ T6927] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  282.569855][ T6927] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  282.601938][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  282.640767][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  283.669232][ T7163] syz.4.955 uses obsolete (PF_INET,SOCK_PACKET)
[  283.698262][ T6054] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.706623][ T6054] bridge0: port 1(bridge_slave_0) entered forwarding state
[  283.723649][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  283.735348][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  283.744679][ T6054] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.751879][ T6054] bridge0: port 2(bridge_slave_1) entered forwarding state
[  283.812995][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  283.825231][ T7178] loop2: detected capacity change from 0 to 2048
[  283.857687][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  283.878975][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  283.903059][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  283.928771][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  283.937750][ T7178] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  283.957963][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  283.988474][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  284.008037][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  284.018568][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  284.035172][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  284.050216][ T7178] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.958: bg 0: block 234: padding at end of block bitmap is not set
[  284.100277][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  284.132208][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  284.150984][ T7178] EXT4-fs (loop2): Remounting filesystem read-only
[  284.158970][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  284.295968][ T7190] netlink: 'syz.4.959': attribute type 10 has an invalid length.
[  284.372765][ T7190] bond0: (slave netdevsim0): no link monitoring support
[  284.417010][ T7190] bond0: (slave netdevsim0): MII and ETHTOOL support not available for slave, and arp_interval/arp_ip_target module parameters not specified, thus bonding will not detect link failures! see bonding.txt for details
[  284.440344][ T7190] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  284.473790][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  284.567410][ T7193] overlayfs: missing 'lowerdir'
[  287.153634][ T5700] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  287.184431][ T5700] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  287.233424][ T6927] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.308054][ T7219] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  287.820137][ T7231] loop4: detected capacity change from 0 to 2048
[  287.851512][ T7239] netlink: 'syz.1.972': attribute type 10 has an invalid length.
[  288.183550][ T7231] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  288.526851][   T27] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  288.627275][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  288.717150][   T27] usb 3-1: Using ep0 maxpacket: 16
[  288.727503][   T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7
[  288.825518][   T27] usb 3-1: New USB device found, idVendor=0d46, idProduct=0081, bcdDevice=19.82
[  288.826383][ T7257] netlink: 12 bytes leftover after parsing attributes in process `syz.1.975'.
[  288.845048][   T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.865348][   T27] usb 3-1: Product: syz
[  288.871402][   T27] usb 3-1: Manufacturer: syz
[  288.885795][   T27] usb 3-1: SerialNumber: syz
[  289.043538][   T27] usb 3-1: config 0 descriptor??
[  289.058501][   T27] kobil_sct 3-1:0.0: KOBIL USB smart card terminal converter detected
[  289.073980][   T27] usb 3-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  289.962245][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  290.001098][ T6054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  290.282985][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  290.446589][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  290.740387][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  290.813762][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  290.858610][ T6927] device veth0_vlan entered promiscuous mode
[  290.882322][ T7271] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  290.995066][ T6927] device veth1_vlan entered promiscuous mode
[  291.268100][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  291.302510][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  291.335265][ T6927] device veth0_macvtap entered promiscuous mode
[  291.388282][ T6927] device veth1_macvtap entered promiscuous mode
[  291.453742][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  291.483827][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.504076][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  291.525077][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.539185][   T27] usb 3-1: USB disconnect, device number 3
[  291.541637][ T7290] loop4: detected capacity change from 0 to 2048
[  291.573952][ T6927] batman_adv: batadv0: Interface activated: batadv_slave_0
[  291.578486][   T27] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  291.625768][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  291.638975][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  291.657771][ T7290] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  291.676080][   T27] kobil_sct 3-1:0.0: device disconnected
[  291.701734][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  291.742801][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  291.770113][ T7290] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.983: bg 0: block 234: padding at end of block bitmap is not set
[  291.807642][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  291.823382][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.845923][ T7290] EXT4-fs (loop4): Remounting filesystem read-only
[  291.853703][ T6927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  291.918072][ T6927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.955674][ T6927] batman_adv: batadv0: Interface activated: batadv_slave_1
[  292.027209][ T7298] netlink: 'syz.1.984': attribute type 10 has an invalid length.
[  292.041014][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  292.054976][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  292.118145][ T6927] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  292.135333][ T6927] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  292.160461][ T6927] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  292.173536][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  292.377849][ T6927] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.520522][ T4304] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.559842][ T4304] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.617937][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  295.641628][ T4304] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.660809][ T4304] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.697541][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  297.114647][ T7339] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  297.699600][ T7352] netlink: 'syz.5.996': attribute type 10 has an invalid length.
[  297.776408][ T7352] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  297.787589][ T7353] loop4: detected capacity change from 0 to 2048
[  297.903352][ T7353] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  298.426975][   T27] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  298.842108][ T7356] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  298.897557][ T7356] EXT4-fs (loop4): Remounting filesystem read-only
[  299.066837][   T27] usb 2-1: Using ep0 maxpacket: 32
[  299.080915][   T27] usb 2-1: config 0 has an invalid interface number: 89 but max is 0
[  299.096455][ T4254] EXT4-fs (loop4): unmounting filesystem.
[  299.132421][   T27] usb 2-1: config 0 has no interface number 0
[  299.181564][   T27] usb 2-1: New USB device found, idVendor=12d1, idProduct=7ef3, bcdDevice=54.68
[  299.220541][   T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.259063][   T27] usb 2-1: Product: syz
[  299.265668][   T27] usb 2-1: Manufacturer: syz
[  299.294021][   T27] usb 2-1: SerialNumber: syz
[  299.326490][   T27] usb 2-1: config 0 descriptor??
[  299.352942][   T27] hub 2-1:0.89: bad descriptor, ignoring hub
[  299.379868][   T27] hub: probe of 2-1:0.89 failed with error -5
[  299.412367][   T27] option 2-1:0.89: GSM modem (1-port) converter detected
[  300.537740][ T7396] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  301.007078][   T27] usb 2-1: USB disconnect, device number 3
[  301.048056][   T27] option 2-1:0.89: device disconnected
[  301.413490][ T7408] loop1: detected capacity change from 0 to 2048
[  301.665556][ T7408] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  301.895445][ T7408] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1010: bg 0: block 234: padding at end of block bitmap is not set
[  301.997694][ T7408] EXT4-fs (loop1): Remounting filesystem read-only
[  302.988622][ T4265] EXT4-fs (loop1): unmounting filesystem.
[  303.759956][ T7443] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  307.580413][ T7469] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  307.644046][ T7474] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  307.938535][   T14] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  308.127016][   T14] usb 5-1: Using ep0 maxpacket: 16
[  308.144543][   T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7
[  308.203982][ T7473] loop3: detected capacity change from 0 to 2048
[  308.715786][   T14] usb 5-1: New USB device found, idVendor=0d46, idProduct=0081, bcdDevice=19.82
[  308.836812][ T7473] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  308.877251][   T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.885315][   T14] usb 5-1: Product: syz
[  308.914861][   T14] usb 5-1: Manufacturer: syz
[  309.071270][   T14] usb 5-1: SerialNumber: syz
[  309.349005][   T26] audit: type=1800 audit(1737938833.998:392): pid=7493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1028" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  310.258608][   T14] usb 5-1: config 0 descriptor??
[  310.461073][ T7473] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1026: bg 0: block 234: padding at end of block bitmap is not set
[  310.469827][   T14] kobil_sct 5-1:0.0: KOBIL USB smart card terminal converter detected
[  310.616038][ T7473] EXT4-fs (loop3): Remounting filesystem read-only
[  310.655769][   T14] usb 5-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  310.662083][ T7497] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  310.705960][   T14] usb 5-1: USB disconnect, device number 5
[  310.747552][   T14] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  310.782625][   T14] kobil_sct 5-1:0.0: device disconnected
[  310.884015][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  314.861845][ T7550] loop2: detected capacity change from 0 to 2048
[  315.068935][ T7550] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  315.157120][ T7550] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1041: bg 0: block 234: padding at end of block bitmap is not set
[  315.767509][ T7550] EXT4-fs (loop2): Remounting filesystem read-only
[  316.436540][ T7569] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  316.502445][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  317.200126][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  317.206566][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  318.157035][   T14] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  318.588559][   T14] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  318.604496][   T14] usb 3-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  318.746994][ T4263] Bluetooth: hci0: link tx timeout
[  318.757073][ T4263] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  319.322083][   T14] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.332866][   T14] usb 3-1: config 0 descriptor??
[  319.753590][   T14] hid-generic 0003:28DE:1205.0002: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.2-1/input0
[  319.916904][ T4263] Bluetooth: hci0: link tx timeout
[  319.922508][ T4263] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  320.662810][   T14] usb 3-1: USB disconnect, device number 4
[  320.797051][ T4263] Bluetooth: hci0: command 0x0406 tx timeout
[  321.582688][ T7624] loop2: detected capacity change from 0 to 2048
[  321.618147][ T7624] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  321.709739][ T7624] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1056: bg 0: block 234: padding at end of block bitmap is not set
[  321.872376][ T7624] EXT4-fs (loop2): Remounting filesystem read-only
[  321.955427][    T7] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  321.972830][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  322.887405][    T7] usb 5-1: Using ep0 maxpacket: 32
[  322.915030][    T7] usb 5-1: config 129 has an invalid interface number: 188 but max is 0
[  322.963657][    T7] usb 5-1: config 129 has no interface number 0
[  322.991714][    T7] usb 5-1: config 129 interface 188 has no altsetting 0
[  323.020514][    T7] usb 5-1: New USB device found, idVendor=5986, idProduct=1172, bcdDevice=aa.e3
[  323.040388][    T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.062585][    T7] usb 5-1: Product: syz
[  323.072098][    T7] usb 5-1: Manufacturer: syz
[  323.084274][    T7] usb 5-1: SerialNumber: syz
[  324.192163][    T7] usb 5-1: Found UVC 0.00 device syz (5986:1172)
[  324.239102][    T7] usb 5-1: No valid video chain found.
[  324.284412][    T7] usb 5-1: USB disconnect, device number 6
[  325.452044][ T4263] Bluetooth: hci0: link tx timeout
[  325.457470][ T4263] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  334.363127][ T7738] netlink: 'syz.2.1085': attribute type 10 has an invalid length.
[  334.663896][ T7738] bond0: (slave netdevsim0): no link monitoring support
[  334.748918][ T7738] bond0: (slave netdevsim0): MII and ETHTOOL support not available for slave, and arp_interval/arp_ip_target module parameters not specified, thus bonding will not detect link failures! see bonding.txt for details
[  334.868299][ T7738] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  337.574788][ T7797] netlink: 'syz.3.1100': attribute type 10 has an invalid length.
[  338.331023][ T7808] netlink: 'syz.3.1113': attribute type 10 has an invalid length.
[  343.716762][ T7729] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  343.916806][ T7729] usb 6-1: Using ep0 maxpacket: 16
[  343.924760][ T7729] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  343.935982][ T7729] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  343.946959][ T7729] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  343.957947][ T7729] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  344.833497][ T7729] usb 6-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b
[  344.857670][ T7729] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  344.866144][ T7729] usb 6-1: Product: syz
[  344.870936][ T7729] usb 6-1: Manufacturer: syz
[  344.875828][ T7729] usb 6-1: SerialNumber: syz
[  347.014724][ T7729] usb 6-1: config 0 descriptor??
[  347.317117][ T7729] usb 6-1: can't set config #0, error -71
[  347.329338][ T7729] usb 6-1: USB disconnect, device number 2
[  347.566919][  T129] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  347.760690][  T129] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  347.791570][  T129] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  349.577130][  T129] usb 4-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  349.636843][  T129] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.671540][  T129] usb 4-1: config 0 descriptor??
[  351.794058][  T129] hid-led 0003:0FC5:B080.0003: unknown main item tag 0x1
[  351.801318][  T129] hid-led 0003:0FC5:B080.0003: unbalanced collection at end of report description
[  351.811862][  T129] hid-led: probe of 0003:0FC5:B080.0003 failed with error -22
[  352.147422][   T22] usb 4-1: USB disconnect, device number 2
[  353.241227][ T7929] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  354.372726][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  354.824086][ T7929] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  359.593398][ T5621] bond0: (slave netdevsim0): link status definitely down, disabling slave
[  359.918801][ T7994] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  359.970710][ T7999] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  363.405801][ T7742] bond0: (slave bridge0): link status definitely down, disabling slave
[  363.543863][ T7742] bond0: (slave netdevsim0): link status definitely down, disabling slave
[  368.444420][ T8125] ISOFS: Unable to identify CD-ROM format.
[  372.913486][ T8177] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gretap0, syncid = 4, id = 0
[  372.934526][ T8178] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gretap0, syncid = 4, id = 1
[  372.956032][ T8180] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gretap0, syncid = 4, id = 2
[  372.974667][ T8181] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gretap0, syncid = 4, id = 3
[  375.353555][ T8193] syz.3.1203 (8193) used greatest stack depth: 17344 bytes left
[  375.827265][    C0] ------------[ cut here ]------------
[  375.832833][    C0] WARNING: CPU: 0 PID: 8209 at net/mac80211/tx.c:4934 __ieee80211_beacon_get+0x1abc/0x2110
[  375.843106][    C0] Modules linked in:
[  375.847148][    C0] CPU: 0 PID: 8209 Comm: syz.3.1207 Not tainted 6.1.127-syzkaller #0
[  375.855313][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  375.865522][    C0] RIP: 0010:__ieee80211_beacon_get+0x1abc/0x2110
[  375.871999][    C0] Code: ff ff ff e8 a6 7f 50 f7 0f 0b 48 8b 7c 24 20 e8 ea 31 66 fe e9 6f e8 ff ff e8 90 7f 50 f7 0f 0b e9 92 ed ff ff e8 84 7f 50 f7 <0f> 0b e9 26 f1 ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c fc e8
[  375.892051][    C0] RSP: 0018:ffffc90000007820 EFLAGS: 00010246
[  375.898155][    C0] RAX: ffffffff8a3a1d1c RBX: 0000000000000000 RCX: ffff88807a625940
[  375.906132][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  375.914136][    C0] RBP: ffffc90000007a30 R08: ffffffff8a3a0e3c R09: ffffffff8a3a0642
[  375.922138][    C0] R10: 0000000000000003 R11: ffff88807a625940 R12: dffffc0000000000
[  375.930146][    C0] R13: 1ffff92000000f1c R14: ffff888056886258 R15: ffffffff8a3a0310
[  375.938151][    C0] FS:  00007f089fc6b6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  375.947105][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  375.953692][    C0] CR2: 000000110c4122eb CR3: 000000001ea87000 CR4: 00000000003506f0
[  375.961721][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  375.969742][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  375.977758][    C0] Call Trace:
[  375.981048][    C0]  <IRQ>
[  375.983889][    C0]  ? __warn+0x15a/0x520
[  375.988075][    C0]  ? __ieee80211_beacon_get+0x1abc/0x2110
[  375.993806][    C0]  ? report_bug+0x2af/0x500
[  375.998334][    C0]  ? __ieee80211_beacon_get+0x1abc/0x2110
[  376.004065][    C0]  ? handle_bug+0x3d/0x70
[  376.008433][    C0]  ? exc_invalid_op+0x16/0x40
[  376.013106][    C0]  ? asm_exc_invalid_op+0x16/0x20
[  376.018162][    C0]  ? __ieee80211_beacon_get+0xb0/0x2110
[  376.023756][    C0]  ? __ieee80211_beacon_get+0x3e2/0x2110
[  376.029505][    C0]  ? __ieee80211_beacon_get+0xbdc/0x2110
[  376.035148][    C0]  ? __ieee80211_beacon_get+0x1abc/0x2110
[  376.040934][    C0]  ? __ieee80211_beacon_get+0x1abc/0x2110
[  376.046722][    C0]  ? print_irqtrace_events+0x210/0x210
[  376.052283][    C0]  ? __ieee80211_beacon_get+0xb0/0x2110
[  376.057866][    C0]  ? ieee80211_beacon_get_template+0x30/0x30
[  376.063852][    C0]  ? __lock_acquire+0x125b/0x1f80
[  376.068938][    C0]  ? mark_lock+0x9a/0x340
[  376.073305][    C0]  ? __lock_acquire+0x125b/0x1f80
[  376.078465][    C0]  ieee80211_beacon_get_tim+0xb1/0x5d0
[  376.083962][    C0]  ? __ieee80211_beacon_get+0x2110/0x2110
[  376.089728][    C0]  mac80211_hwsim_beacon_tx+0x1d2/0xaa0
[  376.095314][    C0]  __iterate_interfaces+0x21e/0x4b0
[  376.100586][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x340/0x340
[  376.106884][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x340/0x340
[  376.113177][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x26/0x170
[  376.120441][    C0]  ieee80211_iterate_active_interfaces_atomic+0xd4/0x170
[  376.127490][    C0]  mac80211_hwsim_beacon+0xd0/0x1e0
[  376.132698][    C0]  ? hw_scan_work+0xf20/0xf20
[  376.137414][    C0]  __hrtimer_run_queues+0x5e5/0xe50
[  376.142659][    C0]  ? hrtimer_interrupt+0x980/0x980
[  376.147803][    C0]  ? ktime_get_update_offsets_now+0x407/0x420
[  376.153892][    C0]  hrtimer_run_softirq+0x196/0x2c0
[  376.159044][    C0]  handle_softirqs+0x2ee/0xa40
[  376.163826][    C0]  ? __irq_exit_rcu+0x157/0x240
[  376.168717][    C0]  ? do_softirq+0x240/0x240
[  376.173234][    C0]  ? irqtime_account_irq+0xd0/0x1e0
[  376.178463][    C0]  __irq_exit_rcu+0x157/0x240
[  376.183152][    C0]  ? irq_exit_rcu+0x20/0x20
[  376.187702][    C0]  irq_exit_rcu+0x5/0x20
[  376.191952][    C0]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  376.197622][    C0]  </IRQ>
[  376.200579][    C0]  <TASK>
[  376.203539][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  376.209583][    C0] RIP: 0010:lock_acquire+0x26f/0x5a0
[  376.214883][    C0] Code: 2b 00 74 08 4c 89 f7 e8 ff 8b 77 00 f6 44 24 61 02 0f 85 84 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  376.234538][    C0] RSP: 0018:ffffc90004227640 EFLAGS: 00000206
[  376.240672][    C0] RAX: 0000000000000001 RBX: 1ffff92000844ed4 RCX: ffffffff816b5eb2
[  376.248693][    C0] RDX: dffffc0000000000 RSI: ffffffff8b0c14c0 RDI: ffffffff8b5e67c0
[  376.256766][    C0] RBP: ffffc90004227798 R08: dffffc0000000000 R09: fffffbfff224a04d
[  376.264797][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000844ed0
[  376.272879][    C0] R13: dffffc0000000000 R14: ffffc900042276a0 R15: 0000000000000246
[  376.280891][    C0]  ? validate_chain+0x112/0x5950
[  376.285885][    C0]  ? read_lock_is_recursive+0x10/0x10
[  376.291323][    C0]  ? do_raw_spin_unlock+0x137/0x8a0
[  376.296595][    C0]  ? PageHeadHuge+0x8e/0x1c0
[  376.301272][    C0]  ? shmem_fault+0x36d/0x9c0
[  376.306060][    C0]  _raw_spin_lock+0x2a/0x40
[  376.310645][    C0]  ? finish_fault+0x47d/0xa30
[  376.315383][    C0]  finish_fault+0x47d/0xa30
[  376.319941][    C0]  ? do_set_pte+0x590/0x590
[  376.324485][    C0]  ? __do_fault+0x2a6/0x4f0
[  376.329100][    C0]  handle_mm_fault+0x3436/0x5340
[  376.334061][    C0]  ? follow_page_pte+0x39c/0x1880
[  376.339157][    C0]  ? numa_migrate_prep+0x250/0x250
[  376.344330][    C0]  ? follow_page_mask+0xb8a/0x1420
[  376.349530][    C0]  ? check_vma_flags+0x440/0x4d0
[  376.354491][    C0]  __get_user_pages+0x4f3/0x1190
[  376.359492][    C0]  ? populate_vma_page_range+0x2b0/0x2b0
[  376.365170][    C0]  populate_vma_page_range+0x217/0x2b0
[  376.370667][    C0]  __mm_populate+0x275/0x440
[  376.375296][    C0]  ? check_vma_flags+0x4d0/0x4d0
[  376.380281][    C0]  vm_mmap_pgoff+0x22b/0x2d0
[  376.384915][    C0]  ? account_locked_vm+0xe0/0xe0
[  376.389910][    C0]  ? syscall_enter_from_user_mode+0x2e/0x230
[  376.395942][    C0]  ? ksys_mmap_pgoff+0xd8/0x6d0
[  376.400893][    C0]  do_syscall_64+0x3b/0xb0
[  376.405307][    C0]  ? clear_bhb_loop+0x45/0xa0
[  376.410015][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  376.415950][    C0] RIP: 0033:0x7f089ed8cd29
[  376.420413][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.440122][    C0] RSP: 002b:00007f089fc6b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  376.448656][    C0] RAX: ffffffffffffffda RBX: 00007f089efa5fa0 RCX: 00007f089ed8cd29
[  376.456636][    C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[  376.464682][    C0] RBP: 00007f089ee0e2a0 R08: ffffffffffffffff R09: 0000000000000000
[  376.472741][    C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  376.480785][    C0] R13: 0000000000000000 R14: 00007f089efa5fa0 R15: 00007ffdde8c59a8
[  376.488867][    C0]  </TASK>
[  376.491910][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  376.499191][    C0] CPU: 0 PID: 8209 Comm: syz.3.1207 Not tainted 6.1.127-syzkaller #0
[  376.507249][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  376.517319][    C0] Call Trace:
[  376.520597][    C0]  <IRQ>
[  376.523436][    C0]  dump_stack_lvl+0x1e3/0x2cb
[  376.528128][    C0]  ? nf_tcp_handle_invalid+0x642/0x642
[  376.533614][    C0]  ? panic+0x764/0x764
[  376.538030][    C0]  ? 0xffffffffa0000964
[  376.542193][    C0]  ? vscnprintf+0x59/0x80
[  376.546527][    C0]  panic+0x318/0x764
[  376.550463][    C0]  ? __warn+0x169/0x520
[  376.554658][    C0]  ? memcpy_page_flushcache+0xfc/0xfc
[  376.560094][    C0]  __warn+0x348/0x520
[  376.564090][    C0]  ? __ieee80211_beacon_get+0x1abc/0x2110
[  376.569821][    C0]  report_bug+0x2af/0x500
[  376.574148][    C0]  ? __ieee80211_beacon_get+0x1abc/0x2110
[  376.579871][    C0]  handle_bug+0x3d/0x70
[  376.584019][    C0]  exc_invalid_op+0x16/0x40
[  376.588517][    C0]  asm_exc_invalid_op+0x16/0x20
[  376.593376][    C0] RIP: 0010:__ieee80211_beacon_get+0x1abc/0x2110
[  376.599724][    C0] Code: ff ff ff e8 a6 7f 50 f7 0f 0b 48 8b 7c 24 20 e8 ea 31 66 fe e9 6f e8 ff ff e8 90 7f 50 f7 0f 0b e9 92 ed ff ff e8 84 7f 50 f7 <0f> 0b e9 26 f1 ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c fc e8
[  376.619329][    C0] RSP: 0018:ffffc90000007820 EFLAGS: 00010246
[  376.625393][    C0] RAX: ffffffff8a3a1d1c RBX: 0000000000000000 RCX: ffff88807a625940
[  376.633365][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  376.641338][    C0] RBP: ffffc90000007a30 R08: ffffffff8a3a0e3c R09: ffffffff8a3a0642
[  376.649325][    C0] R10: 0000000000000003 R11: ffff88807a625940 R12: dffffc0000000000
[  376.657332][    C0] R13: 1ffff92000000f1c R14: ffff888056886258 R15: ffffffff8a3a0310
[  376.665347][    C0]  ? __ieee80211_beacon_get+0xb0/0x2110
[  376.670959][    C0]  ? __ieee80211_beacon_get+0x3e2/0x2110
[  376.676604][    C0]  ? __ieee80211_beacon_get+0xbdc/0x2110
[  376.682243][    C0]  ? __ieee80211_beacon_get+0x1abc/0x2110
[  376.687982][    C0]  ? print_irqtrace_events+0x210/0x210
[  376.693451][    C0]  ? __ieee80211_beacon_get+0xb0/0x2110
[  376.699011][    C0]  ? ieee80211_beacon_get_template+0x30/0x30
[  376.704997][    C0]  ? __lock_acquire+0x125b/0x1f80
[  376.710033][    C0]  ? mark_lock+0x9a/0x340
[  376.714375][    C0]  ? __lock_acquire+0x125b/0x1f80
[  376.719417][    C0]  ieee80211_beacon_get_tim+0xb1/0x5d0
[  376.724892][    C0]  ? __ieee80211_beacon_get+0x2110/0x2110
[  376.730636][    C0]  mac80211_hwsim_beacon_tx+0x1d2/0xaa0
[  376.736221][    C0]  __iterate_interfaces+0x21e/0x4b0
[  376.741453][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x340/0x340
[  376.747724][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x340/0x340
[  376.753981][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x26/0x170
[  376.761183][    C0]  ieee80211_iterate_active_interfaces_atomic+0xd4/0x170
[  376.768212][    C0]  mac80211_hwsim_beacon+0xd0/0x1e0
[  376.773422][    C0]  ? hw_scan_work+0xf20/0xf20
[  376.778135][    C0]  __hrtimer_run_queues+0x5e5/0xe50
[  376.783356][    C0]  ? hrtimer_interrupt+0x980/0x980
[  376.788481][    C0]  ? ktime_get_update_offsets_now+0x407/0x420
[  376.794602][    C0]  hrtimer_run_softirq+0x196/0x2c0
[  376.799740][    C0]  handle_softirqs+0x2ee/0xa40
[  376.804531][    C0]  ? __irq_exit_rcu+0x157/0x240
[  376.809406][    C0]  ? do_softirq+0x240/0x240
[  376.813923][    C0]  ? irqtime_account_irq+0xd0/0x1e0
[  376.819130][    C0]  __irq_exit_rcu+0x157/0x240
[  376.823826][    C0]  ? irq_exit_rcu+0x20/0x20
[  376.828350][    C0]  irq_exit_rcu+0x5/0x20
[  376.832692][    C0]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  376.838419][    C0]  </IRQ>
[  376.841352][    C0]  <TASK>
[  376.844284][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  376.850270][    C0] RIP: 0010:lock_acquire+0x26f/0x5a0
[  376.855570][    C0] Code: 2b 00 74 08 4c 89 f7 e8 ff 8b 77 00 f6 44 24 61 02 0f 85 84 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  376.875202][    C0] RSP: 0018:ffffc90004227640 EFLAGS: 00000206
[  376.881273][    C0] RAX: 0000000000000001 RBX: 1ffff92000844ed4 RCX: ffffffff816b5eb2
[  376.889248][    C0] RDX: dffffc0000000000 RSI: ffffffff8b0c14c0 RDI: ffffffff8b5e67c0
[  376.897222][    C0] RBP: ffffc90004227798 R08: dffffc0000000000 R09: fffffbfff224a04d
[  376.905196][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000844ed0
[  376.913170][    C0] R13: dffffc0000000000 R14: ffffc900042276a0 R15: 0000000000000246
[  376.921239][    C0]  ? validate_chain+0x112/0x5950
[  376.926201][    C0]  ? read_lock_is_recursive+0x10/0x10
[  376.931580][    C0]  ? do_raw_spin_unlock+0x137/0x8a0
[  376.937392][    C0]  ? PageHeadHuge+0x8e/0x1c0
[  376.941991][    C0]  ? shmem_fault+0x36d/0x9c0
[  376.946938][    C0]  _raw_spin_lock+0x2a/0x40
[  376.951455][    C0]  ? finish_fault+0x47d/0xa30
[  376.956162][    C0]  finish_fault+0x47d/0xa30
[  376.960701][    C0]  ? do_set_pte+0x590/0x590
[  376.965213][    C0]  ? __do_fault+0x2a6/0x4f0
[  376.969730][    C0]  handle_mm_fault+0x3436/0x5340
[  376.974699][    C0]  ? follow_page_pte+0x39c/0x1880
[  376.979747][    C0]  ? numa_migrate_prep+0x250/0x250
[  376.984873][    C0]  ? follow_page_mask+0xb8a/0x1420
[  376.990030][    C0]  ? check_vma_flags+0x440/0x4d0
[  376.994975][    C0]  __get_user_pages+0x4f3/0x1190
[  376.999928][    C0]  ? populate_vma_page_range+0x2b0/0x2b0
[  377.005575][    C0]  populate_vma_page_range+0x217/0x2b0
[  377.011125][    C0]  __mm_populate+0x275/0x440
[  377.015720][    C0]  ? check_vma_flags+0x4d0/0x4d0
[  377.020668][    C0]  vm_mmap_pgoff+0x22b/0x2d0
[  377.025267][    C0]  ? account_locked_vm+0xe0/0xe0
[  377.030212][    C0]  ? syscall_enter_from_user_mode+0x2e/0x230
[  377.036200][    C0]  ? ksys_mmap_pgoff+0xd8/0x6d0
[  377.041065][    C0]  do_syscall_64+0x3b/0xb0
[  377.045517][    C0]  ? clear_bhb_loop+0x45/0xa0
[  377.050226][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  377.056163][    C0] RIP: 0033:0x7f089ed8cd29
[  377.060608][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.080289][    C0] RSP: 002b:00007f089fc6b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  377.088739][    C0] RAX: ffffffffffffffda RBX: 00007f089efa5fa0 RCX: 00007f089ed8cd29
[  377.096777][    C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[  377.104768][    C0] RBP: 00007f089ee0e2a0 R08: ffffffffffffffff R09: 0000000000000000
[  377.112829][    C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  377.120805][    C0] R13: 0000000000000000 R14: 00007f089efa5fa0 R15: 00007ffdde8c59a8
[  377.128796][    C0]  </TASK>
[  377.132134][    C0] Kernel Offset: disabled
[  377.136466][    C0] Rebooting in 86400 seconds..