last executing test programs:

19m55.151321759s ago: executing program 32 (id=474):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0xff2e)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e0000", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000940), 0x800, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, 0x1, 0x4, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x2}, @NFULA_CFG_CMD={0x5, 0x1, 0x2}]}, 0x24}}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000480)={0x88, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bridge0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_team\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x88}}, 0x20000000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000540), 0x84)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r4, 0x0)
write$binfmt_script(r4, &(0x7f0000000300)={'#! ', './file0', [{0x20, 'syz0\x00'}, {0x20, 'siw\x00'}, {0x20, 'veth0_to_team\x00'}, {0x20, 'lo\x00'}], 0xa, "879c33645c07eb605dc388c49db92f30c9b6a4cc442c82bba7cb91aab03eac620f409ea5f2adde4b2cf57d8242a6d11943371e151161f7d8e6e33f1b0adbed6b1506ae866612f32fe11460fda4aff5820a8823ee91855d04c8c9d36bbd5f9b359f2a7eb14a3c17c52e58952a7edec09555345818fe444b56c8f01fb9bc197fc09fd9ff74ba6644e7355e1858f486e978a961785fb9d76e94b704990b27608aefd37042f64e098d8c86"}, 0xd2)
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000002400))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x5}, 0x18)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
faccessat2(r5, &(0x7f0000000040)='\x00', 0x1, 0x1300)
inotify_init()

19m53.756656552s ago: executing program 33 (id=480):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110600", @ANYRES32, @ANYRESDEC=r1], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='kfree\x00', r5}, 0x18)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f00000002c0)={'\x00', 0x0, 0x6, 0x100009, 0x8, 0x3ff})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x88, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xf}, @NFTA_SET_EXPRESSIONS={0x44, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xe41f}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0xa, 0x84}}}, 0xd0}}, 0x40)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000d80)={[{@mblk_io_submit}, {@dioread_nolock}, {@bh}, {@errors_continue}, {@nouid32}, {@quota}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r9}, 0x10)
sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000240)={0x3c, 0x0, 0x20, 0x70bd2d, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200))

18m1.524568111s ago: executing program 7 (id=520):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="19"], 0x48)

18m1.123271671s ago: executing program 7 (id=865):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
fcntl$setlease(r2, 0x400, 0x0)
utimes(&(0x7f0000000080)='./file0\x00', 0x0)

18m0.677647443s ago: executing program 7 (id=867):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f00000004c0)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0xf7, "0ba830", "21e4d409602d9bec436a8cee5fe43cd96c6f5f6c1c0988721683c56eb07d23289635f752fd926d4b9611ab78711a8902b6f18555ff54ed095dac8c4ba9dce7bdf60df18bd1120d0ab05132ead0ba0da60b2df842945545852b0c01c042dd965e79f8822657f144379f3e041df2fda99a5f9ffd5f97c7f307162bc3a3c74a53dade0cfd410ce1bf32dbf4ae97aa3d123ffd6453f1efbc5ba08bf8eb812fef3384738e8f3eb08a1db57fff365a7543fa7b13d3bcd890f1182bdd6ec9e75d1b546657f056072cf871875ddfd9f0838f159bfaa0e255271fbd61f046654c1a40c85b0b0fd570ea001365b877558338a9bf840d977cf9fcaf2026896bcbff0085af39"}}, 0x110)

18m0.215877047s ago: executing program 7 (id=870):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r0, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x2, @dev={0xfe, 0x80, '\x00', 0x13}, 0x7}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="090000000000000000000200000014000180"], 0x28}}, 0x0)

17m58.780166078s ago: executing program 7 (id=876):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01000000000000000002020000000900010073797a310000000014000200626f6e6410"], 0x34}}, 0xc800)

17m57.925944141s ago: executing program 7 (id=878):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="91106c0000"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
semget$private(0x0, 0x5, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r2}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x9)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x10000400}, 0xc)

17m53.427955217s ago: executing program 5 (id=889):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r0, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x2, @dev={0xfe, 0x80, '\x00', 0x13}, 0x7}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="090000000000000000000200000014000180"], 0x28}}, 0x0)

17m52.031647434s ago: executing program 5 (id=895):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='consume_skb\x00', r1, 0x0, 0xceeb}, 0x18)
sendto$inet6(r0, &(0x7f00000002c0)='E', 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xfffdffff}, 0x1c)

17m51.51955406s ago: executing program 5 (id=898):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x2)
capset(&(0x7f0000000ac0)={0x19980330}, &(0x7f0000000180)={0x1, 0x1, 0xc898, 0x0, 0x0, 0x80003})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)

17m50.578578521s ago: executing program 5 (id=904):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x7, 0x4, 0x100, 0x1, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
eventfd(0x10001)

17m50.053888059s ago: executing program 5 (id=907):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket$inet_sctp(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r6, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r2}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r7, r4, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000a80)=ANY=[], 0x0)

17m47.08445374s ago: executing program 5 (id=911):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000100000007b8af8070007020000f8ffffffb703000d94efe000b70400008500000001000000851100000500000095000000000c149d84b285120f96e896f44330a10c401c05e2014f60ec557cae724a90b1a4508b25f6ba947fe6487b13ca92a50fbe09d7c6181056e1afff8ea5e3598e7d7b79a62380510dd15cd368397304c580b971b3edea6c9751a4f75173fd302ece34719d1bb160c5d657def9ef171ea9167c046097140b92c51bf72fd200"/197], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='mm_page_alloc\x00', r2}, 0x10)
mincore(&(0x7f0000f0c000/0x3000)=nil, 0x0, &(0x7f0000afaf0a)=""/246)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0x13, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000008000208500000072000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000001800000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x38, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
socket$key(0xf, 0x3, 0x2)

17m40.526269661s ago: executing program 34 (id=878):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="91106c0000"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
semget$private(0x0, 0x5, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r2}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x9)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x10000400}, 0xc)

17m31.766604801s ago: executing program 35 (id=911):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000100000007b8af8070007020000f8ffffffb703000d94efe000b70400008500000001000000851100000500000095000000000c149d84b285120f96e896f44330a10c401c05e2014f60ec557cae724a90b1a4508b25f6ba947fe6487b13ca92a50fbe09d7c6181056e1afff8ea5e3598e7d7b79a62380510dd15cd368397304c580b971b3edea6c9751a4f75173fd302ece34719d1bb160c5d657def9ef171ea9167c046097140b92c51bf72fd200"/197], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='mm_page_alloc\x00', r2}, 0x10)
mincore(&(0x7f0000f0c000/0x3000)=nil, 0x0, &(0x7f0000afaf0a)=""/246)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0x13, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000008000208500000072000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000001800000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x38, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
socket$key(0xf, 0x3, 0x2)

13m48.124651626s ago: executing program 2 (id=2243):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$unix(r1, &(0x7f00000029c0)=[{{&(0x7f0000000600)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x24}}], 0x20, 0x24000010}}], 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
stat(&(0x7f0000001c40)='./file0\x00', 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000ffffffffff"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000ac0)={0x0, 0x2a, '\x00', [@hao={0xc9, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}}, @calipso={0x7, 0x38, {0x1, 0xc, 0x2f, 0xfffb, [0x6, 0x5a, 0x6, 0x2, 0x8, 0x9]}}, @hao={0xc9, 0x10, @mcast1}, @generic={0xba, 0xe2, "a1949149c41eb5d03ff78890cf95e50925163ddf486e3009b05535db594ab701e90cbfc2dc40f3aac1ad7690ef9cf6a33a7816fc7a0da173e2703fa9750a0e76083055e4fe058b0dcbb662936afa80633b061c3caf3b20d4a5a2d09e20c764937769044258fc379e0947ed7d10adef8351abf2ab316a5e16f8960f15c493cc94766f2eef2c285178a2cd0c1de64ac098338f8621cee227aba1c12de988ee1cb38dfffd59b76e43051f31047ba35d3b77d43d5d113b9860dbe9c4c1c94a71f5844933f13e9a61b6703ba486751718ab633fa34fd5d36f10afc695f66ac32891550fd1"}, @jumbo={0xc2, 0x4, 0x37e}, @ra={0x5, 0x2, 0xffff}, @pad1, @enc_lim={0x4, 0x1, 0x5}]}, 0x160)
pipe2$9p(&(0x7f00000001c0), 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000500)={0x0, 0x1c7}, &(0x7f0000000540)=0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0x0, 0x0})
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@errors_continue}]}, 0x2, 0x44b, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsB22S0t3e5W9vNJBp5n5+k+z3efeWaemWc3gL41mv2TRGyPiN8iYrieXV5gtP7f9avnq39fPV9NYmnprT+TvNy1q+erZdHy77YVmbE0Iv0kKSpZbv7suZPTtdrsmSI/sXDqvYn5s+eePXFq+vjs8dnTU4cPHzo4+cLzU891JM4srmt7P5zbt+e1dy69Xj166d2fvs3au73Y3xhHp4xmgf+1lGve90SnK+uxHQ3pZKCHDWFNKhGRdddgPv6HoxI3O284Xv24p40DNlR2bdrSfvfiEnAXS6LXLQB6o7zQZ/e/5dalqcemcOWl+g1QFvf1YqvvGYi0KDPYdH/bSaMRcXTxn6+yLTboOQQAQKPPql8eiWdazf/SuL+h3M5iDWUkIu6JiF0RcW9E7I6I+yLysg9ExINrrL95aejW+U96+Y4CW6Vs/vdisba1fP5Xzv5ipFLkduTxDybHTtRmDxSfyVgMbsnykyvU8f0rv37ebl/j/C/bsvrLuWDRjssDTQ/oZqYXpvNJaQdc+Shi70Cr+JMbKwFJROyJiL1re+udZeLEU9/sa1fo9vGvoAPrTEtfRzxZ7//FaIq/lKy8Pjnxv6jNHpgoj4pb/fzLxTfb1b+u+Dsg6/+ty4//5iIjSeN67fza67j4+6dt72nu9PgfSt7Oz0dlR30wvbBwZjJiKDmSvzhUlM1fn7r5t2W+LJ/FP7a/9fjfFTcreCgisoP44Yh4JCIeLdr+WEQ8HhH7V4j/x5fb79sM/T/T8vx34/hv6v+1Jyonf/iuXf2r6/9DeWqseCU//93Gahu4ns8OAAAA/ivS/DvwSTp+I52m4+P17/Dvjq1pbW5+4eljc++fnql/V34kBtPySddww/PQyWSxeMd6fqp4VlzuP1g8N/6i8v88P16dq830OHbod9vajP/MH5Vetw7YcK3W0aaGetAQoOuax3+6PHvhjW42Bugqv9eG/nWb8Z92qx1A97n+Q/9qNf4vNOWtBcDdyfUf+pfxD/3L+If+ZfxDX1rP7/ol+jkR6aZohsQGJXp9ZgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMfwMAAP//d5Lu1w==")

13m46.511085926s ago: executing program 2 (id=2250):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
connect$pppl2tp(r0, &(0x7f0000000440)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x0, 0x2, 0x0, {0xa, 0x4e23, 0xd0, @mcast1, 0x3}}}, 0x3a)

13m46.002366368s ago: executing program 2 (id=2259):
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000800000000000000000001801000020"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4, 0x0, 0xb51b, 0x10}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

13m45.831518225s ago: executing program 2 (id=2260):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

13m45.646125246s ago: executing program 2 (id=2261):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200), 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
lsetxattr$security_capability(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240), &(0x7f00000001c0)=@v3={0x3000000, [], 0xee01}, 0x18, 0x0)

13m42.972102989s ago: executing program 2 (id=2268):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x21, 0x0, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x0, 0x200000000000000}, 0x50)

13m27.795973163s ago: executing program 36 (id=2268):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x21, 0x0, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x0, 0x200000000000000}, 0x50)

11m16.872285809s ago: executing program 1 (id=3322):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000001"], 0x48)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0xaa840, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xd, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)

11m16.672030606s ago: executing program 1 (id=3325):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6e41}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93, 0xfc}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0xfffffffc}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0xffffffff, 0x0, 0x0, 0xfffffffd}, {0x2, 0x0, 0x400000, 0x0, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x2000}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5, 0xfffffffd}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x1000000}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1, 0x3}, {0x80}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x15, 0x0, 0x48510}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {}, {}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5}, {}, {0x0, 0x0, 0x0, 0x3ff, 0x40000000}, {}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x400000}, {0x4, 0x0, 0x200}, {}, {0x0, 0x0, 0x0, 0x80000}, {0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x4, 0x9}, {0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {0x0, 0x7}, {}, {}, {0x800000, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffefffff}, {}, {0x0, 0x0, 0x6, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x2, 0x0, 0x20000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x0, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x2e9c}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0xfffffffd}, {}, {0xfffffffe, 0x0, 0x0, 0x0, 0x8000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x8000}, {0x0, 0x0, 0x10000, 0x0, 0xfffffffc}, {0x0, 0x80000000, 0x0, 0x7dff800}], [{}, {}, {}, {}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {0x3}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {0x3}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {0x0, 0x1}, {0x2}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)

11m15.371305593s ago: executing program 1 (id=3328):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180800000000010000000000000000008510000006000000180200", @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb7"], 0x0, 0x2}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec97000fc82b00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)

11m14.818676872s ago: executing program 1 (id=3330):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

11m14.52037491s ago: executing program 1 (id=3332):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

11m13.632437472s ago: executing program 1 (id=3335):
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000001900)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000001a00)=ANY=[@ANYBLOB="1000000025f34400000000000000df25"], 0x10}], 0x1, 0x0, 0x0, 0x20000801}, 0x40010)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r1)
open(0x0, 0x642000, 0x38)
recvmmsg(r1, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x800}], 0x1, 0x18142, 0x0)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r2, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x14, 0x110, 0xd, {[@rr={0x7, 0x3, 0xba}]}}}], 0x38}, 0x0)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8)

11m12.841045838s ago: executing program 37 (id=3335):
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000001900)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000001a00)=ANY=[@ANYBLOB="1000000025f34400000000000000df25"], 0x10}], 0x1, 0x0, 0x0, 0x20000801}, 0x40010)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r1)
open(0x0, 0x642000, 0x38)
recvmmsg(r1, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x800}], 0x1, 0x18142, 0x0)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r2, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x14, 0x110, 0xd, {[@rr={0x7, 0x3, 0xba}]}}}], 0x38}, 0x0)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8)

8m4.273037792s ago: executing program 3 (id=4590):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x3d, &(0x7f0000000000)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe~c\xbc\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000e40)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0200000002"], 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[@ANYRES32=r2, @ANYRES32, @ANYBLOB="020000000000000000400000", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10)

8m3.912825261s ago: executing program 3 (id=4594):
unshare(0x400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000001c0)={r1, r0, 0x4, r2}, 0x10)

8m3.686315221s ago: executing program 3 (id=4596):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000004c0)={'sit0\x00', &(0x7f0000000640)={'gre0\x00', 0x0, 0x8000, 0x80, 0xa00, 0x7ff, {{0x6, 0x4, 0x2, 0x13, 0x18, 0x64, 0x0, 0x6, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x43}, @rand_addr=0x64010101, {[@timestamp_prespec={0x44, 0x4, 0xf8, 0x3, 0xb}]}}}}})

7m19.108090598s ago: executing program 3 (id=4596):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000004c0)={'sit0\x00', &(0x7f0000000640)={'gre0\x00', 0x0, 0x8000, 0x80, 0xa00, 0x7ff, {{0x6, 0x4, 0x2, 0x13, 0x18, 0x64, 0x0, 0x6, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x43}, @rand_addr=0x64010101, {[@timestamp_prespec={0x44, 0x4, 0xf8, 0x3, 0xb}]}}}}})

6m32.084155257s ago: executing program 3 (id=4596):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000004c0)={'sit0\x00', &(0x7f0000000640)={'gre0\x00', 0x0, 0x8000, 0x80, 0xa00, 0x7ff, {{0x6, 0x4, 0x2, 0x13, 0x18, 0x64, 0x0, 0x6, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x43}, @rand_addr=0x64010101, {[@timestamp_prespec={0x44, 0x4, 0xf8, 0x3, 0xb}]}}}}})

6m1.875250957s ago: executing program 9 (id=4938):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000240), 0x0}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r1}, 0x4)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x8}, 0x8)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x22, 0x3, 0xb)
sendmmsg$inet6(r2, &(0x7f0000000200)=[{{&(0x7f00000008c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x79, &(0x7f0000000b40)=ANY=[@ANYRESDEC=r3, @ANYRESHEX=r4, @ANYRESDEC=r3, @ANYBLOB="217891fd50f884d4d91b9e7a2ef745ebcc0d2575ab", @ANYRES32=r2, @ANYRES16=r5, @ANYBLOB="e6b4cc6b6a9db5bf14d9581ad8c7827ee39d831213bdd0752a7f95640aad82b469bbe19b7956f1588a3667772c7709f4a46a04f6461bc9a5292025f98fefcc014500ad5b947df340a668d8f59e4d2edfd9091b0acae83881856a83ca525b0163d293e3bdad5e18ca9ec4def0269d49e73daa8930da1951b820a4fb28900757051c7d3566ceb79bfd7d43936d1d3302b0f55c7876a1ae0e8d92ee34a64383c57b89b93d3be29c4e81842df71a487dd388894d83f196a4f78d55e956d0772323ee37b415c86ea0089d8b3d297ef84acfe612a8b0a12a7c3ea3bae8316508f0edafe3ffdccfc2bb09dc23b42234d7c8384b82061af484", @ANYBLOB="c529e99f73bdf9746ab525d0d3d45b6d084d0555df67a9fc92f172cf122ab138cf685f40d595a4284aaf7d0d0b432ab0566f02f0ec1cff45dc182067ddf24aed2e7b978316ab043660191b93bac2976405e3c14adb9a54c49c587e80c1ba1d388e49113825b5ad2ddf80223fda7e468f61f070d8d76abcb308b3c46e8878995c349ca2bb4661733005921540464ed98aadb91fe3409164920ac1100fa2d44de7d1269361dbac526182e1b406dbfd"], 0x8)
r6 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x560, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x490, 0xffffffff, 0xffffffff, 0x490, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'vxcan1\x00', {0x8}}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xfd}}, [], [0x0, 0xffffffff], 'pim6reg\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x3a0, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_virt_wifi\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x5}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'bridge_slave_0\x00', {0x53}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x5c0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
exit(0x7)
r7 = socket(0x15, 0x5, 0x0)
getsockopt(r7, 0x200000000114, 0x2720, 0x0, &(0x7f0000000000))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
syz_emit_ethernet(0x3e1, &(0x7f0000000d80)={@multicast, @link_local, @void, {@mpls_mc={0x8848, {[{0x10}, {0xc}, {0x5, 0x0, 0x1}, {0xffff7}, {0x6, 0x0, 0x1}, {0x2, 0x0, 0x1}, {0x8, 0x0, 0x1}], @ipv4=@gre={{0x15, 0x4, 0x1, 0x6, 0x3b7, 0x64, 0x0, 0x80, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}, @multicast2, {[@lsrr={0x83, 0xb, 0xc9, [@rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_prespec={0x44, 0x1c, 0x22, 0x3, 0xf, [{@loopback, 0xdb5b}, {@multicast1, 0x10}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x6}]}, @timestamp={0x44, 0x18, 0x3d, 0x0, 0x6, [0xeaf, 0x1ff, 0x7fffffff, 0x6, 0x2]}]}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0xc1, 0x1, [0xe], "5e84ecd444630636985b6a6221677abc6dec04a536001b4e9590ba8a8d729ac5f8c846302a6c539f57266a9c6f548007d34810d456628dc5ca1f1dde2a53ebe678c08e38c192beb8d56f0c8a97eba450e19cfe7e185f230f9e8ca017b59b6c4fac04cd5ebf8f9156d4c4271ead8a296aaa3a7849aeeaf4e1b7197ed13f25cb002bd96655fcffa067e308b86d232bc83f200f738d50b3bd30b7a72c7bf9a393ece45a76ce8168c5ef16fa764d32eb35ef23192be4f67f0b837180bf8f9b2efc18f7"}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x800, [0x5, 0x8, 0xe49], "0f3c5a118f043ce8a831b96e9e7f62058b8badfd3b93084e6d98f9313e7da672323795f111e5443fd57893d3142872fc20c55acd8698774a7ac516e4a19ce2fde109b04b168536a3011182a5ca56428aa129d362ee05a0d5659b42bed743368404fe4a4a8afb09638586707501d6c6766596999fa7dea88cd2d607a0245fb286074715002f718d6d93687cfc3891f866dd79864ac042282a577f78c1e2bf76d6456e1d1b87c4cfdb4f54afbae9c354003d96fe1f1bf73e79bc4378cbf30c9798de523efed2116a14fe5d357ca1bc2ab7d1a791f4b1df7d800e992e71dbee00ae"}, {0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x86dd, [0x7fff], "34268ad28184669376921fa85ac48c01f7c587b35e5792c1a94758a1e63db627ca7a8083d7cbac36858e020524d7c41dfd27b8fe78a9cf5d7e9cee509ab9c0cbb45e9e74c0070fcf5717a71d50229811d56593f0cccaf8e18c8def2194e7581ac9147de69179341a08f427d7ff819abfddcd1de9046bdf3fb303a732e46f20392147cff9eeaa0bd96ccd31fb1240caf44c92758c2805e9862395ab91e9fb1b"}, {0x8, 0x88be, 0x2, {{0x2, 0x1, 0x1, 0x3, 0x0, 0x0, 0x4}, 0x1, {0x200}}}, {0x8, 0x22eb, 0x1, {{0x7, 0x2, 0x5, 0x3, 0x1, 0x3, 0x0, 0xd}, 0x2, {0x2, 0x3, 0x2, 0x15, 0x1, 0x1, 0x0, 0x1}}}, {0x8, 0x6558, 0x1, "13b6d10aa76f2fc726b3e2c674866918c04f41d1786cadd9353c9e1df35d7c8f8ad337b2fc489704bfc7052fbbe04eef33b80e0c9b90769e16d4a5158c77234498cdf45bf76ceacbd1333a54ca725dba8f0a3133116f26e7f3376fab30c78dfc2c63d4f9ca0609644ca69308e311004333c1965e8e417698cb841cbee2440828809faf3cfd41ed62ac2c9bf6b137b453ab6d01b7b91a7892f60d01914e18e0bc882b66e57479d5f863cdadbea8e10255aa82f9e597232a7d1cb661a2fa376c720c38b576e53a42028af831bd4528601a1bb2496752"}}}}}}}, 0x0)

5m50.985989785s ago: executing program 9 (id=4972):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb3d68000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
timer_create(0x2, 0x0, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000600)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mount(&(0x7f0000000300)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000012c0)='./file0\x00', &(0x7f0000001300)='gfs2\x00', 0x0, 0x0)

5m49.358088775s ago: executing program 9 (id=4973):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
accept(r0, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x541c43, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000300)='xprtrdma_marshal\x00', 0xffffffffffffffff, 0x0, 0x8000}, 0x18)
mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xa)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_io_uring_setup(0x140f, &(0x7f0000000040)={0x0, 0x87b0, 0x2, 0x2, 0x33d}, &(0x7f00000000c0), 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
r2 = syz_io_uring_setup(0x1e20, &(0x7f0000000380)={0x0, 0x86f7, 0x8000, 0x1, 0x38a, 0x0, r1}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000440)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x22})
io_uring_enter(r2, 0x48e9, 0xf2bb, 0x2, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0xff)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x0, &(0x7f0000002400)=ANY=[])
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$usbfs(&(0x7f0000000100), 0x85c, 0x1f5100)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x2)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x3)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r7 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r7, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
connect$llc(r7, &(0x7f0000000340)={0x1a, 0x322, 0x0, 0x0, 0x4, 0x90, @random="48bd00"}, 0x10)

5m48.080727345s ago: executing program 9 (id=4979):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044940, &(0x7f0000001fc0))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
readv(r0, &(0x7f0000000380)=[{&(0x7f0000000440)=""/162, 0xa2}], 0x1)

5m46.025840108s ago: executing program 9 (id=4991):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r0, &(0x7f0000000080), &(0x7f00000000c0)=""/102}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x400)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6})
chdir(&(0x7f0000000080)='./file1\x00')
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r7, 0xffffffff80000801, 0x0, &(0x7f00000000c0)={0x8001, 0x0, 0x1, 0xf, 0x3, 0x3, 0x0, 0x6, 0x80000003})
r8 = socket$kcm(0x21, 0x2, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=[{0x10, 0xff, 0x2}, {0x10, 0x110, 0x2}], 0x20}, 0x4)
r9 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r9, 0xc0d05605, &(0x7f00000007c0)={0x1, @pix={0x3, 0xf3b, 0x34324241, 0x2, 0x7, 0x10000, 0xb, 0xf, 0x0, 0xc3da533fd69e53e7, 0x0, 0x5}})

5m44.328605503s ago: executing program 9 (id=4995):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r0, 0x0, 0x40004)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0xfdef)

5m42.409567625s ago: executing program 3 (id=4596):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000004c0)={'sit0\x00', &(0x7f0000000640)={'gre0\x00', 0x0, 0x8000, 0x80, 0xa00, 0x7ff, {{0x6, 0x4, 0x2, 0x13, 0x18, 0x64, 0x0, 0x6, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x43}, @rand_addr=0x64010101, {[@timestamp_prespec={0x44, 0x4, 0xf8, 0x3, 0xb}]}}}}})

13.902908916s ago: executing program 6 (id=5699):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r0, &(0x7f00000003c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x70, 0x65, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010101, @remote}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x6, 0x1f, {0x15, 0x4, 0x3, 0x14, 0x7ff, 0x64, 0x1ce2, 0xd9, 0x1, 0xe5c, @loopback=0xac14140a, @remote, {[@timestamp={0x44, 0xc, 0x37, 0x0, 0x2, [0x7ff, 0x7]}, @timestamp_addr={0x44, 0x34, 0x87, 0x1, 0x0, [{@multicast2, 0x9}, {@loopback, 0x5}, {@loopback, 0x20005}, {@private=0xa010102}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x329}, {@multicast2, 0x4}]}]}}}}}}}, 0x0)

13.268504975s ago: executing program 6 (id=5701):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000994bd740f60d5600b5a00000000109021200"], 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)

12.821770041s ago: executing program 4 (id=5706):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004c40)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x8, @local, 0x8}, 0x1c, 0x0, 0x0, &(0x7f0000000440)=[@flowinfo={{0x14, 0x29, 0xb, 0x200}}, @pktinfo={{0x24, 0x29, 0x32, {@private2}}}], 0x40}}], 0x1, 0x4)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x8)
setsockopt$ax25_int(r4, 0x101, 0xa, &(0x7f0000000080)=0x40, 0x4)

11.324427244s ago: executing program 8 (id=5707):
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xb, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x54)
mount$overlay(0x0, &(0x7f0000000440)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
splice(r1, 0x0, r2, 0x0, 0x10000000000019, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0xfffffffffffffa8a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20000010)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
mknod(&(0x7f0000000040)='./file0\x00', 0x2a8, 0x8021)
mount(&(0x7f00000000c0)=@nullb, 0x0, &(0x7f0000000080)='nilfs2\x00', 0x0, 0x0)

10.044735713s ago: executing program 8 (id=5709):
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c", 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040), 0x6)
socket$unix(0x1, 0x1, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast1, 0x4e23, 0x2, 'dh\x00', 0x1, 0x5, 0x16}, 0x2c)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=ANY=[], 0x36)

9.935489114s ago: executing program 6 (id=5710):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r3, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x4000, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
recvmmsg(r3, &(0x7f0000000380)=[{{&(0x7f0000000640)=@l2tp6={0xa, 0x0, 0x0, @mcast2}, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000140)=""/144}, {&(0x7f0000000200)=""/230}, {&(0x7f0000000300)=""/86, 0xfffffe94}, {&(0x7f00000003c0)=""/253}, {&(0x7f00000004c0)=""/208}]}, 0x3422a61a}], 0x4000000000003c9, 0x10102, 0x0)

9.01730334s ago: executing program 0 (id=5712):
socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair(0x23, 0x5, 0x0, &(0x7f0000000080))

8.538664193s ago: executing program 0 (id=5713):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r1, &(0x7f0000000240)="94", 0x1)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
vmsplice(r3, &(0x7f0000000380)=[{0x0}, {&(0x7f0000013680)="c578381bf5113dad8319d9ea5294285ae9a90384ce23866477bef9de4399237d8b3522c9c194e71edaf3332a2f169682f9d8fa271683d4d441b710409e506333e0c3b64e52e8720734b6787f4a84f5bebb046649c6c697d978affd349031b2cd874c7a8961a586a9f2d62f945e7a5bf2f5f7a31684c0503704881d2578a2a98ac3ef4e4a4b0dcdb70db735d5c1652eed3848b2dd4131bb0eb7cfadfaf5", 0x9d}], 0x2, 0x0)
tee(r0, r3, 0x8f5, 0x100000000000000)
read$FUSE(r2, &(0x7f00000003c0)={0x2020}, 0x2020)

8.320679882s ago: executing program 0 (id=5714):
syz_emit_ethernet(0x2a, &(0x7f00000004c0)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xc8c7, 0x0, 0xfffffffd, 0x2}, &(0x7f0000000340)=<r2=>0x0, &(0x7f00000002c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_STATX={0x15, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)='./file0\x00', 0x400, 0x2000, 0x1})
io_uring_enter(r1, 0x47f9, 0x0, 0x0, 0x0, 0x0)

8.300990478s ago: executing program 8 (id=5715):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
syz_genetlink_get_family_id$net_dm(0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bca, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
syz_io_uring_submit(r4, r5, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r7, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103})
io_uring_enter(r3, 0x46f3, 0x0, 0x0, 0x0, 0x0)
write(r6, &(0x7f0000000200)='~', 0x1)

7.215067188s ago: executing program 8 (id=5716):
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c", 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040), 0x6)
socket$unix(0x1, 0x1, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast1, 0x4e23, 0x2, 'dh\x00', 0x1, 0x5, 0x16}, 0x2c)

6.381595033s ago: executing program 8 (id=5717):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x401}, 0x18)
ioctl$SIOCAX25GETINFOOLD(0xffffffffffffffff, 0x89e3, &(0x7f0000000180))

6.31664737s ago: executing program 4 (id=5718):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x17)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r1}, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
socket$inet6_mptcp(0xa, 0x1, 0x106)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000140), 0x12)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)

5.668388248s ago: executing program 8 (id=5719):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x5, 0x101400)
ioctl$USBDEVFS_GETDRIVER(r0, 0x41045508, &(0x7f0000000280)={0x0, "369f5c95b1fc607aea8137aefcae1d57248333eca390611644f567ffdc17606f0a9972f66c67b61e37fac788cc4853e81d0455c60b2e9b2f8019a498983d1e587f3b8130c86c3043537d4befeb3b0604e0d60df71d9b6c37500ab7394b3646793a1db9415df38517cdf99ec4e749eb7305819e87ab62da1a66ca8e7f6a1c01aaba1042c47bf4e3a7515a6dceac012b0f5f330944126e36a8ec794255de70996de72cc35e13028bfa87abfa2ff5e3e832b42db9b5df199077f210f3e259f24e8b1e0e051b836893860880932b7db97116002ff92654c94c5557a856586b3dcccb37fe0555360c69410603aa5eb2ddf1f72fb7125402ad3240afa863af85b509fc"})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r1, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x3, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xc}, 0x48)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)

5.640972817s ago: executing program 4 (id=5720):
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xb, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x54)
mount$overlay(0x0, &(0x7f0000000440)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x10000000000019, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f00000003c0)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x6, 0x1, 0x0, 0x4dcc, 0x1ff, 0xfd0d, 0x0, 0x0, 0x40, 0x5}}, 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0xfffffffffffffa8a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20000010)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
mknod(&(0x7f0000000040)='./file0\x00', 0x2a8, 0x8021)
mount(&(0x7f00000000c0)=@nullb, 0x0, &(0x7f0000000080)='nilfs2\x00', 0x0, 0x0)

4.75532235s ago: executing program 0 (id=5721):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$FUSE_INIT(r4, &(0x7f0000000400)={0x6f, 0x0, 0x0, {0x7, 0x28, 0x80000001, 0x0, 0x0, 0x0, 0x2, 0x1}}, 0xfffffede)
vmsplice(r4, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
unshare(0x400)
bind$unix(0xffffffffffffffff, &(0x7f0000000040)=@abs={0x1}, 0x2)
r6 = openat$rtc(0xffffffffffffff9c, 0x0, 0x200, 0x0)
ioctl$RTC_ALM_READ(r6, 0x40187014, &(0x7f0000000040))
bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1}, 0x6e)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r7, &(0x7f0000000480)=""/177, 0xb1, 0xe0)
getsockopt$bt_BT_RCVMTU(r5, 0x112, 0xd, 0x0, &(0x7f0000000300))
syz_emit_ethernet(0x4e, &(0x7f0000000240)=ANY=[], 0x0)
openat$cgroup_ro(r7, &(0x7f0000000000)='memory.numa_stat\x00', 0x0, 0x0)

4.584578194s ago: executing program 4 (id=5722):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f000001b000)=ANY=[@ANYRES32], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22)
syz_emit_ethernet(0x26c, &(0x7f000001b4c0)=ANY=[@ANYBLOB="856b934629fabbbbbbbbbbbb86dd6014d61e023621fefe80000000000000000000000000001f000000000000000000000000000000002c07000000000000c910fe800000000000000000000000000010c910fe8000000000000000000000000000bb071800000002045d00000900000000000000010000000000000000000105000000000000010400000000c204000000090502000bc910ff0200000000000000000000000000010105000000000000000000000000841700000000000004013e06553b399c492a91f832a36a93815bf2903418b36e8ea699b5e37ca62f35a4236a54bae01b2c06a0e3e03905d2e472558b1fd1fd8849e349a2eba7a7e09ec0bdb78dbb521b859b4f6b5265e45194448f520a3a7a3a79e90101001060feeb3dae0907ee427b56fcc33dbc58a313c4f9641602876d7d7ad7d61e764856a8a1e45a0a14ef66db7a0b8ca64200b59b037382f6f1e035906b0617155ab1e1ed8af7b2df529e64744d652521b704a0a6a1beb7bcf608686990a6d63b832550004e224e2104a1907808ea8dce0894455729ca320e277892ffeebe39d493e386d20b41ba7dffc74010c68f8496a8966742e87c939ff6b308f9b64e7f28436c37599b8f8f63d88f8b2adc79ca4ad06e60b5ddaad1763014eed62da49ab87c831f7d42fdd9a4084c4c7bd07a44309e3c047ad3ebdc3cff19154646f4113681e4331590c6d6056f96956dd3d272bba70d1a3f83a89f81cc659a22b5bf5315772c2c6bb2b5c8c53a2d1acbb2840ad1789e84c4374ed632ee2d5131ed4716f38f50bc45eec09beaa62076d5e88b09bece51f6992ea789db1322efaa3afdf3ee803b9f7f835ed0f88be9fb67557e96ce020ecb7bd14b8eddf60d4b043a"], 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, r1})
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
r5 = syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r5, &(0x7f0000000640)={0x2020}, 0x2020)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16, @ANYBLOB="010029bd7000fedbdf2528fcff000a0001007770616e3000000005002e00c400000005002b0001000000"], 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x48004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_subtree(r6, &(0x7f0000000080), 0x2, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r7 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil)
r8 = shmat(r7, &(0x7f0000001000/0x3000)=nil, 0x1000)
shmctl$IPC_RMID(r7, 0x0)
shmdt(r8)

3.306339961s ago: executing program 0 (id=5723):
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc43", 0xf)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$rds(0x15, 0x5, 0x0)
execve(0x0, 0x0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "00000000000000000001000f0e00"}}}]}, 0x48}}, 0x0)
ioctl$BLKPBSZGET(0xffffffffffffffff, 0x127b, &(0x7f0000000080))
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[0x0, 0x0], 0x2})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000})
add_key$keyring(&(0x7f0000000380), &(0x7f0000000440)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
io_uring_setup(0x2e5b, &(0x7f00000003c0)={0x0, 0x4c55, 0x2, 0x3, 0xd0})

2.822528613s ago: executing program 6 (id=5724):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
epoll_create1(0x0)
epoll_create1(0x0)
r1 = socket(0x1, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1b172191d359645fae2d074ea5724ab77ea04fe507938b1213cdd4a92860e59808689382734d24b3123dd40c6d612c8a19948cd257748b1e7324adddbe61d51013f7d6b313c6df7b7b29678d70fc94dcc3e99e2472e78968ed94e7a54988656e8fff6b1d9b9993c71edd5cc10a2bea8d94d751b77fa7c48c712af35a9ffe670e8fa451942f48741119496bc30137e1202aed6bb5cd5c2d0256d049e4a335e2ea5545e5624be2391c37c0a2ae3bbb5b58778b85424bcdb84358359b2cb2782fc0e82f17b12d641ce6a72ab0ac794f878140897703bebe4420115d26675f27598841965fa91088252"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB='&'], 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r1}, 0x20)
sendmmsg$unix(r1, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)

2.648607231s ago: executing program 4 (id=5725):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r1, &(0x7f0000000240)="94", 0x1)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
vmsplice(r3, &(0x7f0000000380)=[{&(0x7f0000013580)}, {&(0x7f0000013680)="c578381bf5113dad8319d9ea5294285ae9a90384ce23866477bef9de4399237d8b3522c9c194e71edaf3332a2f169682f9d8fa271683d4d441b710409e506333e0c3b64e52e8720734b6787f4a84f5bebb046649c6c697d978affd349031b2cd874c7a8961a586a9f2d62f945e7a5bf2f5f7a31684c0503704881d2578a2a98ac3ef4e4a4b0dcdb70db735d5c1652eed3848b2dd4131bb0eb7cfadfaf5", 0x9d}], 0x2, 0x0)
tee(r0, r3, 0x8f5, 0x100000000000000)
read$FUSE(r2, &(0x7f00000003c0)={0x2020}, 0x2020)

1.861600581s ago: executing program 6 (id=5726):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x18b242, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r0=>0x0, &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_GET_SYSNAME(r2, 0x8040552c, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x18, 0x209, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bond0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_open_dev$video4linux(&(0x7f0000001540), 0x6, 0x0)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
socket(0x6, 0x1, 0x0)
syz_open_dev$loop(0x0, 0x81, 0x2a82)
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r7 = syz_open_dev$ttys(0xc, 0x2, 0x0)
r8 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETSF(r7, 0x5404, &(0x7f0000000080)={0xffffffff, 0x1f, 0x7, 0xfffffffa, 0x3, "a4c82192e6aed8e8950470331d04006c9957ed"})
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000000)=0x3)
ioctl$sock_TIOCINQ(r6, 0x541b, &(0x7f0000004b80))
socket$inet_mptcp(0x2, 0x1, 0x106)

32.147559ms ago: executing program 6 (id=5727):
openat$procfs(0xffffffffffffff9c, &(0x7f0000002200)='/proc/diskstats\x00', 0x0, 0x0)
socket$nl_crypto(0x10, 0x3, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x6, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
getgroups(0x0, &(0x7f0000000080))
read$msr(r0, &(0x7f0000019380)=""/102400, 0x19000)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ipv6_route\x00')
read$FUSE(r1, 0x0, 0x0)
pread64(r1, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)

31.827188ms ago: executing program 4 (id=5728):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xfffffffffffffe34)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r5, 0x0)
setpgid(0x0, r5)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000440)='./file0/file0\x00'}, 0x18)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
add_key$fscrypt_v1(0x0, &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff)
add_key$fscrypt_v1(0x0, &(0x7f0000000440)={'fscrypt:', @desc3}, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
write$cgroup_int(r6, &(0x7f0000000040)=0x1c9, 0x12)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r6, 0xc01864c6, &(0x7f0000000480)={&(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x80000})

0s ago: executing program 0 (id=5729):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$unix(r1, &(0x7f00000029c0)=[{{&(0x7f0000000600)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x24}}], 0x20, 0x24000010}}], 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
stat(&(0x7f0000001c40)='./file0\x00', 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000ffffffffff"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000500)={0x0, 0x1c7}, &(0x7f0000000540)=0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'geneve1\x00'}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0x0, 0x0})
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@errors_continue}]}, 0x2, 0x44b, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsB22S0t3e5W9vNJBp5n5+k+z3efeWaemWc3gL41mv2TRGyPiN8iYrieXV5gtP7f9avnq39fPV9NYmnprT+TvNy1q+erZdHy77YVmbE0Iv0kKSpZbv7suZPTtdrsmSI/sXDqvYn5s+eePXFq+vjs8dnTU4cPHzo4+cLzU891JM4srmt7P5zbt+e1dy69Xj166d2fvs3au73Y3xhHp4xmgf+1lGve90SnK+uxHQ3pZKCHDWFNKhGRdddgPv6HoxI3O284Xv24p40DNlR2bdrSfvfiEnAXS6LXLQB6o7zQZ/e/5dalqcemcOWl+g1QFvf1YqvvGYi0KDPYdH/bSaMRcXTxn6+yLTboOQQAQKPPql8eiWdazf/SuL+h3M5iDWUkIu6JiF0RcW9E7I6I+yLysg9ExINrrL95aejW+U96+Y4CW6Vs/vdisba1fP5Xzv5ipFLkduTxDybHTtRmDxSfyVgMbsnykyvU8f0rv37ebl/j/C/bsvrLuWDRjssDTQ/oZqYXpvNJaQdc+Shi70Cr+JMbKwFJROyJiL1re+udZeLEU9/sa1fo9vGvoAPrTEtfRzxZ7//FaIq/lKy8Pjnxv6jNHpgoj4pb/fzLxTfb1b+u+Dsg6/+ty4//5iIjSeN67fza67j4+6dt72nu9PgfSt7Oz0dlR30wvbBwZjJiKDmSvzhUlM1fn7r5t2W+LJ/FP7a/9fjfFTcreCgisoP44Yh4JCIeLdr+WEQ8HhH7V4j/x5fb79sM/T/T8vx34/hv6v+1Jyonf/iuXf2r6/9DeWqseCU//93Gahu4ns8OAAAA/ivS/DvwSTp+I52m4+P17/Dvjq1pbW5+4eljc++fnql/V34kBtPySddww/PQyWSxeMd6fqp4VlzuP1g8N/6i8v88P16dq830OHbod9vajP/MH5Vetw7YcK3W0aaGetAQoOuax3+6PHvhjW42Bugqv9eG/nWb8Z92qx1A97n+Q/9qNf4vNOWtBcDdyfUf+pfxD/3L+If+ZfxDX1rP7/ol+jkR6aZohsQGJXp9ZgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMfwMAAP//d5Lu1w==")

kernel console output (not intermixed with test programs):

evsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  998.587497][T14305] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  998.742135][T21063] bridge0: port 1(bridge_slave_0) entered blocking state
[  998.749347][T21063] bridge0: port 1(bridge_slave_0) entered disabled state
[  998.790425][T21063] bridge_slave_0: entered allmulticast mode
[  998.798628][T21063] bridge_slave_0: entered promiscuous mode
[  998.921844][T21063] bridge0: port 2(bridge_slave_1) entered blocking state
[  998.940909][T21063] bridge0: port 2(bridge_slave_1) entered disabled state
[  998.965180][T21063] bridge_slave_1: entered allmulticast mode
[  998.983547][T21063] bridge_slave_1: entered promiscuous mode
[  999.171598][T13193] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  999.443076][T13193] usb 10-1: Using ep0 maxpacket: 32
[  999.504015][T13193] usb 10-1: config 0 has an invalid interface number: 184 but max is 0
[ 1000.011346][ T5850] Bluetooth: hci1: command tx timeout
[ 1000.015522][T21063] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1000.022763][T13193] usb 10-1: config 0 has no interface number 0
[ 1000.030814][T21063] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1000.107910][T13193] usb 10-1: config 0 interface 184 has no altsetting 0
[ 1000.281433][T13193] usb 10-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1000.290635][T13193] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1000.316639][T13193] usb 10-1: Product: syz
[ 1000.320947][T13193] usb 10-1: Manufacturer: syz
[ 1000.325963][T13193] usb 10-1: SerialNumber: syz
[ 1000.361752][T13193] usb 10-1: config 0 descriptor??
[ 1000.380638][T13193] smsc75xx v1.0.0
[ 1000.484715][T21167] loop4: detected capacity change from 0 to 1024
[ 1000.508815][T21167] EXT4-fs: Ignoring removed nobh option
[ 1000.521237][T21063] team0: Port device team_slave_0 added
[ 1000.538708][T21167] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1000.573044][T21063] team0: Port device team_slave_1 added
[ 1000.610588][T21167] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.4775: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1000.639723][T21167] EXT4-fs (loop4): Remounting filesystem read-only
[ 1000.671440][T21167] __quota_error: 53 callbacks suppressed
[ 1000.671466][T21167] Quota error (device loop4): qtree_write_dquot: dquota write failed
[ 1000.692410][T21167] Quota error (device loop4): v2_write_file_info: Can't write info structure
[ 1000.727075][T21063] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1000.732507][T21167] EXT4-fs (loop4): 1 orphan inode deleted
[ 1000.734929][T21063] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1000.766473][T21063] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1000.788172][T21167] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1000.797661][T21063] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1000.807766][T21063] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1000.834416][T21063] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1000.879973][   T30] audit: type=1326 audit(1752642578.121:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21174 comm="syz.0.4778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1000.882388][T14305] bridge_slave_1: left allmulticast mode
[ 1000.913938][T14305] bridge_slave_1: left promiscuous mode
[ 1000.939662][   T30] audit: type=1326 audit(1752642578.121:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21174 comm="syz.0.4778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1000.948915][T14305] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1000.986818][T16874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1001.000932][   T30] audit: type=1326 audit(1752642578.161:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21174 comm="syz.0.4778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1001.057914][   T30] audit: type=1326 audit(1752642578.161:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21174 comm="syz.0.4778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1001.102769][T14305] bridge_slave_0: left allmulticast mode
[ 1001.108543][T14305] bridge_slave_0: left promiscuous mode
[ 1001.140833][   T30] audit: type=1326 audit(1752642578.161:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21174 comm="syz.0.4778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1001.166515][T14305] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1001.192814][   T30] audit: type=1326 audit(1752642578.161:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21174 comm="syz.0.4778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1001.216937][   T30] audit: type=1326 audit(1752642578.161:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21174 comm="syz.0.4778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1001.240251][   T30] audit: type=1326 audit(1752642578.161:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21174 comm="syz.0.4778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1001.690513][T13193] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[ 1001.752285][T13193] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1001.942034][T13193] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1002.127393][T13193] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1002.171582][T13193] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1002.231398][T13193] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1002.291748][T13193] smsc75xx 10-1:0.184: probe with driver smsc75xx failed with error -71
[ 1002.434082][T13193] usb 10-1: USB disconnect, device number 8
[ 1002.548517][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1002.560672][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1003.001762][T21199] siw: device registration error -23
[ 1003.635812][T21199] loop6: detected capacity change from 0 to 512
[ 1003.643422][T21199] EXT4-fs: Ignoring removed oldalloc option
[ 1003.699621][T21199] EXT4-fs error (device loop6): ext4_xattr_inode_iget:432: comm syz.6.4783: Parent and EA inode have the same ino 15
[ 1003.807978][T21199] EXT4-fs error (device loop6): ext4_xattr_inode_iget:432: comm syz.6.4783: Parent and EA inode have the same ino 15
[ 1003.843829][T21199] EXT4-fs (loop6): 1 orphan inode deleted
[ 1003.851743][T21199] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1004.160683][T19331] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1004.636802][ T5160] Bluetooth: hci5: command 0x0406 tx timeout
[ 1005.561028][T14305] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1005.607588][T14305] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1005.648098][T14305] bond0 (unregistering): Released all slaves
[ 1006.217917][T21063] hsr_slave_0: entered promiscuous mode
[ 1006.250475][T21063] hsr_slave_1: entered promiscuous mode
[ 1006.282328][T21063] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1006.289972][T21063] Cannot create hsr debugfs directory
[ 1007.923862][T14305] hsr_slave_0: left promiscuous mode
[ 1007.956817][T14305] hsr_slave_1: left promiscuous mode
[ 1007.972278][T14305] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1007.991574][T14305] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1008.012386][T14305] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1008.036860][T14305] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1008.108800][T14305] veth1_macvtap: left promiscuous mode
[ 1008.131743][T14305] veth0_macvtap: left promiscuous mode
[ 1008.161891][T14305] veth1_vlan: left promiscuous mode
[ 1008.167273][T14305] veth0_vlan: left promiscuous mode
[ 1009.837932][T21262] siw: device registration error -23
[ 1009.908274][T21262] loop6: detected capacity change from 0 to 512
[ 1009.922181][T21262] EXT4-fs: Ignoring removed oldalloc option
[ 1010.152112][T21262] EXT4-fs error (device loop6): ext4_xattr_inode_iget:432: comm syz.6.4800: Parent and EA inode have the same ino 15
[ 1010.497664][T21262] EXT4-fs error (device loop6): ext4_xattr_inode_iget:432: comm syz.6.4800: Parent and EA inode have the same ino 15
[ 1010.512390][T21262] EXT4-fs (loop6): 1 orphan inode deleted
[ 1010.520147][T21262] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1010.814043][T19331] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1011.414784][T14305] team0 (unregistering): Port device team_slave_1 removed
[ 1011.854596][T14305] team0 (unregistering): Port device team_slave_0 removed
[ 1014.648674][T21253] syzkaller1: entered promiscuous mode
[ 1014.758215][T21253] syzkaller1: entered allmulticast mode
[ 1014.976222][T21281] loop4: detected capacity change from 0 to 1024
[ 1015.017007][T21281] EXT4-fs: Ignoring removed nobh option
[ 1015.061399][T21281] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1015.166636][T21281] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.4808: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1015.195895][T21281] EXT4-fs (loop4): Remounting filesystem read-only
[ 1015.202613][T21281] Quota error (device loop4): qtree_write_dquot: dquota write failed
[ 1015.212879][T21281] Quota error (device loop4): v2_write_file_info: Can't write info structure
[ 1015.221861][T21281] EXT4-fs (loop4): 1 orphan inode deleted
[ 1015.229612][T21281] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1015.355802][T16874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1015.670638][   T30] audit: type=1326 audit(1752642592.911:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21303 comm="syz.0.4817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1015.744251][   T30] audit: type=1326 audit(1752642592.911:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21303 comm="syz.0.4817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1015.810465][   T30] audit: type=1326 audit(1752642592.911:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21303 comm="syz.0.4817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1015.860499][   T30] audit: type=1326 audit(1752642592.911:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21303 comm="syz.0.4817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1015.926387][   T30] audit: type=1326 audit(1752642592.911:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21303 comm="syz.0.4817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1016.008338][   T30] audit: type=1326 audit(1752642592.921:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21303 comm="syz.0.4817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1016.061832][   T30] audit: type=1326 audit(1752642592.921:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21303 comm="syz.0.4817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1016.125817][T21063] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1016.149636][T21063] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1016.181491][   T30] audit: type=1326 audit(1752642592.921:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21303 comm="syz.0.4817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7ffc0000
[ 1016.264762][T21063] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1016.456514][T21063] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1018.023633][T21335] syzkaller1: entered promiscuous mode
[ 1018.031454][T21335] syzkaller1: entered allmulticast mode
[ 1020.050211][T21063] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1021.825500][T21063] 8021q: adding VLAN 0 to HW filter on device team0
[ 1022.401628][T14317] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1022.408932][T14317] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1022.575579][T14288] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.582772][T14288] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1023.273358][T21358] netlink: 'syz.0.4830': attribute type 64 has an invalid length.
[ 1023.291944][T21358] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4830'.
[ 1023.342209][   T30] kauditd_printk_skb: 19 callbacks suppressed
[ 1023.342236][   T30] audit: type=1326 audit(1752642600.561:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.9.4831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f255778e929 code=0x7ffc0000
[ 1023.481715][   T30] audit: type=1326 audit(1752642600.561:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.9.4831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f255778e929 code=0x7ffc0000
[ 1023.585709][   T30] audit: type=1326 audit(1752642600.571:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.9.4831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f255778e929 code=0x7ffc0000
[ 1023.667310][   T30] audit: type=1326 audit(1752642600.571:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.9.4831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f255778e929 code=0x7ffc0000
[ 1023.752611][   T30] audit: type=1326 audit(1752642600.571:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.9.4831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f255778e929 code=0x7ffc0000
[ 1024.689123][   T30] audit: type=1326 audit(1752642600.581:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.9.4831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f255778e929 code=0x7ffc0000
[ 1024.751763][   T30] audit: type=1326 audit(1752642600.581:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.9.4831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f255778e929 code=0x7ffc0000
[ 1024.774405][   T30] audit: type=1326 audit(1752642600.581:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.9.4831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f255778e929 code=0x7ffc0000
[ 1024.951391][   T30] audit: type=1326 audit(1752642600.591:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.9.4831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f255778e929 code=0x7ffc0000
[ 1025.026378][   T30] audit: type=1326 audit(1752642600.591:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.9.4831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f255778e929 code=0x7ffc0000
[ 1025.262853][T21063] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1026.883370][T21063] veth0_vlan: entered promiscuous mode
[ 1026.953722][T21063] veth1_vlan: entered promiscuous mode
[ 1027.237625][T21063] veth0_macvtap: entered promiscuous mode
[ 1027.279460][T21063] veth1_macvtap: entered promiscuous mode
[ 1027.834734][T21063] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1028.471525][T21063] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1029.338118][T21063] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1029.348263][T21063] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1029.357055][T21063] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1029.366537][T21063] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1029.496443][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1029.496471][   T30] audit: type=1326 audit(1752642606.731:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21415 comm="syz.8.4846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12878e929 code=0x7ffc0000
[ 1029.623801][   T30] audit: type=1326 audit(1752642606.731:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21415 comm="syz.8.4846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12878e929 code=0x7ffc0000
[ 1029.720587][   T30] audit: type=1326 audit(1752642606.771:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21415 comm="syz.8.4846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb12878e929 code=0x7ffc0000
[ 1030.004262][   T30] audit: type=1326 audit(1752642606.771:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21415 comm="syz.8.4846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12878e929 code=0x7ffc0000
[ 1030.004341][   T30] audit: type=1326 audit(1752642606.771:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21415 comm="syz.8.4846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb12878e929 code=0x7ffc0000
[ 1030.004415][   T30] audit: type=1326 audit(1752642606.771:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21415 comm="syz.8.4846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12878e929 code=0x7ffc0000
[ 1030.004486][   T30] audit: type=1326 audit(1752642606.781:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21415 comm="syz.8.4846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12878e929 code=0x7ffc0000
[ 1030.004558][   T30] audit: type=1326 audit(1752642606.781:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21415 comm="syz.8.4846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb12878e929 code=0x7ffc0000
[ 1030.004628][   T30] audit: type=1326 audit(1752642606.781:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21415 comm="syz.8.4846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12878e929 code=0x7ffc0000
[ 1030.004699][   T30] audit: type=1326 audit(1752642606.781:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21415 comm="syz.8.4846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb12878e929 code=0x7ffc0000
[ 1030.890951][T21016] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1030.890986][T21016] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1031.048818][T14324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1031.048851][T14324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1031.301974][T21426] netlink: 'syz.0.4849': attribute type 12 has an invalid length.
[ 1031.302013][T21426] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4849'.
[ 1031.714146][T21436] loop6: detected capacity change from 0 to 1024
[ 1031.717891][T21436] EXT4-fs: Ignoring removed nobh option
[ 1031.718871][T21436] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1031.835918][T21436] EXT4-fs error (device loop6): ext4_map_blocks:780: inode #3: block 2: comm syz.6.4852: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1032.667942][T21436] EXT4-fs (loop6): Remounting filesystem read-only
[ 1032.685540][T21436] EXT4-fs (loop6): 1 orphan inode deleted
[ 1032.707818][T21436] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1033.043422][T19331] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1033.052619][ T5850] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11
[ 1033.291849][ T6071] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1033.362047][T21467] netlink: 'syz.6.4860': attribute type 21 has an invalid length.
[ 1033.400856][T21467] netlink: 156 bytes leftover after parsing attributes in process `syz.6.4860'.
[ 1033.563720][ T6071] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1034.054130][ T6071] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1034.117587][T21474] loop0: detected capacity change from 0 to 8192
[ 1034.371588][T21481] Bluetooth: hci0: service_discovery: too big uuid_count value 65535
[ 1034.983325][ T6071] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1035.482862][ T6071] bridge_slave_1: left allmulticast mode
[ 1035.496356][ T6071] bridge_slave_1: left promiscuous mode
[ 1035.542271][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1035.632699][ T6071] bridge_slave_0: left allmulticast mode
[ 1035.655159][ T6071] bridge_slave_0: left promiscuous mode
[ 1035.680742][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1036.433851][ T5160] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1036.444230][ T5160] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1036.453563][ T5160] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1036.468441][ T5160] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1036.478853][ T5160] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1038.541387][ T5850] Bluetooth: hci1: command tx timeout
[ 1039.547139][T21529] loop9: detected capacity change from 0 to 8192
[ 1039.629320][T21488] syz.8.4866 (21488): drop_caches: 2
[ 1040.026670][T21535] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1040.087116][T21535] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1040.461440][ T5850] Bluetooth: hci0: command 0x0406 tx timeout
[ 1040.576803][ T6071] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1040.617482][ T6071] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1040.626524][ T5160] Bluetooth: hci1: command tx timeout
[ 1040.653789][ T6071] bond0 (unregistering): Released all slaves
[ 1040.848573][T21510] lo speed is unknown, defaulting to 1000
[ 1041.478355][T21554] syz.6.4885: attempt to access beyond end of device
[ 1041.478355][T21554] nbd6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1041.492006][T21554] gfs2: error -5 reading superblock
[ 1042.141211][T21549] 9pnet: Could not find request transport: fd0x0000000000000003
[ 1042.349898][T21556] loop6: detected capacity change from 0 to 512
[ 1042.390179][T21556] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1042.431902][T21556] EXT4-fs (loop6): 1 truncate cleaned up
[ 1042.439729][T21556] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1042.730858][ T5160] Bluetooth: hci1: command tx timeout
[ 1043.001635][ T5960] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1043.683943][T19331] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1044.714404][ T5960] usb 1-1: config 0 has no interfaces?
[ 1044.762852][ T5960] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1044.789665][ T5960] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1044.791472][ T5160] Bluetooth: hci1: command tx timeout
[ 1045.546624][ T5960] usb 1-1: Product: syz
[ 1045.600507][ T5960] usb 1-1: Manufacturer: syz
[ 1045.618824][ T5960] usb 1-1: SerialNumber: syz
[ 1045.676398][ T5960] usb 1-1: config 0 descriptor??
[ 1045.757785][ T6071] hsr_slave_0: left promiscuous mode
[ 1046.058282][ T6071] hsr_slave_1: left promiscuous mode
[ 1046.913956][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1046.944154][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1046.967044][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1046.984021][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1047.042961][ T6071] veth1_macvtap: left promiscuous mode
[ 1047.048725][ T6071] veth0_macvtap: left promiscuous mode
[ 1047.055775][ T6071] veth1_vlan: left promiscuous mode
[ 1047.061355][ T6071] veth0_vlan: left promiscuous mode
[ 1048.035356][ T5960] usb 1-1: can't set config #0, error -71
[ 1048.042781][ T5960] usb 1-1: USB disconnect, device number 3
[ 1048.911124][ T6071] team0 (unregistering): Port device team_slave_1 removed
[ 1048.991495][ T6071] team0 (unregistering): Port device team_slave_0 removed
[ 1049.289054][T21611] loop4: detected capacity change from 0 to 8192
[ 1049.880773][T21510] chnl_net:caif_netlink_parms(): no params data found
[ 1049.905640][T21617] syz.6.4902: attempt to access beyond end of device
[ 1049.905640][T21617] nbd6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1049.981737][T21617] gfs2: error -5 reading superblock
[ 1050.280271][T21627] netlink: 60 bytes leftover after parsing attributes in process `syz.9.4906'.
[ 1052.005753][T21643] program syz.0.4909 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1052.226347][T21510] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1052.244043][T21510] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1053.199757][T21510] bridge_slave_0: entered allmulticast mode
[ 1053.231541][T21510] bridge_slave_0: entered promiscuous mode
[ 1053.250985][T21510] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1053.283438][T21510] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1053.290823][T21510] bridge_slave_1: entered allmulticast mode
[ 1053.321577][T21510] bridge_slave_1: entered promiscuous mode
[ 1054.918030][T21510] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1055.017748][T21510] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1055.322517][T21510] team0: Port device team_slave_0 added
[ 1055.647399][T21510] team0: Port device team_slave_1 added
[ 1056.713815][T21510] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1056.837423][T21510] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1057.060135][T13200] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 1057.441082][T21510] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1057.454681][T21510] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1057.461716][T21510] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1057.487904][T21510] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1057.619490][T21705] siw: device registration error -23
[ 1058.298921][T13200] usb 5-1: device descriptor read/64, error -71
[ 1058.403792][T21705] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(8)
[ 1058.410695][T21705] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1058.420390][T21705] vhci_hcd vhci_hcd.0: Device attached
[ 1058.541038][T21706] vhci_hcd: connection closed
[ 1058.558002][T14311] vhci_hcd: stop threads
[ 1058.558562][T21712] program syz.8.4927 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1058.611671][T14311] vhci_hcd: release socket
[ 1058.713574][T13200] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 1058.996773][T14311] vhci_hcd: disconnect device
[ 1060.269960][T21510] hsr_slave_0: entered promiscuous mode
[ 1061.015118][T21510] hsr_slave_1: entered promiscuous mode
[ 1061.021546][T21510] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1061.029136][T21510] Cannot create hsr debugfs directory
[ 1063.645452][ T5160] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1063.655331][ T5160] CPU: 1 UID: 0 PID: 5160 Comm: kworker/u9:1 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1063.655387][ T5160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1063.655413][ T5160] Workqueue: hci0 hci_rx_work
[ 1063.655450][ T5160] Call Trace:
[ 1063.655464][ T5160]  <TASK>
[ 1063.655478][ T5160]  dump_stack_lvl+0x16c/0x1f0
[ 1063.655534][ T5160]  sysfs_warn_dup+0x7f/0xa0
[ 1063.655581][ T5160]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1063.655629][ T5160]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1063.655674][ T5160]  ? find_held_lock+0x2b/0x80
[ 1063.655732][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.655778][ T5160]  ? do_raw_spin_unlock+0x172/0x230
[ 1063.655827][ T5160]  kobject_add_internal+0x2c4/0x9b0
[ 1063.655875][ T5160]  kobject_add+0x16e/0x240
[ 1063.655912][ T5160]  ? __pfx_kobject_add+0x10/0x10
[ 1063.655952][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.655998][ T5160]  ? do_raw_spin_unlock+0x172/0x230
[ 1063.656043][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.656088][ T5160]  ? kobject_put+0xab/0x5a0
[ 1063.656125][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.656179][ T5160]  device_add+0x288/0x1a70
[ 1063.656219][ T5160]  ? __pfx_dev_set_name+0x10/0x10
[ 1063.656266][ T5160]  ? __pfx_device_add+0x10/0x10
[ 1063.656305][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.656357][ T5160]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1063.656429][ T5160]  hci_conn_add_sysfs+0x17e/0x230
[ 1063.656469][ T5160]  le_conn_complete_evt+0x1075/0x1d70
[ 1063.656537][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.656584][ T5160]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1063.656640][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.656694][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.656748][ T5160]  hci_le_conn_complete_evt+0x23c/0x370
[ 1063.656817][ T5160]  hci_le_meta_evt+0x357/0x5e0
[ 1063.656850][ T5160]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1063.656915][ T5160]  hci_event_packet+0x685/0x11c0
[ 1063.656970][ T5160]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1063.657009][ T5160]  ? __pfx_hci_event_packet+0x10/0x10
[ 1063.657067][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.657114][ T5160]  ? kcov_remote_start+0x3c9/0x6d0
[ 1063.657157][ T5160]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1063.657212][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.657268][ T5160]  hci_rx_work+0x2c5/0x16b0
[ 1063.657306][ T5160]  ? rcu_is_watching+0x12/0xc0
[ 1063.657369][ T5160]  process_one_work+0x9cf/0x1b70
[ 1063.657430][ T5160]  ? __pfx_process_one_work+0x10/0x10
[ 1063.657473][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.657530][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.657575][ T5160]  ? assign_work+0x1a0/0x250
[ 1063.657617][ T5160]  worker_thread+0x6c8/0xf10
[ 1063.657682][ T5160]  ? __pfx_worker_thread+0x10/0x10
[ 1063.657724][ T5160]  kthread+0x3c5/0x780
[ 1063.657763][ T5160]  ? __pfx_kthread+0x10/0x10
[ 1063.657802][ T5160]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1063.657846][ T5160]  ? rcu_is_watching+0x12/0xc0
[ 1063.657895][ T5160]  ? __pfx_kthread+0x10/0x10
[ 1063.657935][ T5160]  ret_from_fork+0x5d7/0x6f0
[ 1063.657992][ T5160]  ? __pfx_kthread+0x10/0x10
[ 1063.658030][ T5160]  ret_from_fork_asm+0x1a/0x30
[ 1063.658096][ T5160]  </TASK>
[ 1063.658131][ T5160] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1063.994967][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1064.001658][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1064.040264][ T5160] Bluetooth: hci0: failed to register connection device
[ 1064.149397][T21743] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1064.161947][T21743] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1064.171442][T21743] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1064.195772][T21754] syz.6.4941: attempt to access beyond end of device
[ 1064.195772][T21754] nbd6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1064.235078][T21754] gfs2: error -5 reading superblock
[ 1064.499711][T21743] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1064.570533][T21757] syz.0.4939: attempt to access beyond end of device
[ 1064.570533][T21757] nbd0: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1064.584153][T21757] gfs2: error -5 reading superblock
[ 1064.647212][T21743] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1065.081124][T21743] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1065.125337][T21743] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1065.256827][T21743] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1065.293568][T21743] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1065.623759][T21743] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1065.865776][T21743] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1065.885471][T21743] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1065.892451][T21765] xt_hashlimit: size too large, truncated to 1048576
[ 1065.924592][T21743] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1066.221448][ T5850] Bluetooth: hci2: command 0x0406 tx timeout
[ 1066.227547][ T5850] Bluetooth: hci4: command 0x0406 tx timeout
[ 1066.330067][T21510] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1066.472649][T21510] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1066.525725][T21510] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1066.547008][ T5850] Bluetooth: hci3: command 0x0406 tx timeout
[ 1066.632330][T21510] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1066.830575][T21783] bridge0: port 3(gretap0) entered blocking state
[ 1066.837929][T21783] bridge0: port 3(gretap0) entered disabled state
[ 1066.845772][T21783] gretap0: entered allmulticast mode
[ 1066.869077][T21783] gretap0: entered promiscuous mode
[ 1067.042949][ T5850] Bluetooth: hci5: command 0x0406 tx timeout
[ 1067.411332][ T5850] Bluetooth: hci0: command 0x0406 tx timeout
[ 1067.795716][T21510] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1067.866206][T21510] 8021q: adding VLAN 0 to HW filter on device team0
[ 1067.901519][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1068.885397][ T5850] Bluetooth: hci2: command 0x0406 tx timeout
[ 1068.886837][ T5160] Bluetooth: hci3: command 0x0406 tx timeout
[ 1068.993267][T21801] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1069.006085][T21801] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1069.136384][ T5160] Bluetooth: hci5: command 0x0406 tx timeout
[ 1069.432528][ T5160] Bluetooth: hci0: command 0x0406 tx timeout
[ 1069.643144][ T6014] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1069.650376][ T6014] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1069.699263][ T6014] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1069.706542][ T6014] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1070.486873][T21812] syz.8.4957: attempt to access beyond end of device
[ 1070.486873][T21812] nbd8: rw=4096, sector=2, nr_sectors = 2 limit=0
[ 1070.508336][T21812] EXT4-fs (nbd8): unable to read superblock
[ 1070.998381][ T5160] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1071.506872][ T5160] Bluetooth: hci0: command 0x0406 tx timeout
[ 1073.288118][ T5160] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1074.639596][T21855] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1075.266970][T21510] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1076.023304][T21510] veth0_vlan: entered promiscuous mode
[ 1076.910432][T21510] veth1_vlan: entered promiscuous mode
[ 1077.186488][T21510] veth0_macvtap: entered promiscuous mode
[ 1077.230790][T21510] veth1_macvtap: entered promiscuous mode
[ 1077.282160][T21510] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1077.297922][T21895] loop4: detected capacity change from 0 to 1024
[ 1077.305686][T21895] EXT4-fs: Ignoring removed nobh option
[ 1077.317546][T21510] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1077.326126][T21895] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1077.340118][T21510] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1077.351030][T21510] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1077.370288][T21510] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1077.385721][T21510] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1077.397999][T21895] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.4981: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1077.451949][T21895] EXT4-fs (loop4): Remounting filesystem read-only
[ 1077.571420][T21895] __quota_error: 18 callbacks suppressed
[ 1077.571447][T21895] Quota error (device loop4): qtree_write_dquot: dquota write failed
[ 1077.613087][T21895] Quota error (device loop4): v2_write_file_info: Can't write info structure
[ 1077.644830][T21895] EXT4-fs (loop4): 1 orphan inode deleted
[ 1077.674539][T21895] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1078.089139][T21911] siw: device registration error -23
[ 1078.207694][T21913] random: crng reseeded on system resumption
[ 1079.684837][T16874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1079.723778][T14317] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1079.751183][T14317] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1080.753677][ T6014] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1080.791617][ T6014] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1081.813791][T21945] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1081.841523][T21945] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1085.075049][T14322] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.385585][T14322] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.584205][T14322] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.663123][ T5850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1085.672299][ T5850] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1085.680315][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1085.701314][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1085.710824][T14322] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.722980][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1085.837679][T21954] lo speed is unknown, defaulting to 1000
[ 1085.899128][T14322] bridge_slave_1: left allmulticast mode
[ 1085.911550][T14322] bridge_slave_1: left promiscuous mode
[ 1085.917447][T14322] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1085.927108][T14322] bridge_slave_0: left allmulticast mode
[ 1085.935021][T14322] bridge_slave_0: left promiscuous mode
[ 1085.942644][T14322] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1087.105216][T21968] No buffer was provided with the request
[ 1087.821625][ T5160] Bluetooth: hci1: command tx timeout
[ 1089.625619][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1089.642179][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1089.652770][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1089.663904][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1089.673260][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1089.916937][ T5850] Bluetooth: hci1: command tx timeout
[ 1090.042736][T22001] siw: device registration error -23
[ 1091.981548][ T5850] Bluetooth: hci1: command tx timeout
[ 1091.987168][ T5850] Bluetooth: hci4: command tx timeout
[ 1093.698229][T14322] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1094.061794][ T5160] Bluetooth: hci4: command tx timeout
[ 1094.069208][ T5160] Bluetooth: hci1: command tx timeout
[ 1094.472022][T14322] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1094.539570][T14322] bond0 (unregistering): Released all slaves
[ 1094.641672][T22015] Unsupported ieee802154 address type: 0
[ 1096.089442][T21991] lo speed is unknown, defaulting to 1000
[ 1096.141687][ T5850] Bluetooth: hci4: command tx timeout
[ 1096.643649][T22030] loop6: detected capacity change from 0 to 8192
[ 1097.792337][T13200] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1098.146356][T14322] hsr_slave_0: left promiscuous mode
[ 1098.180409][T14322] hsr_slave_1: left promiscuous mode
[ 1098.211555][T14322] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1098.219053][T14322] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1098.230742][ T5850] Bluetooth: hci4: command tx timeout
[ 1098.721733][T14322] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1098.722018][T13200] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1098.729201][T14322] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1098.831569][T13200] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1098.883457][T13200] usb 1-1: config 0 descriptor??
[ 1098.901046][T14322] veth1_macvtap: left promiscuous mode
[ 1098.917442][T14322] veth0_macvtap: left promiscuous mode
[ 1098.923504][T14322] veth1_vlan: left promiscuous mode
[ 1098.931521][T14322] veth0_vlan: left promiscuous mode
[ 1099.297257][T13200] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[ 1099.324378][T13200] asix 1-1:0.0: probe with driver asix failed with error -32
[ 1099.357600][T13200] usb 1-1: USB disconnect, device number 4
[ 1099.406686][T22066] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5033'.
[ 1099.517851][T22068] misc userio: The device must be registered before sending interrupts
[ 1099.529416][T22068] misc userio: The device must be registered before sending interrupts
[ 1101.521279][T22074] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1101.531570][T22074] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1103.978437][T13192] IPVS: starting estimator thread 0...
[ 1104.294531][T22093] IPVS: using max 21 ests per chain, 50400 per kthread
[ 1104.558072][T14322] team0 (unregistering): Port device team_slave_1 removed
[ 1104.640536][T14322] team0 (unregistering): Port device team_slave_0 removed
[ 1106.194264][T22104] xt_hashlimit: size too large, truncated to 1048576
[ 1106.788899][T21954] chnl_net:caif_netlink_parms(): no params data found
[ 1107.254450][T22113] loop8: detected capacity change from 0 to 512
[ 1107.466851][T22113] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1107.576572][T22125] syz.6.5048: attempt to access beyond end of device
[ 1107.576572][T22125] nbd6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1107.590227][T22125] gfs2: error -5 reading superblock
[ 1108.348525][T22113] EXT4-fs (loop8): 1 truncate cleaned up
[ 1108.473224][T22113] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1108.549781][T21954] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1108.571465][T21954] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1108.578769][T21954] bridge_slave_0: entered allmulticast mode
[ 1108.789382][T21954] bridge_slave_0: entered promiscuous mode
[ 1109.475060][T19998] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1109.501790][T21954] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1109.509003][T21954] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1109.541508][T21954] bridge_slave_1: entered allmulticast mode
[ 1109.581661][T21954] bridge_slave_1: entered promiscuous mode
[ 1109.829467][T21954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1109.862721][T21991] chnl_net:caif_netlink_parms(): no params data found
[ 1109.882190][T22142] tmpfs: Bad value for 'mpol'
[ 1109.904022][T21954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1110.837778][T21954] team0: Port device team_slave_0 added
[ 1110.850176][T21954] team0: Port device team_slave_1 added
[ 1111.724888][T22159] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5061'.
[ 1111.886665][T21954] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1111.901495][T21954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1111.928369][T21954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1112.194102][T21954] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1112.273004][T21954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1112.409674][T22164] loop6: detected capacity change from 0 to 1024
[ 1112.501533][T22164] EXT4-fs: Ignoring removed nobh option
[ 1112.530693][T21954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1112.608024][T22164] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1112.846455][T22164] EXT4-fs error (device loop6): ext4_map_blocks:780: inode #3: block 2: comm syz.6.5062: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1112.897554][T22164] EXT4-fs (loop6): Remounting filesystem read-only
[ 1112.907750][T22168] Unsupported ieee802154 address type: 0
[ 1112.948663][T22164] Quota error (device loop6): qtree_write_dquot: dquota write failed
[ 1112.979933][T22164] Quota error (device loop6): v2_write_file_info: Can't write info structure
[ 1113.000021][T22164] EXT4-fs (loop6): 1 orphan inode deleted
[ 1113.018565][T22164] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1113.165985][T19331] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1113.318055][T21991] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1113.454917][T21991] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1113.561503][T22185] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5066'.
[ 1113.909078][T21991] bridge_slave_0: entered allmulticast mode
[ 1113.917326][T21991] bridge_slave_0: entered promiscuous mode
[ 1113.927606][T21991] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1113.935024][T21991] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1113.942328][T21991] bridge_slave_1: entered allmulticast mode
[ 1113.950414][T21991] bridge_slave_1: entered promiscuous mode
[ 1113.986728][T21954] hsr_slave_0: entered promiscuous mode
[ 1114.001016][T21954] hsr_slave_1: entered promiscuous mode
[ 1114.020210][T21954] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1114.054233][T21954] Cannot create hsr debugfs directory
[ 1114.326249][T14322] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1114.570111][T22191] loop8: detected capacity change from 0 to 8192
[ 1114.662691][T14322] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1114.769417][T21991] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1114.947672][T14322] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1115.408830][T21991] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1115.677728][T14322] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1115.826258][T21991] team0: Port device team_slave_0 added
[ 1116.518125][T21991] team0: Port device team_slave_1 added
[ 1116.759536][T22223] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5078'.
[ 1116.911724][T22225] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5078'.
[ 1116.959572][T21991] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1116.983357][T21991] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1117.012293][T21991] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1117.026090][T21991] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1117.033599][T21991] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1117.060173][T21991] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1118.211487][T21991] hsr_slave_0: entered promiscuous mode
[ 1118.238148][T21991] hsr_slave_1: entered promiscuous mode
[ 1118.293442][T21991] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1118.301572][T21991] Cannot create hsr debugfs directory
[ 1119.317843][T14322] batadv2: left allmulticast mode
[ 1119.331418][T14322] batadv2: left promiscuous mode
[ 1119.343495][T14322] bridge0: port 4(batadv2) entered disabled state
[ 1119.355510][T22247] loop4: detected capacity change from 0 to 8192
[ 1119.367055][T14322] batadv1: left allmulticast mode
[ 1119.373021][T14322] batadv1: left promiscuous mode
[ 1119.378247][T14322] bridge0: port 3(batadv1) entered disabled state
[ 1119.387850][T14322] bridge_slave_1: left allmulticast mode
[ 1119.393888][T14322] bridge_slave_1: left promiscuous mode
[ 1119.399906][T14322] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1119.426935][T14322] bridge_slave_0: left allmulticast mode
[ 1119.441338][T14322] bridge_slave_0: left promiscuous mode
[ 1119.458237][T14322] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1119.520544][T22257] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5087'.
[ 1119.535349][ T5918] IPVS: starting estimator thread 0...
[ 1119.641607][T22258] IPVS: using max 22 ests per chain, 52800 per kthread
[ 1119.715026][T14322] erspan0 (unregistering): left allmulticast mode
[ 1119.822358][T14322] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1120.070804][T14322] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1120.085236][T14322] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1120.100869][T14322] bond0 (unregistering): Released all slaves
[ 1120.119864][T22252] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1120.129491][T22252] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1120.139153][T22252] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1120.287253][T22243] syzkaller1: entered promiscuous mode
[ 1120.311339][T22243] syzkaller1: entered allmulticast mode
[ 1120.386338][T22257] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1120.401552][T14322] tipc: Left network mode
[ 1121.233002][T22268] siw: device registration error -23
[ 1121.254450][T22268] loop0: detected capacity change from 0 to 512
[ 1121.264088][T22268] EXT4-fs: Ignoring removed oldalloc option
[ 1122.021088][T22268] EXT4-fs error (device loop0): ext4_xattr_inode_iget:432: comm syz.0.5089: Parent and EA inode have the same ino 15
[ 1122.102141][T22268] EXT4-fs error (device loop0): ext4_xattr_inode_iget:432: comm syz.0.5089: Parent and EA inode have the same ino 15
[ 1122.118309][T22268] EXT4-fs (loop0): 1 orphan inode deleted
[ 1122.160868][T22268] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1122.440055][T17717] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1123.413076][T22285] syz.6.5094: attempt to access beyond end of device
[ 1123.413076][T22285] nbd6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1123.426729][T22285] gfs2: error -5 reading superblock
[ 1124.607020][T14322] hsr_slave_0: left promiscuous mode
[ 1124.622763][T14322] hsr_slave_1: left promiscuous mode
[ 1124.693969][T22299] netlink: 'syz.6.5098': attribute type 11 has an invalid length.
[ 1124.919471][T14322] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1124.927227][T14322] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1124.947516][T14322] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1124.970258][T14322] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1125.094924][T14322] veth1_macvtap: left promiscuous mode
[ 1125.100507][T14322] veth0_macvtap: left promiscuous mode
[ 1125.130999][T14322] veth1_vlan: left allmulticast mode
[ 1125.212788][T14322] veth1_vlan: left promiscuous mode
[ 1125.253278][T14322] veth0_vlan: left promiscuous mode
[ 1125.460224][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1125.472264][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1127.322431][T14322] team0 (unregistering): Port device team_slave_1 removed
[ 1127.373540][T14322] team0 (unregistering): Port device team_slave_0 removed
[ 1130.395364][T22342] xt_hashlimit: size too large, truncated to 1048576
[ 1131.143683][T22348] overlayfs: failed to resolve './file0': -2
[ 1132.779052][T22363] trusted_key: syz.4.5117 sent an empty control message without MSG_MORE.
[ 1133.591089][T22308] syzkaller1: entered promiscuous mode
[ 1133.601475][T22308] syzkaller1: entered allmulticast mode
[ 1133.653531][T18047] lo speed is unknown, defaulting to 1000
[ 1133.671816][T18047] infiniband syz0: ib_query_port failed (-19)
[ 1134.325752][T22373] netlink: 168 bytes leftover after parsing attributes in process `syz.4.5120'.
[ 1136.099775][T21954] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1136.183480][T21954] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1136.986226][T21954] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1137.026951][T21954] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1138.733641][T21954] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1138.764144][T21954] 8021q: adding VLAN 0 to HW filter on device team0
[ 1138.883749][T14320] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1138.890983][T14320] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1138.946323][T14320] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1138.953672][T14320] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1139.366977][T21991] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1139.448406][T21991] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1140.149098][T22425] loop0: detected capacity change from 0 to 512
[ 1140.156552][T22425] EXT4-fs: Ignoring removed oldalloc option
[ 1140.763069][T21991] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1140.834270][T22425] EXT4-fs error (device loop0): ext4_xattr_inode_iget:432: comm syz.0.5133: Parent and EA inode have the same ino 15
[ 1140.928002][T22424] lo speed is unknown, defaulting to 1000
[ 1140.934951][T22424] lo speed is unknown, defaulting to 1000
[ 1140.939654][T22425] EXT4-fs error (device loop0): ext4_xattr_inode_iget:432: comm syz.0.5133: Parent and EA inode have the same ino 15
[ 1140.942546][T22424] lo speed is unknown, defaulting to 1000
[ 1140.972102][T22425] EXT4-fs (loop0): 1 orphan inode deleted
[ 1140.973376][T22424] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1140.979961][T22425] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1141.025727][T21991] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1141.091446][T22424] lo speed is unknown, defaulting to 1000
[ 1141.099574][T22424] lo speed is unknown, defaulting to 1000
[ 1141.123912][T22424] lo speed is unknown, defaulting to 1000
[ 1141.132104][T22424] lo speed is unknown, defaulting to 1000
[ 1141.139909][T22424] lo speed is unknown, defaulting to 1000
[ 1141.147702][T22424] lo speed is unknown, defaulting to 1000
[ 1141.343386][T17717] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1141.572114][T22435] loop4: detected capacity change from 0 to 8192
[ 1141.650195][T22449] program syz.6.5139 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1142.201787][T21991] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1142.796422][T21954] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1142.922318][T21991] 8021q: adding VLAN 0 to HW filter on device team0
[ 1142.994670][ T6071] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1143.001942][ T6071] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1143.649714][ T6071] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1143.657026][ T6071] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1145.512119][T22485] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5149'.
[ 1146.410100][T22496] loop4: detected capacity change from 0 to 8192
[ 1146.520929][ T5160] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1146.534208][ T5160] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1146.546022][ T5160] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1146.573619][ T5160] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1146.591958][ T5160] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1146.707628][T22500] lo speed is unknown, defaulting to 1000
[ 1146.790677][T22505] sg_write: data in/out 64380/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1146.790677][T22505]    program syz.0.5154 not setting count and/or reply_len properly
[ 1148.371504][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1148.381724][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1148.389631][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1148.398910][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1148.407470][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1148.626521][ T5160] Bluetooth: hci1: command tx timeout
[ 1149.053458][T22532] netlink: 'syz.0.5159': attribute type 1 has an invalid length.
[ 1149.061628][T22532] netlink: 'syz.0.5159': attribute type 2 has an invalid length.
[ 1149.171384][T22525] vxfs: WRONG superblock magic 00000000 at 1
[ 1149.182234][T22525] vxfs: WRONG superblock magic 00000000 at 8
[ 1149.188578][T22525] vxfs: can't find superblock.
[ 1149.436308][T22521] lo speed is unknown, defaulting to 1000
[ 1150.491262][ T5160] Bluetooth: hci4: command tx timeout
[ 1150.702379][ T5160] Bluetooth: hci1: command tx timeout
[ 1150.880538][T22542] Unsupported ieee802154 address type: 0
[ 1151.017085][T22500] chnl_net:caif_netlink_parms(): no params data found
[ 1152.103049][ T6071] bridge_slave_1: left allmulticast mode
[ 1152.109225][ T6071] bridge_slave_1: left promiscuous mode
[ 1152.118085][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1152.139006][ T6071] bridge_slave_0: left allmulticast mode
[ 1152.174320][ T6071] bridge_slave_0: left promiscuous mode
[ 1152.269111][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1152.541437][ T5160] Bluetooth: hci4: command tx timeout
[ 1152.781349][ T5160] Bluetooth: hci1: command tx timeout
[ 1153.806914][ T6071] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1153.837109][ T6071] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1153.861100][ T6071] bond0 (unregistering): Released all slaves
[ 1154.621737][ T5160] Bluetooth: hci4: command tx timeout
[ 1154.863056][ T5160] Bluetooth: hci1: command tx timeout
[ 1154.941441][ T6071] hsr_slave_0: left promiscuous mode
[ 1155.328237][ T6071] hsr_slave_1: left promiscuous mode
[ 1155.438442][T22581] program syz.8.5173 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1155.494739][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1155.542250][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1156.701361][ T5160] Bluetooth: hci4: command tx timeout
[ 1156.785769][T22595] loop8: detected capacity change from 0 to 512
[ 1156.801369][T22595] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1157.061115][T22595] EXT4-fs (loop8): 1 truncate cleaned up
[ 1157.338478][T22595] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1158.468879][T19998] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1159.518314][ T6071] team0 (unregistering): Port device team_slave_1 removed
[ 1161.129687][ T6071] team0 (unregistering): Port device team_slave_0 removed
[ 1163.296997][T22500] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1163.504152][T22500] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1163.512477][T22500] bridge_slave_0: entered allmulticast mode
[ 1163.520865][T22500] bridge_slave_0: entered promiscuous mode
[ 1163.530650][T22500] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1163.538068][T22500] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1163.554228][T22500] bridge_slave_1: entered allmulticast mode
[ 1163.648159][T22652] hub 1-0:1.0: USB hub found
[ 1163.653564][T22652] hub 1-0:1.0: 1 port detected
[ 1164.510512][T22500] bridge_slave_1: entered promiscuous mode
[ 1164.545415][T22521] chnl_net:caif_netlink_parms(): no params data found
[ 1164.821564][T18209] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1164.971181][T22659] syz.4.5195: attempt to access beyond end of device
[ 1164.971181][T22659] nbd4: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1164.974600][T22500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1164.984471][T22659] gfs2: error -5 reading superblock
[ 1165.031568][T18209] usb 7-1: Using ep0 maxpacket: 16
[ 1165.046394][T18209] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[ 1165.073326][T22500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1165.084888][T18209] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1165.126071][T18209] usb 7-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[ 1165.156265][T18209] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1165.190085][T18209] usb 7-1: Product: syz
[ 1165.205341][T18209] usb 7-1: Manufacturer: syz
[ 1165.218481][T18209] usb 7-1: SerialNumber: syz
[ 1165.283021][T18209] usb 7-1: config 0 descriptor??
[ 1166.267536][T18209] appledisplay 7-1:0.0: Error while getting initial brightness: -32
[ 1166.286126][T18209] appledisplay 7-1:0.0: probe with driver appledisplay failed with error -32
[ 1166.479852][T18209] usb 7-1: USB disconnect, device number 4
[ 1166.614492][T22500] team0: Port device team_slave_0 added
[ 1166.663422][T22500] team0: Port device team_slave_1 added
[ 1166.761789][T13193] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1166.899392][T22521] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1166.908632][T22521] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1166.932848][T22521] bridge_slave_0: entered allmulticast mode
[ 1166.933440][T13193] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1166.953139][T22521] bridge_slave_0: entered promiscuous mode
[ 1166.958367][T13193] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1166.985250][T22500] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1167.003976][T13193] usb 1-1: config 0 descriptor??
[ 1167.009872][T22500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1167.068503][T22500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1167.103822][T22521] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1167.111057][T22521] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1167.132237][T22521] bridge_slave_1: entered allmulticast mode
[ 1167.140376][T22521] bridge_slave_1: entered promiscuous mode
[ 1167.215668][T13193] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[ 1167.234101][T13193] asix 1-1:0.0: probe with driver asix failed with error -32
[ 1167.267883][T13193] usb 1-1: USB disconnect, device number 5
[ 1167.276243][T22500] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1167.300869][T22500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1167.341542][T22500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1167.463056][T22521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1167.949100][T22521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1168.794735][T22684] loop0: detected capacity change from 0 to 8192
[ 1168.824433][T22500] hsr_slave_0: entered promiscuous mode
[ 1168.843840][T22500] hsr_slave_1: entered promiscuous mode
[ 1168.872655][T22500] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1168.911261][T22500] Cannot create hsr debugfs directory
[ 1168.988857][T22521] team0: Port device team_slave_0 added
[ 1169.052817][T22521] team0: Port device team_slave_1 added
[ 1170.880867][T22521] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1170.890065][T22521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1170.916010][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1170.984040][T22521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1171.048349][T22521] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1171.071288][T22521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1171.097272][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1171.180826][T22521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1171.410471][T22713] random: crng reseeded on system resumption
[ 1173.454298][T22521] hsr_slave_0: entered promiscuous mode
[ 1173.465526][T22521] hsr_slave_1: entered promiscuous mode
[ 1173.481402][T22521] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1173.504330][T22521] Cannot create hsr debugfs directory
[ 1175.750108][T22737] overlayfs: failed to resolve './file1': -2
[ 1176.736930][ T6071] bridge_slave_1: left allmulticast mode
[ 1176.889877][ T6071] bridge_slave_1: left promiscuous mode
[ 1176.907397][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1177.249434][ T6071] bridge_slave_0: left allmulticast mode
[ 1177.309639][T22750] netlink: 'syz.8.5220': attribute type 11 has an invalid length.
[ 1177.445771][ T6071] bridge_slave_0: left promiscuous mode
[ 1177.490921][   T30] audit: type=1326 audit(1752642754.731:1457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22740 comm="syz.0.5218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ffa18e929 code=0x7fc00000
[ 1177.532300][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1179.824432][T22765] netlink: 21 bytes leftover after parsing attributes in process `syz.0.5225'.
[ 1179.844658][T22765] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5225'.
[ 1180.041154][T22768] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1180.050482][T22768] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1180.644540][ T6071] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1180.664479][ T6071] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1180.703301][ T6071] bond0 (unregistering): Released all slaves
[ 1181.492532][ T6071] hsr_slave_0: left promiscuous mode
[ 1181.543868][ T6071] hsr_slave_1: left promiscuous mode
[ 1181.587728][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1181.637158][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1182.371885][T22779] overlayfs: failed to resolve './file1': -2
[ 1183.766676][T22794] netlink: 'syz.6.5233': attribute type 11 has an invalid length.
[ 1185.137273][T22805] syz.6.5238: attempt to access beyond end of device
[ 1185.137273][T22805] nbd6: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1185.151371][T22805] gfs2: error -5 reading superblock
[ 1185.209615][ T6071] team0 (unregistering): Port device team_slave_1 removed
[ 1185.325859][ T6071] team0 (unregistering): Port device team_slave_0 removed
[ 1186.874754][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1186.881381][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1189.109010][T22500] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1189.336520][T22500] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1189.877190][T22500] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1190.307876][T22500] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1191.870982][T22500] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1193.487982][T22500] 8021q: adding VLAN 0 to HW filter on device team0
[ 1193.590477][T14320] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1193.597751][T14320] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1193.851054][T14320] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1193.858367][T14320] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1194.635426][T22521] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1194.802452][T22521] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1195.259415][T22521] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1195.304064][T22521] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1198.879722][T22521] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1199.015873][T22521] 8021q: adding VLAN 0 to HW filter on device team0
[ 1199.055035][T20962] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1199.062280][T20962] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1199.648518][T22387] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1199.655870][T22387] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1200.059042][T22521] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1200.196180][T22500] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1201.203040][T22940] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in;
[ 1201.203040][T22940]    program syz.0.5271 not setting count and/or reply_len properly
[ 1205.344129][T22521] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1205.702896][T22521] veth0_vlan: entered promiscuous mode
[ 1205.757691][T22521] veth1_vlan: entered promiscuous mode
[ 1208.823990][T22985] loop4: detected capacity change from 0 to 8192
[ 1209.057950][ T5850] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1209.068090][ T5850] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1209.077594][ T5850] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1209.098906][ T5850] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1209.106831][ T5850] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1210.951514][T22999] program syz.4.5286 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1211.078873][T22988] lo speed is unknown, defaulting to 1000
[ 1211.183724][ T5160] Bluetooth: hci6: command tx timeout
[ 1212.305621][T23009] xt_CT: No such helper "snmp_trap"
[ 1213.261629][ T5160] Bluetooth: hci6: command tx timeout
[ 1214.573533][ T5850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1214.589995][ T5850] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1214.598959][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1214.610450][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1214.620090][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1214.780469][T23025] loop8: detected capacity change from 0 to 512
[ 1214.845799][T23025] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1214.910781][T23025] EXT4-fs (loop8): 1 truncate cleaned up
[ 1214.918843][T23025] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1215.963941][ T5160] Bluetooth: hci6: command tx timeout
[ 1216.953527][ T5160] Bluetooth: hci1: command tx timeout
[ 1217.388508][T23020] lo speed is unknown, defaulting to 1000
[ 1218.072283][ T5160] Bluetooth: hci6: command tx timeout
[ 1218.481516][T19998] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1218.952384][T21486] bridge_slave_1: left allmulticast mode
[ 1218.967866][T21486] bridge_slave_1: left promiscuous mode
[ 1218.984825][T21486] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1219.022042][ T5160] Bluetooth: hci1: command tx timeout
[ 1219.427528][T23039] loop6: detected capacity change from 0 to 8192
[ 1219.477037][T21486] bridge_slave_0: left allmulticast mode
[ 1219.482983][T21486] bridge_slave_0: left promiscuous mode
[ 1219.510178][T21486] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1221.101334][ T5160] Bluetooth: hci1: command tx timeout
[ 1221.145017][T23070] loop0: detected capacity change from 0 to 1024
[ 1221.387128][T23070] EXT4-fs: Ignoring removed nobh option
[ 1222.236755][T23070] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1222.405393][T23070] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 2: comm syz.0.5307: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1222.448648][T23070] EXT4-fs (loop0): Remounting filesystem read-only
[ 1222.563055][T23070] Quota error (device loop0): qtree_write_dquot: dquota write failed
[ 1223.045689][T23070] Quota error (device loop0): v2_write_file_info: Can't write info structure
[ 1223.055805][T23070] EXT4-fs (loop0): 1 orphan inode deleted
[ 1223.160807][T23070] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1223.182332][ T5160] Bluetooth: hci1: command tx timeout
[ 1223.326588][T17717] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1223.906206][T21486] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1223.927747][T21486] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1223.944421][T21486] bond0 (unregistering): Released all slaves
[ 1224.195264][T22988] chnl_net:caif_netlink_parms(): no params data found
[ 1225.052059][T23110] 9pnet_fd: Insufficient options for proto=fd
[ 1226.057075][T21486] hsr_slave_0: left promiscuous mode
[ 1227.039914][T21486] hsr_slave_1: left promiscuous mode
[ 1227.072429][T21486] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1227.087256][T23100] siw: device registration error -23
[ 1227.145279][T21486] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1228.335045][T23136] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5330'.
[ 1228.366776][ T5918] IPVS: starting estimator thread 0...
[ 1228.481836][T23137] IPVS: using max 23 ests per chain, 55200 per kthread
[ 1230.787874][T23157] 9pnet_fd: Insufficient options for proto=fd
[ 1231.584954][T23162] netlink: 'syz.6.5336': attribute type 10 has an invalid length.
[ 1231.586077][T21486] team0 (unregistering): Port device team_slave_1 removed
[ 1231.593397][T23162] netlink: 40 bytes leftover after parsing attributes in process `syz.6.5336'.
[ 1232.201994][T21486] team0 (unregistering): Port device team_slave_0 removed
[ 1232.286716][T23169] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in;
[ 1232.286716][T23169]    program syz.0.5340 not setting count and/or reply_len properly
[ 1237.652038][T23162] team0: entered promiscuous mode
[ 1237.657230][T23162] team_slave_0: entered promiscuous mode
[ 1237.687478][T23162] team_slave_1: entered promiscuous mode
[ 1237.701494][T23162] team0: entered allmulticast mode
[ 1237.738986][T23162] team_slave_0: entered allmulticast mode
[ 1237.769398][T23162] team_slave_1: entered allmulticast mode
[ 1237.791048][T23162] bridge0: port 3(team0) entered blocking state
[ 1237.807908][T23162] bridge0: port 3(team0) entered disabled state
[ 1237.899088][T23162] bridge0: port 3(team0) entered blocking state
[ 1237.905552][T23162] bridge0: port 3(team0) entered forwarding state
[ 1238.021392][T23020] chnl_net:caif_netlink_parms(): no params data found
[ 1238.405943][T22988] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1238.447769][T23205] 9pnet_fd: Insufficient options for proto=fd
[ 1238.455109][T22988] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1238.485297][T22988] bridge_slave_0: entered allmulticast mode
[ 1238.507955][T22988] bridge_slave_0: entered promiscuous mode
[ 1238.852479][T22988] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1238.859857][T22988] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1239.682007][T22988] bridge_slave_1: entered allmulticast mode
[ 1239.690266][T22988] bridge_slave_1: entered promiscuous mode
[ 1241.256060][T22988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1241.331432][   T30] audit: type=1326 audit(1752642818.541:1458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23223 comm="syz.6.5355" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5ae258e929 code=0x0
[ 1241.403868][T23020] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1241.455558][T23020] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1241.486679][T23020] bridge_slave_0: entered allmulticast mode
[ 1241.535551][T23020] bridge_slave_0: entered promiscuous mode
[ 1241.555231][T22988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1241.641877][T23020] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1241.653745][T23020] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1241.668843][T23020] bridge_slave_1: entered allmulticast mode
[ 1241.698769][T23020] bridge_slave_1: entered promiscuous mode
[ 1242.919924][T22988] team0: Port device team_slave_0 added
[ 1243.376726][T23234] loop8: detected capacity change from 0 to 8192
[ 1243.378957][T22988] team0: Port device team_slave_1 added
[ 1243.410059][T23020] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1244.285082][T23020] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1244.794570][T23255] netlink: 168 bytes leftover after parsing attributes in process `syz.0.5365'.
[ 1245.695943][T23257] netlink: 'syz.8.5363': attribute type 11 has an invalid length.
[ 1246.446002][T22988] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1246.466057][T22988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1247.235980][T22988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1247.283645][T22988] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1247.290622][T22988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1247.868977][T22988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1247.942201][T23020] team0: Port device team_slave_0 added
[ 1248.382352][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1248.388825][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1248.596086][T23020] team0: Port device team_slave_1 added
[ 1250.453978][T23020] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1250.483828][T23020] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1250.510830][T23020] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1251.859485][T23294] netlink: 'syz.4.5374': attribute type 11 has an invalid length.
[ 1252.015366][T22988] hsr_slave_0: entered promiscuous mode
[ 1252.027470][T22988] hsr_slave_1: entered promiscuous mode
[ 1252.047098][T22988] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1252.055181][T22988] Cannot create hsr debugfs directory
[ 1252.085124][T23020] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1252.161263][T23020] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1252.331481][T23020] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1252.392392][T23298] loop8: detected capacity change from 0 to 8192
[ 1253.054150][T23020] hsr_slave_0: entered promiscuous mode
[ 1253.065751][T13169] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[ 1253.103628][T23020] hsr_slave_1: entered promiscuous mode
[ 1253.151294][T23020] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1253.342571][T13169] usb 5-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1253.948784][T23020] Cannot create hsr debugfs directory
[ 1253.961226][T13169] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1253.991750][T13169] usb 5-1: config 0 descriptor??
[ 1254.427816][T13169] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1255.188485][T13169] asix 5-1:0.0: probe with driver asix failed with error -71
[ 1255.199889][T13169] usb 5-1: USB disconnect, device number 4
[ 1256.717601][T21486] bridge_slave_1: left allmulticast mode
[ 1256.739672][T21486] bridge_slave_1: left promiscuous mode
[ 1256.766086][T21486] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1256.816678][T21486] bridge_slave_0: left allmulticast mode
[ 1256.838696][T21486] bridge_slave_0: left promiscuous mode
[ 1256.895007][T21486] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1258.875500][T21486] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1258.986017][T21486] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1259.843043][T21486] bond0 (unregistering): Released all slaves
[ 1263.396394][T23326] team0: Port device team_slave_0 removed
[ 1264.114922][T23349] loop6: detected capacity change from 0 to 8192
[ 1264.596432][T21486] hsr_slave_0: left promiscuous mode
[ 1265.011770][T21486] hsr_slave_1: left promiscuous mode
[ 1265.036378][T21486] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1265.232673][T21486] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1265.331740][T21486] veth1_vlan: left promiscuous mode
[ 1265.352689][T21486] veth0_vlan: left promiscuous mode
[ 1265.705475][T23369] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in;
[ 1265.705475][T23369]    program syz.4.5394 not setting count and/or reply_len properly
[ 1265.728456][T13193] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1266.078838][T13193] usb 7-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1266.199055][T13193] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1266.376965][T13193] usb 7-1: config 0 descriptor??
[ 1266.630379][T13193] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1266.673775][T13193] asix 7-1:0.0: probe with driver asix failed with error -71
[ 1266.716653][T13193] usb 7-1: USB disconnect, device number 5
[ 1268.219470][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1268.233499][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1268.336437][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1269.287056][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1269.342831][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1269.917824][T21486] team0 (unregistering): Port device team_slave_1 removed
[ 1269.974864][T21486] team0 (unregistering): Port device team_slave_0 removed
[ 1270.634371][T23388] lo speed is unknown, defaulting to 1000
[ 1271.670797][ T5160] Bluetooth: hci4: command tx timeout
[ 1273.597677][T23414] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 1273.604281][T23414] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1273.752972][ T5160] Bluetooth: hci4: command tx timeout
[ 1274.188468][T23414] vhci_hcd vhci_hcd.0: Device attached
[ 1274.351560][T13192] usb 34-1: SetAddress Request (2) to port 0
[ 1274.468274][T13192] usb 34-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1275.238651][T23415] vhci_hcd: connection reset by peer
[ 1275.288813][T23424] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in;
[ 1275.288813][T23424]    program syz.4.5408 not setting count and/or reply_len properly
[ 1275.294652][ T6014] vhci_hcd: stop threads
[ 1275.359676][ T6014] vhci_hcd: release socket
[ 1275.536029][ T6014] vhci_hcd: disconnect device
[ 1275.853462][ T5160] Bluetooth: hci4: command tx timeout
[ 1275.874074][T11447] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1275.884630][T11447] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1275.893389][T11447] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1275.940961][T11447] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1276.183082][T11447] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1277.796290][T23388] chnl_net:caif_netlink_parms(): no params data found
[ 1277.901474][ T5160] Bluetooth: hci4: command tx timeout
[ 1278.471492][T23432] lo speed is unknown, defaulting to 1000
[ 1278.600989][T21486] bridge_slave_1: left allmulticast mode
[ 1278.639076][T21486] bridge_slave_1: left promiscuous mode
[ 1278.701472][T21486] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1278.944205][ T5160] Bluetooth: hci7: command tx timeout
[ 1279.345594][T21486] bridge_slave_0: left allmulticast mode
[ 1279.546080][T21486] bridge_slave_0: left promiscuous mode
[ 1279.601109][T21486] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1279.712279][T23450] fuse: Invalid rootmode
[ 1279.744540][T13192] usb 34-1: device descriptor read/8, error -110
[ 1280.932645][T13192] usb usb34-port1: attempt power cycle
[ 1281.027148][T21486] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1281.037106][ T5160] Bluetooth: hci7: command tx timeout
[ 1281.287697][T21486] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1281.583643][T13192] usb usb34-port1: unable to enumerate USB device
[ 1282.259735][T21486] bond0 (unregistering): Released all slaves
[ 1283.264489][ T5160] Bluetooth: hci7: command tx timeout
[ 1285.362064][T11447] Bluetooth: hci7: command tx timeout
[ 1286.035406][T21486] hsr_slave_0: left promiscuous mode
[ 1286.051413][T21486] hsr_slave_1: left promiscuous mode
[ 1286.102586][T21486] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1286.123742][T21486] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1287.417997][T23492] loop8: detected capacity change from 0 to 1024
[ 1287.447095][T23492] EXT4-fs: Ignoring removed nobh option
[ 1287.467566][T23492] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1287.528234][T23492] EXT4-fs error (device loop8): ext4_map_blocks:780: inode #3: block 2: comm syz.8.5424: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1287.545575][T23492] EXT4-fs (loop8): Remounting filesystem read-only
[ 1287.552344][T23492] Quota error (device loop8): qtree_write_dquot: dquota write failed
[ 1287.561054][T23492] Quota error (device loop8): v2_write_file_info: Can't write info structure
[ 1287.570985][T23492] EXT4-fs (loop8): 1 orphan inode deleted
[ 1287.579608][T23492] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1287.828614][T19998] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1287.960687][T21486] team0 (unregistering): Port device team_slave_1 removed
[ 1288.041033][T21486] team0 (unregistering): Port device team_slave_0 removed
[ 1288.117607][T23500] netlink: 'syz.8.5427': attribute type 11 has an invalid length.
[ 1291.171376][T23388] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1291.182518][T23388] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1291.189809][T23388] bridge_slave_0: entered allmulticast mode
[ 1291.202248][T23388] bridge_slave_0: entered promiscuous mode
[ 1291.218875][T23388] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1291.236751][T23388] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1291.246988][T23388] bridge_slave_1: entered allmulticast mode
[ 1291.269227][T23388] bridge_slave_1: entered promiscuous mode
[ 1291.465763][T23536] netlink: 'syz.6.5435': attribute type 11 has an invalid length.
[ 1293.315587][T23388] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1293.356381][T23388] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1294.027394][T23388] team0: Port device team_slave_0 added
[ 1294.083411][T23388] team0: Port device team_slave_1 added
[ 1294.155811][T21486] bridge_slave_1: left allmulticast mode
[ 1294.163850][T21486] bridge_slave_1: left promiscuous mode
[ 1294.189054][T21486] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1294.246699][T21486] bridge_slave_0: left allmulticast mode
[ 1294.284233][T21486] bridge_slave_0: left promiscuous mode
[ 1294.318100][T21486] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1295.119030][T21486] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1295.184915][T21486] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1295.206694][T21486] bond0 (unregistering): Released all slaves
[ 1295.302230][T23388] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1295.309329][T23388] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1295.338281][T23388] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1295.370923][T23432] chnl_net:caif_netlink_parms(): no params data found
[ 1295.400916][T23388] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1295.421765][T23388] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1295.467490][T23388] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1295.507739][T21486] hsr_slave_0: left promiscuous mode
[ 1295.517901][T21486] hsr_slave_1: left promiscuous mode
[ 1295.532368][T21486] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1295.544020][T21486] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1297.147429][T21486] team0 (unregistering): Port device team_slave_1 removed
[ 1298.021911][T21486] team0 (unregistering): Port device team_slave_0 removed
[ 1298.161498][T23587] netlink: 'syz.0.5451': attribute type 11 has an invalid length.
[ 1299.132529][T23583] loop6: detected capacity change from 0 to 8192
[ 1300.251804][T23613] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in;
[ 1300.251804][T23613]    program syz.6.5454 not setting count and/or reply_len properly
[ 1301.482918][T23388] hsr_slave_0: entered promiscuous mode
[ 1301.490775][T23388] hsr_slave_1: entered promiscuous mode
[ 1301.540697][T23388] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1301.565608][T23388] Cannot create hsr debugfs directory
[ 1301.606434][T23622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5460'.
[ 1301.686649][T23630] netlink: 'syz.6.5463': attribute type 11 has an invalid length.
[ 1305.213715][T23432] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1305.228608][T23432] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1305.236617][T23432] bridge_slave_0: entered allmulticast mode
[ 1305.256157][T23432] bridge_slave_0: entered promiscuous mode
[ 1305.297216][T23432] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1305.510718][T23432] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1305.518768][T23432] bridge_slave_1: entered allmulticast mode
[ 1305.913167][T23432] bridge_slave_1: entered promiscuous mode
[ 1305.930276][T23638] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5465'.
[ 1306.172678][T23655] netlink: 'syz.6.5469': attribute type 11 has an invalid length.
[ 1307.144063][T23432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1308.827939][T23432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1309.748231][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1309.756183][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1309.976616][T23432] team0: Port device team_slave_0 added
[ 1310.089925][T23432] team0: Port device team_slave_1 added
[ 1311.595087][T23693] netlink: 'syz.8.5480': attribute type 11 has an invalid length.
[ 1311.911833][T23432] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1311.918852][T23432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1312.041011][T23432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1312.339969][T23432] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1313.109165][T23432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1313.312114][T23698] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in;
[ 1313.312114][T23698]    program syz.0.5482 not setting count and/or reply_len properly
[ 1313.391304][T23432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1313.805714][T23432] hsr_slave_0: entered promiscuous mode
[ 1313.922568][T23432] hsr_slave_1: entered promiscuous mode
[ 1314.121599][T23432] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1314.241612][T23432] Cannot create hsr debugfs directory
[ 1315.081288][T23388] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1315.164488][T23388] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1315.193748][T23388] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1315.247298][T23725] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1315.260095][T23388] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1315.666222][T23432] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1315.943931][T23432] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1315.983834][T23432] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1316.026214][T23721] bond0: entered promiscuous mode
[ 1316.032162][T23721] bond_slave_0: entered promiscuous mode
[ 1316.038062][T23721] bond_slave_1: entered promiscuous mode
[ 1316.051550][T23721] bond0: entered allmulticast mode
[ 1316.058734][T23721] bond_slave_0: entered allmulticast mode
[ 1316.068206][T23721] bond_slave_1: entered allmulticast mode
[ 1316.080884][T23432] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1316.967432][T23388] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1317.525322][T23388] 8021q: adding VLAN 0 to HW filter on device team0
[ 1317.574340][T14281] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1317.581614][T14281] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1317.686998][ T6014] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1317.694277][ T6014] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1317.772868][T23752] netlink: 'syz.6.5495': attribute type 11 has an invalid length.
[ 1320.942849][T23432] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1321.030918][T23432] 8021q: adding VLAN 0 to HW filter on device team0
[ 1321.066723][ T6014] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1321.073979][ T6014] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1321.129711][T23770] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1321.234394][ T6071] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1321.241824][ T6071] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1321.701522][T23765] loop4: detected capacity change from 0 to 8192
[ 1322.845122][T23388] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1323.669860][T23432] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1325.522640][T23817] netlink: 'syz.4.5514': attribute type 11 has an invalid length.
[ 1325.575413][T23432] veth0_vlan: entered promiscuous mode
[ 1325.871716][T23816] mkiss: ax0: crc mode is auto.
[ 1326.648827][T23827] netlink: 'syz.6.5516': attribute type 11 has an invalid length.
[ 1328.062138][T23432] veth1_vlan: entered promiscuous mode
[ 1328.189906][T23432] veth0_macvtap: entered promiscuous mode
[ 1328.248848][T23432] veth1_macvtap: entered promiscuous mode
[ 1328.340244][T23432] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1328.385602][T23432] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1328.406950][T23432] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.432243][T23432] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.441007][T23432] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.486681][T23432] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.948052][T11447] Bluetooth: hci2: command 0x0406 tx timeout
[ 1329.315690][T23845] netlink: 'syz.4.5519': attribute type 11 has an invalid length.
[ 1334.525600][T23886] netlink: 'syz.4.5529': attribute type 11 has an invalid length.
[ 1334.714937][T11447] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1334.758384][T11447] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1334.772875][T11447] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1334.796961][T11447] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1334.804973][T11447] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1335.144113][T11447] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1335.167418][T11447] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1335.192045][T11447] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1335.210840][T11447] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1335.221757][T11447] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1335.328331][T23900] netlink: 'syz.0.5531': attribute type 11 has an invalid length.
[ 1336.861287][ T5160] Bluetooth: hci1: command tx timeout
[ 1337.064692][T23889] lo speed is unknown, defaulting to 1000
[ 1337.306683][ T5160] Bluetooth: hci4: command tx timeout
[ 1337.342450][ T5918] IPVS: starting estimator thread 0...
[ 1337.570849][T23892] lo speed is unknown, defaulting to 1000
[ 1337.597904][T23916] IPVS: using max 23 ests per chain, 55200 per kthread
[ 1339.590751][ T5160] Bluetooth: hci1: command tx timeout
[ 1339.590767][T11447] Bluetooth: hci4: command tx timeout
[ 1341.439649][T23950] loop4: detected capacity change from 0 to 512
[ 1341.451877][T23950] EXT4-fs: Ignoring removed oldalloc option
[ 1341.663695][ T5160] Bluetooth: hci1: command tx timeout
[ 1341.669776][T11447] Bluetooth: hci4: command tx timeout
[ 1342.365047][T23950] EXT4-fs error (device loop4): ext4_xattr_inode_iget:432: comm syz.4.5545: Parent and EA inode have the same ino 15
[ 1342.456430][T23950] EXT4-fs error (device loop4): ext4_xattr_inode_iget:432: comm syz.4.5545: Parent and EA inode have the same ino 15
[ 1342.518161][T23950] EXT4-fs (loop4): 1 orphan inode deleted
[ 1342.525636][T23950] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1342.649674][T23957] netlink: 'syz.8.5546': attribute type 11 has an invalid length.
[ 1342.802315][T23889] chnl_net:caif_netlink_parms(): no params data found
[ 1342.905237][T22387] bridge_slave_1: left allmulticast mode
[ 1342.910938][T22387] bridge_slave_1: left promiscuous mode
[ 1342.911425][T16874] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1342.980187][T23960] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in;
[ 1342.980187][T23960]    program syz.4.5547 not setting count and/or reply_len properly
[ 1343.086917][T22387] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1343.197385][T22387] bridge_slave_0: left allmulticast mode
[ 1343.265450][T22387] bridge_slave_0: left promiscuous mode
[ 1343.399341][T22387] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1343.751323][T11447] Bluetooth: hci4: command tx timeout
[ 1343.751418][ T5160] Bluetooth: hci1: command tx timeout
[ 1350.669482][T22387] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1350.767922][T22387] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1350.842186][T22387] bond0 (unregistering): Released all slaves
[ 1352.281715][T23892] chnl_net:caif_netlink_parms(): no params data found
[ 1352.664972][T22387] hsr_slave_0: left promiscuous mode
[ 1352.732208][T22387] hsr_slave_1: left promiscuous mode
[ 1352.738466][T22387] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1352.808287][T22387] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1356.805199][T24059] affs: No valid root block on device nullb0
[ 1358.995327][T22387] team0 (unregistering): Port device team_slave_1 removed
[ 1360.478239][T22387] team0 (unregistering): Port device team_slave_0 removed
[ 1360.550294][   T30] audit: type=1800 audit(1752642937.791:1459): pid=24078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.5577" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0
[ 1364.272379][T23889] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1364.279674][T23889] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1364.297689][T23889] bridge_slave_0: entered allmulticast mode
[ 1364.327045][T23889] bridge_slave_0: entered promiscuous mode
[ 1364.428738][T23889] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1364.456103][T23889] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1364.468217][T23889] bridge_slave_1: entered allmulticast mode
[ 1364.477158][T23889] bridge_slave_1: entered promiscuous mode
[ 1364.698659][T24120] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1364.718441][T24120] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5594'.
[ 1365.327567][T23889] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1365.378069][T23892] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1365.391644][T23892] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1365.455600][T24126] netlink: 'syz.0.5597': attribute type 11 has an invalid length.
[ 1366.272777][T23892] bridge_slave_0: entered allmulticast mode
[ 1366.280914][T23892] bridge_slave_0: entered promiscuous mode
[ 1366.345673][T23889] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1366.529249][T23892] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1366.629671][T23892] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1366.641399][T23892] bridge_slave_1: entered allmulticast mode
[ 1366.650610][T23892] bridge_slave_1: entered promiscuous mode
[ 1368.483656][T23892] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1368.529507][T23889] team0: Port device team_slave_0 added
[ 1368.613951][T23892] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1368.727467][T23889] team0: Port device team_slave_1 added
[ 1368.937480][T24160] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[ 1369.024100][T22387] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1369.261436][T13192] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 1369.402320][T13192] usb 1-1: device descriptor read/64, error -71
[ 1369.475493][T23892] team0: Port device team_slave_0 added
[ 1369.633346][T22387] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1369.641371][T13192] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 1369.674137][T23892] team0: Port device team_slave_1 added
[ 1369.750357][T24170] netlink: 'syz.6.5612': attribute type 11 has an invalid length.
[ 1371.077909][T13192] usb 1-1: device descriptor read/64, error -71
[ 1371.271415][T24171] program syz.8.5611 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1371.317393][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1371.327136][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1371.813074][T13192] usb usb1-port1: attempt power cycle
[ 1372.030822][T23889] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1372.093996][T23889] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1372.119993][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1372.232656][T23889] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1372.338159][T23892] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1372.345409][T23892] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1372.393665][T23892] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1372.432630][T23889] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1372.439999][T23889] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1372.465941][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1372.474577][T23889] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1372.554421][T24181] netlink: 'syz.6.5616': attribute type 1 has an invalid length.
[ 1372.810979][T22387] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1373.303183][T23892] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1373.310205][T23892] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1373.551303][T23892] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1373.927155][T22387] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1376.059707][T23889] hsr_slave_0: entered promiscuous mode
[ 1376.078225][T23889] hsr_slave_1: entered promiscuous mode
[ 1376.883229][T23889] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1376.890846][T23889] Cannot create hsr debugfs directory
[ 1377.012509][T23892] hsr_slave_0: entered promiscuous mode
[ 1377.032048][T23892] hsr_slave_1: entered promiscuous mode
[ 1377.040037][T23892] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1377.048580][T23892] Cannot create hsr debugfs directory
[ 1377.221742][ T5918] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 1378.511279][ T5918] usb 1-1: device descriptor read/64, error -71
[ 1378.771244][ T5918] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1378.951280][ T5918] usb 1-1: device descriptor read/64, error -71
[ 1379.141238][ T5918] usb usb1-port1: attempt power cycle
[ 1379.469994][T22387] bridge_slave_1: left allmulticast mode
[ 1379.491155][T22387] bridge_slave_1: left promiscuous mode
[ 1379.496984][T22387] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1379.548046][T22387] bridge_slave_0: left allmulticast mode
[ 1379.577734][T22387] bridge_slave_0: left promiscuous mode
[ 1379.601857][T22387] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1379.941214][ T5918] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[ 1380.016834][ T5918] usb 1-1: device descriptor read/8, error -71
[ 1380.878815][T24246] random: crng reseeded on system resumption
[ 1385.285945][T22387] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1385.322862][T22387] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1385.348317][T22387] bond0 (unregistering): Released all slaves
[ 1386.030508][T22387] hsr_slave_0: left promiscuous mode
[ 1386.063343][T22387] hsr_slave_1: left promiscuous mode
[ 1386.069615][T22387] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1386.089161][T22387] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1386.122888][T22387] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1386.150820][T22387] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1386.240345][T22387] veth1_macvtap: left promiscuous mode
[ 1386.452404][T22387] veth0_macvtap: left promiscuous mode
[ 1386.734804][T22387] veth1_vlan: left promiscuous mode
[ 1386.740225][T22387] veth0_vlan: left promiscuous mode
[ 1388.477648][T24293] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1388.682413][T24293] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5653'.
[ 1390.153807][T24303] NILFS (nullb0): couldn't find nilfs on the device
[ 1390.884399][T22387] team0 (unregistering): Port device team_slave_1 removed
[ 1391.140576][T22387] team0 (unregistering): Port device team_slave_0 removed
[ 1391.232467][T11447] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1391.243725][T11447] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1391.252251][T11447] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1391.263016][T11447] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1391.270779][T11447] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1393.344623][ T5160] Bluetooth: hci6: command tx timeout
[ 1393.489310][T24302] tipc: Started in network mode
[ 1393.494507][T24302] tipc: Node identity ce6b0f279bb6, cluster identity 4711
[ 1393.502477][T24302] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1393.514449][T24317] tipc: Resetting bearer <eth:syzkaller0>
[ 1393.574095][T24300] tipc: Disabling bearer <eth:syzkaller0>
[ 1393.679967][T24320] lo speed is unknown, defaulting to 1000
[ 1394.755844][T24344] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in;
[ 1394.755844][T24344]    program syz.4.5662 not setting count and/or reply_len properly
[ 1395.093000][T24320] chnl_net:caif_netlink_parms(): no params data found
[ 1395.427671][ T5160] Bluetooth: hci6: command tx timeout
[ 1396.153494][T24350] Falling back ldisc for ttyprintk.
[ 1396.417430][T11447] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1396.428099][T11447] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1396.436036][T11447] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1396.463382][T11447] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1396.471702][T11447] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1396.617895][T24351] lo speed is unknown, defaulting to 1000
[ 1396.677860][T24320] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1396.698726][T24320] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1396.987403][T24320] bridge_slave_0: entered allmulticast mode
[ 1397.012852][T24320] bridge_slave_0: entered promiscuous mode
[ 1397.029235][T24320] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1397.544551][ T5160] Bluetooth: hci6: command tx timeout
[ 1397.988744][T24320] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1397.997759][T24320] bridge_slave_1: entered allmulticast mode
[ 1398.026128][T24320] bridge_slave_1: entered promiscuous mode
[ 1398.542911][ T5160] Bluetooth: hci7: command tx timeout
[ 1398.929100][T24320] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1399.003865][T22387] bridge_slave_1: left allmulticast mode
[ 1399.009900][T22387] bridge_slave_1: left promiscuous mode
[ 1399.021341][T22387] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1399.107545][T22387] bridge_slave_0: left allmulticast mode
[ 1399.129748][T22387] bridge_slave_0: left promiscuous mode
[ 1399.151557][T22387] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1399.581337][ T5160] Bluetooth: hci6: command tx timeout
[ 1400.719360][ T5160] Bluetooth: hci7: command tx timeout
[ 1400.912001][T22387] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1400.968655][T22387] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1401.094106][T24383] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1401.644665][T22387] bond0 (unregistering): Released all slaves
[ 1401.745278][T24320] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1402.445111][T22387] hsr_slave_0: left promiscuous mode
[ 1402.460711][T22387] hsr_slave_1: left promiscuous mode
[ 1402.470102][T22387] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1402.488789][T22387] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1402.782501][ T5160] Bluetooth: hci7: command tx timeout
[ 1402.851967][T24397] affs: No valid root block on device nullb0
[ 1403.128364][T22387] team0 (unregistering): Port device team_slave_1 removed
[ 1403.189207][T22387] team0 (unregistering): Port device team_slave_0 removed
[ 1404.736048][T24320] team0: Port device team_slave_0 added
[ 1404.766683][T24398] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1404.776208][T24398] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1404.785893][T24398] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1404.989937][ T5160] Bluetooth: hci7: command tx timeout
[ 1405.005103][T24320] team0: Port device team_slave_1 added
[ 1405.172830][T24320] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1405.212505][T24320] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1405.229685][T24415] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in;
[ 1405.229685][T24415]    program syz.8.5682 not setting count and/or reply_len properly
[ 1405.401008][T24320] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1405.401352][ T5918] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1405.445717][T24320] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1405.486659][T24320] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1405.609406][T24320] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1405.625881][ T5918] usb 7-1: no configurations
[ 1405.631041][ T5918] usb 7-1: can't read configurations, error -22
[ 1405.827602][ T5918] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1405.914170][T24320] hsr_slave_0: entered promiscuous mode
[ 1405.921051][T24320] hsr_slave_1: entered promiscuous mode
[ 1405.952087][T24320] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1405.959698][T24320] Cannot create hsr debugfs directory
[ 1406.023319][ T5918] usb 7-1: no configurations
[ 1406.028629][ T5918] usb 7-1: can't read configurations, error -22
[ 1406.066996][T24420] netlink: 'syz.0.5685': attribute type 11 has an invalid length.
[ 1406.095879][ T5918] usb usb7-port1: attempt power cycle
[ 1406.491909][ T5918] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1406.588816][ T5918] usb 7-1: no configurations
[ 1406.655023][ T5918] usb 7-1: can't read configurations, error -22
[ 1406.931385][ T5918] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1406.982586][ T5918] usb 7-1: no configurations
[ 1406.998953][ T5918] usb 7-1: can't read configurations, error -22
[ 1407.041723][ T5918] usb usb7-port1: unable to enumerate USB device
[ 1407.649572][T20962] bridge_slave_1: left allmulticast mode
[ 1407.661392][T20962] bridge_slave_1: left promiscuous mode
[ 1407.687173][T20962] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1407.709906][T20962] bridge_slave_0: left allmulticast mode
[ 1407.734076][T20962] bridge_slave_0: left promiscuous mode
[ 1407.754561][T20962] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1408.243851][T20962] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1408.376800][T20962] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1408.410460][T20962] bond0 (unregistering): Released all slaves
[ 1408.656321][T24351] chnl_net:caif_netlink_parms(): no params data found
[ 1410.292073][T20962] hsr_slave_0: left promiscuous mode
[ 1410.333889][T20962] hsr_slave_1: left promiscuous mode
[ 1410.340061][T20962] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1410.425716][T20962] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1412.181523][T20962] team0 (unregistering): Port device team_slave_1 removed
[ 1412.241214][ T5918] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1412.317014][T20962] team0 (unregistering): Port device team_slave_0 removed
[ 1412.428656][ T5918] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1412.479942][ T5918] usb 7-1: config 0 has no interfaces?
[ 1412.505924][ T5918] usb 7-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1412.558119][ T5918] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1412.602038][ T5918] usb 7-1: config 0 descriptor??
[ 1413.500373][ T5918] usb 7-1: USB disconnect, device number 10
[ 1415.103210][T24351] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1415.110563][T24351] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1415.131497][T24351] bridge_slave_0: entered allmulticast mode
[ 1415.141264][T24351] bridge_slave_0: entered promiscuous mode
[ 1415.219612][T24351] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1415.256989][T24351] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1415.282611][T24351] bridge_slave_1: entered allmulticast mode
[ 1415.352544][T24498] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1415.455706][T24351] bridge_slave_1: entered promiscuous mode
[ 1415.984815][T24320] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1416.050408][T24320] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1416.136854][T24351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1416.175462][T24351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1416.543166][T24320] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1416.622393][T24351] team0: Port device team_slave_0 added
[ 1416.628743][T24320] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1416.719762][T24351] team0: Port device team_slave_1 added
[ 1416.863175][T24351] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1416.873605][T24351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1417.146302][T24351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1417.815491][T24351] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1417.855080][T24351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1417.987617][T24351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1418.790230][T24351] hsr_slave_0: entered promiscuous mode
[ 1418.824107][T24351] hsr_slave_1: entered promiscuous mode
[ 1418.921410][T24351] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1418.929049][T24351] Cannot create hsr debugfs directory
[ 1420.739469][T24320] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1421.905940][T24320] 8021q: adding VLAN 0 to HW filter on device team0
[ 1422.322245][T14311] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1422.329459][T14311] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1422.497184][T14322] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1422.504421][T14322] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1423.231276][   T30] audit: type=1326 audit(1752643000.471:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24558 comm="syz.6.5726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae258e929 code=0x7ffc0000
[ 1424.926401][   T30] audit: type=1326 audit(1752643000.471:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24558 comm="syz.6.5726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae258e929 code=0x7ffc0000
[ 1424.948883][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1424.955652][   T30] audit: type=1326 audit(1752643000.521:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24558 comm="syz.6.5726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f5ae258e929 code=0x7ffc0000
[ 1424.977914][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1425.026980][   T30] audit: type=1326 audit(1752643000.521:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24558 comm="syz.6.5726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae258e929 code=0x7ffc0000
[ 1425.050681][   T30] audit: type=1326 audit(1752643000.521:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24558 comm="syz.6.5726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae258e929 code=0x7ffc0000
[ 1425.074268][   T30] audit: type=1326 audit(1752643000.521:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24558 comm="syz.6.5726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ae258e929 code=0x7ffc0000
[ 1425.096705][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1425.126322][T24351] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1425.161240][   T30] audit: type=1326 audit(1752643000.521:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24558 comm="syz.6.5726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae258e929 code=0x7ffc0000
[ 1425.197645][   T30] audit: type=1326 audit(1752643000.521:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24558 comm="syz.6.5726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae258e929 code=0x7ffc0000
[ 1425.224516][   T30] audit: type=1326 audit(1752643000.521:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24558 comm="syz.6.5726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f5ae258e929 code=0x7ffc0000
[ 1425.246976][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1425.462329][   T30] audit: type=1326 audit(1752643000.521:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24558 comm="syz.6.5726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5ae258e963 code=0x7ffc0000
[ 1426.470065][T24571] loop0: detected capacity change from 0 to 512
[ 1426.477580][T24571] EXT4-fs: Ignoring removed oldalloc option
[ 1426.639065][T24571] EXT4-fs error (device loop0): ext4_xattr_inode_iget:432: comm syz.0.5729: Parent and EA inode have the same ino 15
[ 1426.871375][T24577] 
[ 1426.873755][T24577] ======================================================
[ 1426.880781][T24577] WARNING: possible circular locking dependency detected
[ 1426.887809][T24577] 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 Not tainted
[ 1426.894935][T24577] ------------------------------------------------------
[ 1426.901963][T24577] syz.4.5728/24577 is trying to acquire lock:
[ 1426.908036][T24577] ffff888053465940 (&sbi->pipe_mutex){+.+.}-{4:4}, at: autofs_notify_daemon+0x4a6/0xd60
[ 1426.917849][T24577] 
[ 1426.917849][T24577] but task is already holding lock:
[ 1426.925226][T24577] ffff888057c45c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1426.934603][T24577] 
[ 1426.934603][T24577] which lock already depends on the new lock.
[ 1426.934603][T24577] 
[ 1426.945014][T24577] 
[ 1426.945014][T24577] the existing dependency chain (in reverse order) is:
[ 1426.954043][T24577] 
[ 1426.954043][T24577] -> #2 (&of->mutex){+.+.}-{4:4}:
[ 1426.961309][T24577]        __mutex_lock+0x199/0xb90
[ 1426.966380][T24577]        kernfs_fop_write_iter+0x28f/0x510
[ 1426.972215][T24577]        iter_file_splice_write+0x91f/0x1150
[ 1426.978231][T24577]        do_splice+0x1478/0x1fc0
[ 1426.983200][T24577]        __do_splice+0x32a/0x360
[ 1426.988172][T24577]        __x64_sys_splice+0x187/0x250
[ 1426.993580][T24577]        do_syscall_64+0xcd/0x4c0
[ 1426.998743][T24577]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1427.005188][T24577] 
[ 1427.005188][T24577] -> #1 (&pipe->mutex){+.+.}-{4:4}:
[ 1427.012629][T24577]        __mutex_lock+0x199/0xb90
[ 1427.017699][T24577]        anon_pipe_write+0x15d/0x1a70
[ 1427.023110][T24577]        __kernel_write_iter+0x720/0xa90
[ 1427.028773][T24577]        __kernel_write+0xf5/0x140
[ 1427.033916][T24577]        autofs_notify_daemon+0x4db/0xd60
[ 1427.039662][T24577]        autofs_wait+0x10ca/0x1a70
[ 1427.044796][T24577]        autofs_mount_wait+0x132/0x380
[ 1427.050309][T24577]        autofs_d_automount+0x390/0x7f0
[ 1427.055877][T24577]        __traverse_mounts+0x195/0x790
[ 1427.061385][T24577]        step_into+0x5aa/0x2270
[ 1427.066261][T24577]        walk_component+0xfc/0x5b0
[ 1427.071398][T24577]        link_path_walk+0x627/0xe20
[ 1427.076620][T24577]        path_lookupat+0x15a/0x6d0
[ 1427.081760][T24577]        filename_lookup+0x224/0x5f0
[ 1427.087078][T24577]        user_path_at+0x3a/0x60
[ 1427.091959][T24577]        bpf_obj_get_user+0xae/0x490
[ 1427.097269][T24577]        __sys_bpf+0x252f/0x4d80
[ 1427.102240][T24577]        __x64_sys_bpf+0x78/0xc0
[ 1427.107209][T24577]        do_syscall_64+0xcd/0x4c0
[ 1427.112286][T24577]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1427.118733][T24577] 
[ 1427.118733][T24577] -> #0 (&sbi->pipe_mutex){+.+.}-{4:4}:
[ 1427.126498][T24577]        __lock_acquire+0x126f/0x1c90
[ 1427.131906][T24577]        lock_acquire+0x179/0x350
[ 1427.136938][T24577]        __mutex_lock+0x199/0xb90
[ 1427.141994][T24577]        autofs_notify_daemon+0x4a6/0xd60
[ 1427.147726][T24577]        autofs_wait+0x10ca/0x1a70
[ 1427.152851][T24577]        autofs_mount_wait+0x132/0x380
[ 1427.158345][T24577]        autofs_d_automount+0x390/0x7f0
[ 1427.163904][T24577]        __traverse_mounts+0x195/0x790
[ 1427.169393][T24577]        step_into+0x5aa/0x2270
[ 1427.174256][T24577]        walk_component+0xfc/0x5b0
[ 1427.179381][T24577]        path_lookupat+0x142/0x6d0
[ 1427.184507][T24577]        filename_lookup+0x224/0x5f0
[ 1427.189807][T24577]        kern_path+0x35/0x50
[ 1427.194411][T24577]        lookup_bdev+0xd8/0x280
[ 1427.199279][T24577]        resume_store+0x1d6/0x460
[ 1427.204320][T24577]        kobj_attr_store+0x58/0x80
[ 1427.209464][T24577]        sysfs_kf_write+0xf2/0x150
[ 1427.214593][T24577]        kernfs_fop_write_iter+0x354/0x510
[ 1427.220413][T24577]        vfs_write+0x6c7/0x1150
[ 1427.225280][T24577]        ksys_write+0x12a/0x250
[ 1427.230145][T24577]        do_syscall_64+0xcd/0x4c0
[ 1427.235205][T24577]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1427.241640][T24577] 
[ 1427.241640][T24577] other info that might help us debug this:
[ 1427.241640][T24577] 
[ 1427.251869][T24577] Chain exists of:
[ 1427.251869][T24577]   &sbi->pipe_mutex --> &pipe->mutex --> &of->mutex
[ 1427.251869][T24577] 
[ 1427.264340][T24577]  Possible unsafe locking scenario:
[ 1427.264340][T24577] 
[ 1427.271788][T24577]        CPU0                    CPU1
[ 1427.277154][T24577]        ----                    ----
[ 1427.282523][T24577]   lock(&of->mutex);
[ 1427.286523][T24577]                                lock(&pipe->mutex);
[ 1427.293220][T24577]                                lock(&of->mutex);
[ 1427.299739][T24577]   lock(&sbi->pipe_mutex);
[ 1427.304254][T24577] 
[ 1427.304254][T24577]  *** DEADLOCK ***
[ 1427.304254][T24577] 
[ 1427.312396][T24577] 4 locks held by syz.4.5728/24577:
[ 1427.317598][T24577]  #0: ffff8880588eb978 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[ 1427.326716][T24577]  #1: ffff8880316b0428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1427.335750][T24577]  #2: ffff888057c45c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1427.345556][T24577]  #3: ffff88801ee8fc38 (kn->active#61){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1427.355632][T24577] 
[ 1427.355632][T24577] stack backtrace:
[ 1427.361526][T24577] CPU: 1 UID: 0 PID: 24577 Comm: syz.4.5728 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1427.361571][T24577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1427.361592][T24577] Call Trace:
[ 1427.361604][T24577]  <TASK>
[ 1427.361619][T24577]  dump_stack_lvl+0x116/0x1f0
[ 1427.361672][T24577]  print_circular_bug+0x275/0x350
[ 1427.361728][T24577]  check_noncircular+0x14c/0x170
[ 1427.361786][T24577]  __lock_acquire+0x126f/0x1c90
[ 1427.361848][T24577]  lock_acquire+0x179/0x350
[ 1427.361878][T24577]  ? autofs_notify_daemon+0x4a6/0xd60
[ 1427.361914][T24577]  ? __pfx___might_resched+0x10/0x10
[ 1427.361959][T24577]  ? irqentry_exit+0x3b/0x90
[ 1427.362012][T24577]  __mutex_lock+0x199/0xb90
[ 1427.362062][T24577]  ? autofs_notify_daemon+0x4a6/0xd60
[ 1427.362094][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.362138][T24577]  ? autofs_notify_daemon+0x4a6/0xd60
[ 1427.362173][T24577]  ? __pfx___mutex_lock+0x10/0x10
[ 1427.362232][T24577]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1427.362288][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.362328][T24577]  ? from_kgid_munged+0xab/0x130
[ 1427.362375][T24577]  ? autofs_notify_daemon+0x4a6/0xd60
[ 1427.362407][T24577]  autofs_notify_daemon+0x4a6/0xd60
[ 1427.362443][T24577]  ? __pfx_autofs_notify_daemon+0x10/0x10
[ 1427.362476][T24577]  ? sysfs_kf_write+0xf2/0x150
[ 1427.362511][T24577]  ? kernfs_fop_write_iter+0x354/0x510
[ 1427.362542][T24577]  ? vfs_write+0x6c7/0x1150
[ 1427.362596][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.362636][T24577]  ? lockdep_init_map_type+0x5c/0x280
[ 1427.362668][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.362708][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.362748][T24577]  ? lockdep_init_map_type+0x5c/0x280
[ 1427.362780][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.362824][T24577]  autofs_wait+0x10ca/0x1a70
[ 1427.362861][T24577]  ? __pfx_autofs_wait+0x10/0x10
[ 1427.362892][T24577]  ? __pfx_path_check_mount+0x10/0x10
[ 1427.362940][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.362981][T24577]  ? find_held_lock+0x2b/0x80
[ 1427.363024][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.363066][T24577]  ? preempt_schedule_thunk+0x16/0x30
[ 1427.363110][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.363150][T24577]  ? preempt_schedule_common+0x44/0xc0
[ 1427.363201][T24577]  autofs_mount_wait+0x132/0x380
[ 1427.363261][T24577]  autofs_d_automount+0x390/0x7f0
[ 1427.363296][T24577]  __traverse_mounts+0x195/0x790
[ 1427.363350][T24577]  step_into+0x5aa/0x2270
[ 1427.363385][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.363427][T24577]  ? __pfx_step_into+0x10/0x10
[ 1427.363460][T24577]  ? __pfx___up_read+0x10/0x10
[ 1427.363497][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.363537][T24577]  ? lookup_fast+0x156/0x610
[ 1427.363573][T24577]  walk_component+0xfc/0x5b0
[ 1427.363608][T24577]  path_lookupat+0x142/0x6d0
[ 1427.363647][T24577]  filename_lookup+0x224/0x5f0
[ 1427.363686][T24577]  ? __pfx_filename_lookup+0x10/0x10
[ 1427.363742][T24577]  ? getname_kernel+0x52/0x370
[ 1427.363789][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.363829][T24577]  ? __asan_memcpy+0x3c/0x60
[ 1427.363860][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.363903][T24577]  kern_path+0x35/0x50
[ 1427.363938][T24577]  lookup_bdev+0xd8/0x280
[ 1427.363976][T24577]  ? __pfx_lookup_bdev+0x10/0x10
[ 1427.364012][T24577]  ? resume_store+0x1b8/0x460
[ 1427.364050][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.364090][T24577]  ? __asan_memcpy+0x3c/0x60
[ 1427.364124][T24577]  resume_store+0x1d6/0x460
[ 1427.364162][T24577]  ? __pfx_resume_store+0x10/0x10
[ 1427.364205][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.364251][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.364291][T24577]  ? find_held_lock+0x2b/0x80
[ 1427.364336][T24577]  ? __pfx_resume_store+0x10/0x10
[ 1427.364373][T24577]  kobj_attr_store+0x58/0x80
[ 1427.364426][T24577]  ? __pfx_kobj_attr_store+0x10/0x10
[ 1427.364478][T24577]  sysfs_kf_write+0xf2/0x150
[ 1427.364515][T24577]  kernfs_fop_write_iter+0x354/0x510
[ 1427.364546][T24577]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1427.364585][T24577]  vfs_write+0x6c7/0x1150
[ 1427.364620][T24577]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1427.364654][T24577]  ? __pfx___mutex_lock+0x10/0x10
[ 1427.364706][T24577]  ? __pfx_vfs_write+0x10/0x10
[ 1427.364745][T24577]  ? __rcu_read_unlock+0x2b4/0x580
[ 1427.364790][T24577]  ksys_write+0x12a/0x250
[ 1427.364827][T24577]  ? __pfx_ksys_write+0x10/0x10
[ 1427.364867][T24577]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1427.364917][T24577]  do_syscall_64+0xcd/0x4c0
[ 1427.364976][T24577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1427.365013][T24577] RIP: 0033:0x7f3f2218e929
[ 1427.365040][T24577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1427.365073][T24577] RSP: 002b:00007f3f22f15038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1427.365104][T24577] RAX: ffffffffffffffda RBX: 00007f3f223b6240 RCX: 00007f3f2218e929
[ 1427.365127][T24577] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 0000000000000008
[ 1427.365148][T24577] RBP: 00007f3f22210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1427.365169][T24577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1427.365190][T24577] R13: 0000000000000000 R14: 00007f3f223b6240 R15: 00007ffd9869a1a8
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1427.365228][T24577]  </TASK>
[ 1427.878708][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1427.893187][T24320] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1427.909015][T24351] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1427.969612][T24351] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1428.168482][T24577] PM: Image not found (code -22)
[ 1428.168508][T24571] EXT4-fs error (device loop0): ext4_xattr_inode_iget:432: comm syz.0.5729: Parent and EA inode have the same ino 15
[ 1428.341427][T24571] EXT4-fs (loop0): 1 orphan inode deleted
[ 1428.348146][T24571] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1428.364064][T24351] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1428.622545][T17717] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1429.177197][ T6071] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1429.332907][ T6071] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1429.448170][ T6071] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1429.525412][ T6071] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1429.743705][ T6071] bridge_slave_1: left allmulticast mode
[ 1429.749412][ T6071] bridge_slave_1: left promiscuous mode
[ 1429.773380][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1429.791731][ T6071] bridge_slave_0: left allmulticast mode
[ 1429.797406][ T6071] bridge_slave_0: left promiscuous mode
[ 1429.807323][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1429.917472][ T6071] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1429.928409][ T6071] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1429.938415][ T6071] bond0 (unregistering): Released all slaves
[ 1429.986468][ T6071] tipc: Left network mode
[ 1430.108748][ T6071] hsr_slave_0: left promiscuous mode
[ 1430.114528][ T6071] hsr_slave_1: left promiscuous mode
[ 1430.120202][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1430.127633][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1430.135771][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1430.143274][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1430.155278][ T6071] veth1_macvtap: left promiscuous mode
[ 1430.160788][ T6071] veth0_macvtap: left promiscuous mode
[ 1430.167259][ T6071] veth1_vlan: left promiscuous mode
[ 1430.174359][ T6071] veth0_vlan: left promiscuous mode
[ 1430.329978][ T6071] team0 (unregistering): Port device team_slave_1 removed
[ 1430.343462][ T6071] team0 (unregistering): Port device team_slave_0 removed
[ 1430.709148][ T6071] IPVS: stop unused estimator thread 0...
[ 1430.976279][ T6071] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1431.017228][ T6071] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1431.066399][ T6071] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1431.117165][ T6071] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1431.586375][ T6071] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1431.636029][ T6071] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1431.695946][ T6071] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1431.767564][ T6071] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1431.844523][ T6071] bridge_slave_1: left allmulticast mode
[ 1431.850200][ T6071] bridge_slave_1: left promiscuous mode
[ 1431.856017][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1431.864955][ T6071] bridge_slave_0: left allmulticast mode
[ 1431.871048][ T6071] bridge_slave_0: left promiscuous mode
[ 1431.876938][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1431.886343][ T6071] bridge0: port 3(team0) entered disabled state
[ 1431.894175][ T6071] bridge_slave_1: left allmulticast mode
[ 1431.899818][ T6071] bridge_slave_1: left promiscuous mode
[ 1431.905607][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1431.914723][ T6071] bridge_slave_0: left allmulticast mode
[ 1431.920362][ T6071] bridge_slave_0: left promiscuous mode
[ 1431.926162][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1431.935302][ T6071] bridge_slave_1: left allmulticast mode
[ 1431.940941][ T6071] bridge_slave_1: left promiscuous mode
[ 1431.946944][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1431.955788][ T6071] bridge_slave_0: left allmulticast mode
[ 1431.961531][ T6071] bridge_slave_0: left promiscuous mode
[ 1431.967225][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1431.977071][ T6071] gretap0: left allmulticast mode
[ 1431.982603][ T6071] gretap0: left promiscuous mode
[ 1431.987649][ T6071] bridge0: port 3(gretap0) entered disabled state
[ 1431.995364][ T6071] bridge_slave_1: left allmulticast mode
[ 1432.001005][ T6071] bridge_slave_1: left promiscuous mode
[ 1432.006738][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1432.015018][ T6071] bridge_slave_0: left allmulticast mode
[ 1432.020666][ T6071] bridge_slave_0: left promiscuous mode
[ 1432.026524][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1432.037794][ T6071] bridge_slave_1: left allmulticast mode
[ 1432.043517][ T6071] bridge_slave_1: left promiscuous mode
[ 1432.049178][ T6071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1432.057681][ T6071] bridge_slave_0: left allmulticast mode
[ 1432.063681][ T6071] bridge_slave_0: left promiscuous mode
[ 1432.069331][ T6071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1432.220082][ T6071] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1432.230321][ T6071] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1432.241333][ T6071] bond0 (unregistering): Released all slaves
[ 1432.348516][ T6071] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1432.359998][ T6071] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1432.369928][ T6071] bond0 (unregistering): Released all slaves
[ 1432.455361][ T6071] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1432.465500][ T6071] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1432.475703][ T6071] bond0 (unregistering): Released all slaves
[ 1432.625128][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1432.631566][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1432.704596][ T6071] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1432.714160][ T6071] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1432.723397][ T6071] bond0 (unregistering): Released all slaves
[ 1432.816636][ T6071] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1432.825712][ T6071] bond_slave_0: left promiscuous mode
[ 1432.831293][ T6071] bond_slave_0: left allmulticast mode
[ 1432.838110][ T6071] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1432.847874][ T6071] bond_slave_1: left promiscuous mode
[ 1432.853732][ T6071] bond_slave_1: left allmulticast mode
[ 1432.860036][ T6071] bond0 (unregistering): Released all slaves
[ 1432.950279][ T6071] tipc: Left network mode
[ 1433.330703][ T6071] hsr_slave_0: left promiscuous mode
[ 1433.336516][ T6071] hsr_slave_1: left promiscuous mode
[ 1433.342560][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1433.350138][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1433.360551][ T6071] hsr_slave_0: left promiscuous mode
[ 1433.366375][ T6071] hsr_slave_1: left promiscuous mode
[ 1433.375268][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1433.382873][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1433.390510][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1433.398045][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1433.408344][ T6071] hsr_slave_0: left promiscuous mode
[ 1433.414171][ T6071] hsr_slave_1: left promiscuous mode
[ 1433.419848][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1433.427434][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1433.438103][ T6071] hsr_slave_0: left promiscuous mode
[ 1433.443833][ T6071] hsr_slave_1: left promiscuous mode
[ 1433.449496][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1433.457464][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1433.467486][ T6071] hsr_slave_0: left promiscuous mode
[ 1433.473648][ T6071] hsr_slave_1: left promiscuous mode
[ 1433.479315][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1433.487301][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1433.496027][ T6071] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1433.503530][ T6071] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1433.520289][ T6071] veth1_macvtap: left promiscuous mode
[ 1433.525836][ T6071] veth0_macvtap: left promiscuous mode
[ 1433.531468][ T6071] veth1_vlan: left promiscuous mode
[ 1433.536717][ T6071] veth0_vlan: left promiscuous mode
[ 1433.543422][ T6071] veth1_macvtap: left promiscuous mode
[ 1433.548912][ T6071] veth0_macvtap: left promiscuous mode
[ 1433.554528][ T6071] veth1_vlan: left promiscuous mode
[ 1433.559783][ T6071] veth0_vlan: left promiscuous mode
[ 1433.769387][ T6071] team0 (unregistering): Port device team_slave_1 removed
[ 1433.783491][ T6071] team0 (unregistering): Port device team_slave_0 removed
[ 1433.955481][ T6071] team_slave_1 (unregistering): left promiscuous mode
[ 1433.964466][ T6071] team_slave_1 (unregistering): left allmulticast mode
[ 1433.973271][ T6071] team0 (unregistering): Port device team_slave_1 removed
[ 1433.986129][ T6071] team_slave_0 (unregistering): left promiscuous mode
[ 1433.996828][ T6071] team_slave_0 (unregistering): left allmulticast mode
[ 1434.004796][ T6071] team0 (unregistering): Port device team_slave_0 removed
[ 1434.178964][ T6071] team0 (unregistering): Port device team_slave_1 removed
[ 1434.190858][ T6071] team0 (unregistering): Port device team_slave_0 removed
[ 1434.485259][ T6071] team0 (unregistering): Port device team_slave_1 removed
[ 1434.820830][ T6071] team0 (unregistering): Port device team_slave_1 removed
[ 1434.845180][ T6071] team0 (unregistering): Port device team_slave_0 removed
[ 1434.941378][T13192] lo speed is unknown, defaulting to 1000
[ 1434.947166][T13192] infiniband syz0: ib_query_port failed (-19)
[ 1436.092323][ T6071] IPVS: stop unused estimator thread 0...
[ 1436.100031][ T6071] IPVS: stop unused estimator thread 0...
[ 1436.106851][ T6071] IPVS: stop unused estimator thread 0...