last executing test programs:

4m46.327819471s ago: executing program 1 (id=9):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="130100002add1e20ef050a023691010203010902240001000000000904000002ea1998000905a6a70000000000090507", @ANYRES32], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

4m45.684486379s ago: executing program 1 (id=13):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'bridge0\x00', @random="142b243c16b6"})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000100)={'bridge0\x00', @broadcast})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="310b2c727000ffeddf2506"], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x40)

4m45.037518597s ago: executing program 1 (id=15):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x140, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x88c7}, @NL80211_ATTR_FRAME={0x10e, 0x33, @mgmt_frame=@beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1}, {0x1}, @device_b, @device_b, @random="4d714c4ac311", {0x5, 0x8}}, 0x5, @default, 0x888, @val={0x0, 0x6, @default_ap_ssid}, @void, @val={0x3, 0x1, 0x8}, @void, @void, @val={0x5, 0x3, {0x7, 0xad, 0x82}}, @val={0x25, 0x3, {0x0, 0x55, 0x81}}, @val={0x2a, 0x1, {0x1, 0x1, 0x1}}, @val={0x3c, 0x4, {0x1, 0x8, 0x38, 0xfa}}, @void, @void, @val={0x71, 0x7, {0x0, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1, 0x3, 0x29}}, @void, [{0xdd, 0x5a, "6c4d4e0a30409576a184dc8fe59b3ecc7f5c626ab08ddd7ec1b51d13de33cc98b016a9aa61c2aaa2ec5324387ca8687d9a8d8cea468a64fdc328fb2ddce48764a21e149c337eb6f3e2d3573971405aeaa213f81feb9ea4b2de6d"}, {0xdd, 0x61, "1bf8e5f16d167f109940b031fda989b96e87eeda852588a2eb602010994a249ae24fa9a80d016865f867402ad9630f9e94530aa7db840bbc730eb01b40a44bfbe28a4688637717e4464f335058b15e2cc1e9985659c8b592e487d424b07fa30ffe"}]}}]}, 0x140}}, 0x800)

4m44.645728741s ago: executing program 1 (id=18):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x32}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@i_version}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file2\x00', 0x282, 0x140)

4m43.845744351s ago: executing program 1 (id=20):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file1\x00', 0x12, &(0x7f0000000240)=ANY=[], 0x1, 0x1237, &(0x7f00000006c0)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==")
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x2)

4m43.823997292s ago: executing program 4 (id=21):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x3, @ipv4={'\x00', '\xff\xff', @loopback}, 0x4}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x7fffffff, 0x4)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
recvmsg(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/38, 0x26}, 0x100e2)

4m43.653600694s ago: executing program 4 (id=22):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000006c0)="0d18687da3e7f33aed145cf8ff2d1e5a18c0d5f9856f4824f41040f6987d0b531da10713ed151bc4867681f28e033aef683334d03864ed30590dd4ea64a20ecbbc1346c9f42510d91eec0632885b7da95ca85f4b1435c5c1e993a85257df5f19bdfc5e038a16e6a8aef907e347081fdb93cee93217e11f19cde423e6138bd1b79ee615527ccaf8049959ac6e32af46d777ccb8c26ca925f69590df13a81aee3213e80ba5cacf1f930b3cc49093d11594ef13325790b55efbdc2dd99ed1c3c609a49cc15187", 0xc5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fd", 0x6d}], 0x1}}], 0x2, 0x0)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

4m43.552561135s ago: executing program 4 (id=24):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000140)={'#! ', './file2'}, 0xb)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r1, 0x13)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

4m43.20525984s ago: executing program 1 (id=27):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
quotactl$Q_QUOTAOFF(0xffffffff80000300, 0x0, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, 0x0, 0x20)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f0000019600)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x202}, 0xc, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000040)=0x6, 0x4)

4m42.968097052s ago: executing program 32 (id=27):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
quotactl$Q_QUOTAOFF(0xffffffff80000300, 0x0, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, 0x0, 0x20)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f0000019600)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x202}, 0xc, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000040)=0x6, 0x4)

4m42.516996888s ago: executing program 4 (id=31):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x32}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@i_version}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file2\x00', 0x282, 0x140)

4m42.014532114s ago: executing program 4 (id=33):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f000010010905"], 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
r2 = openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x1c0002, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x101001a, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmod\a=00000000000040000,user_id=\x00', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',allow_other,\x00'], 0xfb, 0x0, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r4, &(0x7f0000004100)={0x2020}, 0x2020)
write$vga_arbiter(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="746172676574205043493a5b89d9f46ac070df4e31642e3100"], 0x14)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
clock_gettime(0x0, &(0x7f0000000300))
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r5, 0x29, 0xb, &(0x7f0000000140)=0x7fc, 0x4)
setsockopt$inet6_tcp_int(r5, 0x6, 0x22, &(0x7f0000000080)=0x1, 0x4)
bind$inet6(r5, &(0x7f0000000240)={0xa, 0x4e20, 0xf, @empty, 0x5}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000000ac0)=[{{&(0x7f0000000440)={0xa, 0x4e20, 0x2, @empty, 0x6}, 0x1c, &(0x7f0000000c40)=[{&(0x7f0000000300)="d5", 0x1}], 0x1}}], 0x1, 0x20080058)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)})
close_range(r6, 0xffffffffffffffff, 0x0)
r7 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r7, 0x40405514, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0xfffffffffffffe00, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x40, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x2, 0x0, 0x22820adc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]})
syz_open_dev$dri(&(0x7f00000000c0), 0x4d9, 0x2)
mount_setattr(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={0x8}, 0x20)

4m41.329683273s ago: executing program 4 (id=38):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[], 0xfc}}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'ip_vti0\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)

4m41.268069883s ago: executing program 33 (id=38):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[], 0xfc}}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'ip_vti0\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)

3m3.096812s ago: executing program 6 (id=547):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x50009404, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r1, 0x13)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

3m3.005619681s ago: executing program 5 (id=549):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000006c0)="0d18687da3e7f33aed145cf8ff2d1e5a18c0d5f9856f4824f41040f6987d0b531da10713ed151bc4867681f28e033aef683334d03864ed30590dd4ea64a20ecbbc1346c9f42510d91eec0632885b7da95ca85f4b1435c5c1e993a85257df5f19bdfc5e038a16e6a8aef907e347081fdb93cee93217e11f19cde423e6138bd1b79ee615527ccaf8049959ac6e32af46d777ccb8c26ca925f69590df13a81aee3213e80ba5cacf1f930b3cc49093d11594ef13325790b55efbdc2dd99ed1c3c609a49cc15187", 0xc5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fd", 0x6d}], 0x1}}], 0x2, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000005c0)={@in={{0x2, 0x4e22, @local}}, 0x0, 0x0, 0x3e, 0x0, "da865796a1ebec9378578b7f3fefae99d53a3fbe17c43a28e136f2dd08804fa555e53a0fb54280149a7cbc1d1744509c77c20357e05c28a49b617695f1119b3e8097ac4d28f3aa3c96c057352bee5704"}, 0xd8)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

3m2.008545314s ago: executing program 5 (id=552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, 0x0, 0x80)

3m1.840655996s ago: executing program 5 (id=555):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$setsig(r2, 0xa, 0x800020)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400"/20, @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, 0x0)
ioctl$SNDCTL_DSP_POST(r3, 0x5008, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000640)=0x10)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080), 0x0, 0x0)

3m1.839653286s ago: executing program 6 (id=556):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f00000004c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)=ANY=[@ANYBLOB="58000000100039042abd7000eaffff", @ANYRES32=r2, @ANYBLOB="03000000c01006003800128008000100736974002c000280080003000a01010006000d"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)

3m1.696363938s ago: executing program 6 (id=558):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
getpgid(0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
fcntl$setsig(r2, 0xa, 0x800020)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400"/20, @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYBLOB="000000001800"/28], 0x48)
timer_create(0x2, &(0x7f00000000c0)={0x0, 0x38, 0x4, @thr={&(0x7f0000000300)="2ac4a99ac994f211fc7829ea39fc86649b2d6fb12f62e663061f326b50b128bc2d16cdf35fe5a55610d7197db525d7cd09b0c8f1ff4032d872f53ec9d3660af9f7b9191a6695d9f4b68a4a113d1899428bc4796fb604a722946bcb468f3ffd1e0cef22edb4d8f9aa1aae755f846bbe37202b420744d1da024bac5ff64ef705d14f32c5a2bc95aae2cf07030d11ef63a5a292ead67b278667f614e5316bc57a3162b98ecaf9671b5e7d7f723dc13b05539967e7078276339d4deb9e43e28f67c627f0bffa28ed06dfdd7f620261a826c3b02011057f", 0x0}}, &(0x7f0000000100))
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, 0x0)
ioctl$SNDCTL_DSP_POST(r3, 0x5008, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000640)=0x10)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080), 0x0, 0x0)

3m0.417649524s ago: executing program 5 (id=560):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x32}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@i_version}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x282, 0x140)

2m59.243942548s ago: executing program 5 (id=567):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x50009404, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r1, 0x13)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

2m57.46583611s ago: executing program 5 (id=576):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc0}}, 0x0)

2m57.040611755s ago: executing program 34 (id=576):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc0}}, 0x0)

2m56.540341352s ago: executing program 6 (id=579):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x32}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@i_version}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x282, 0x140)

2m56.129005027s ago: executing program 6 (id=585):
socket$packet(0x11, 0x2, 0x300)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x318, 0x0, 0xdb0, 0xf5ffffff}, 0x3f01)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0)
sendmmsg$sock(r1, &(0x7f0000002c80)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000008c0)="9a1646e333841dd817f884072bcfc4e86d09eae42c771150d2a0f7409c1370d3638a8b435039d8f5f5a58fd9696b618dee51e4869aced576ce4348d9b259fb3273c6a36fc309164021180c785a3c299cbf15a38790db0474eb0b41d11d4893959adec407e9ba742652a28fc5165a05b7593682298736a7ccd86db5f3758d2939e9992035d6de58a4b803a94a72a31139fd6e1f77b7e96492191da02c8bfd789de8bc6acd5484430d64a233fd9512f3d646d33db37e305f92dc1db89bd85b2689c942b596c0a45c4efff576", 0xcb}, {&(0x7f0000000fc0)="efaf7a93d21cbcbd56d058e53b498eb5aec446ded5a0a15afc4a85e66ba967dd32bdaa041334d821c83f07626dff625725d9d7f2454a3c0354409cd461092701a394007cca7bf7ed39cb6d0860fc9fffc3867688808a8a9fa32d9c9f797ac6d2f35665413642d174ba233adaa36bf0d40144a05abc9458f98e5738d6952053397589681183bf74246782eaa788d1afbf227f54319c505f1678a3165181261067da7d2cc5ce2f9a8ca0b99fa09f8e95675cd7666c5e2edb4b8029c371ccfe0497285e0e223106e4b43dbbdae8faa67a625fff23346e701f1c8cf9b6cd0d485c422d1c07b63988d337", 0xe8}, {&(0x7f0000000ac0)="8f30e4f3a357d24b35a884da0ffdc5c42f7ce57129b691f99daded3f1e2aa5f6738c747cd9fa7b3e59a5a24970b0a2a5bcc8cd72fc0a6e472442b441e273146cb840d20afb23fa12cfaaf4d54ffea9bdaf5d445e4773e815b6462cdc4b449d55a1d007a07e49cef17635abf4c4986abcc36fc5529e63aa97265af26fd3286548b2a7932c81883c382b1598d0761891370633573d40cd4b425576ff4998bf040fa0aef4b64392fc7f7b6fafb4a073a88f883f16c9c771664b430d91", 0xbb}, {&(0x7f0000000b80)="3b3d07b7091f697381965e2e7909f9f6f54a284af3f8fdb1c24e6d0c4a7f58ffca9b24b191f510fbf55fd3e76154e2a4fe1e14c7bbff4c24907805f79e2a90f0d8c8faccbd2243475ecfa1f5fac83b8910baf212596b2a4a23aab8eb9cfa683836af5e50b1bc4f815b49fc47f85fe32f63a26492042b663d8c955bfad12d47e8", 0x80}], 0x4}}, {{0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f0000000d80)="d51927d7b27f39aa725cb19a990f66ac9aae2f7d92045a4c05e60f4dc5dc6c4e4ac8449b9915fb289bf1692a4c7d9440950ee716b680274b3c53048b6a2aeca47c5e6987db6b4fb364fa1e1709caa0696b9e02eabc8757ef2dd6a17f3efa", 0x5e}, {&(0x7f0000000e00)="96bc7002996addfa3b96a5e4de4cf18b08fa24022c9eb8cd8932ada8710619787de006", 0x23}, {&(0x7f0000000e40)="1304235350b0171b15c5c7a6c9861daf", 0x10}, {&(0x7f0000000e80)="048dc9fb57afe301fd6f418490309860762750", 0x13}], 0x4}}], 0x2, 0x0)

2m52.6492392s ago: executing program 6 (id=594):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x32}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@i_version}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x282, 0x140)

2m52.395184893s ago: executing program 35 (id=594):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x32}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@i_version}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x282, 0x140)

17.7253688s ago: executing program 8 (id=1148):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = dup3(r5, r4, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
lseek(r7, 0x851, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r9 = socket(0x10, 0x3, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route_sched(r9, 0x0, 0x800)
r10 = socket$inet6(0xa, 0x805, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r10, 0x89f1, &(0x7f0000000400)={'ip6tnl0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x29, 0x0, 0xfc, 0x0, 0x2, @mcast1, @loopback={0x300, 0xffff888101827518}, 0x8, 0x10}})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

13.989044607s ago: executing program 0 (id=1158):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r2=>0xffffffffffffffff})
close_range(r0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r3 = getpid()
socket$vsock_stream(0x28, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
syz_pidfd_open(r3, 0x0)
setns(r2, 0x20000000)

12.997623579s ago: executing program 0 (id=1160):
socket$inet(0x2, 0x1, 0x100)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x700, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
tkill(r4, 0x1000c)
utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000100)='.\x00', &(0x7f0000002280)='vxfs\x00', 0x1000080, 0x0)

9.425687903s ago: executing program 3 (id=1164):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
syz_usb_connect(0x6, 0x0, 0x0, 0x0)

9.417946193s ago: executing program 8 (id=1165):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$setsig(r2, 0xa, 0x800020)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, 0x0)
ioctl$SNDCTL_DSP_POST(r3, 0x5008, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, 0x0)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0x0)

9.135969477s ago: executing program 0 (id=1167):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x14, &(0x7f0000000140)={<r3=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e24, 0x0, @remote, 0xf}, r3}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e24, 0x40003, @mcast1}, {0x2, 0xfff9, 0xc00, @remote, 0xffffffff}, r3, 0x9dffffff}}, 0x48)
open$dir(0x0, 0x800, 0x100)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0)
syz_pidfd_open(0x0, 0x0)
syz_open_procfs$pagemap(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'\x00', 0x2})
ioctl$TUNSETTXFILTER(r4, 0x400454d1, &(0x7f0000000040)=ANY=[@ANYBLOB="01f20000bbbb8a5cbbbb"])
ioctl$USBDEVFS_CLAIM_PORT(0xffffffffffffffff, 0x80045518, &(0x7f0000000000)=0x1)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xc0}}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020}, 0x2020)
shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000200))

8.383691196s ago: executing program 3 (id=1168):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0xfffffffc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x24, &(0x7f0000000300)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
sched_setattr(0x0, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x6)
r4 = socket(0x10, 0x3, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/firmware/fdt', 0x70000, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
ioctl$LOOP_CHANGE_FD(r6, 0x4c06, r6)
openat$cgroup_ro(r5, &(0x7f0000000140)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040)={'team0\x00', <r7=>0x0})
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000021c0)={{'fd', 0x3d, r8}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
read$FUSE(r8, &(0x7f0000000100)={0x2020, 0x0, <r9=>0x0}, 0x2020)
write$FUSE_INIT(r8, &(0x7f0000002140)={0x50, 0x0, r9, {0x7, 0x8, 0x274acb0c, 0x238d117e434c155a, 0x401, 0x5, 0x83, 0x0, 0xc00, 0x0, 0x150, 0xfff}}, 0x50)
truncate(&(0x7f00000002c0)='./file0/file0\x00', 0x3ff)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newqdisc={0x88, 0x24, 0xf0b, 0x20, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [0x0, 0x0, 0x1], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4]}}}}]}, 0x88}}, 0x20000000)
ppoll(&(0x7f0000000840)=[{r0}], 0x1, &(0x7f0000000880), 0x0, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(r10, &(0x7f000000a1c0)=[{{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x9}], 0x3, 0x2202, 0x0)
r11 = openat$full(0xffffff9c, &(0x7f0000000080), 0x400, 0x0)
ioctl$TCSETSW(r11, 0x5403, &(0x7f0000000100)={0x5f1, 0x8, 0x80000001, 0xffffffff, 0x1a, "342be5819da94ab0c7fb00e8fd3a9dc473c8c7"})
sendmsg$netlink(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000140)=ANY=[@ANYRES8=r10], 0x18}], 0x1}, 0x2000080)

8.368452636s ago: executing program 8 (id=1169):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x2, 0x0, 0x1ff, 0x0, 0xfd2, 0x3, 0x3}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
syz_open_procfs(0x0, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000dc0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
unshare(0x22020600)
unshare(0x2a020400)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ioctl$int_in(r2, 0x5421, 0x0)
connect$unix(r0, &(0x7f0000000280)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
close(0xffffffffffffffff)
socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x3a, &(0x7f0000000080)=0xffbfff9d, 0x4)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, &(0x7f0000000000)={0x87}, 0x8)
sendto$inet6(r4, 0x0, 0x0, 0x20000004, &(0x7f00000000c0)={0xa, 0x2}, 0x1c)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x4})

8.245279518s ago: executing program 2 (id=1170):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket(0x8, 0x800, 0x80000000)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000340)={0x0, 0x8, [@dev={'\xaa\xaa\xaa\xaa\xaa', 0x14}, @local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}, @random="58b5c0fa4096", @multicast, @random="3bf0770a5d7b", @multicast, @empty]})
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000040)={0x1, 0x7, 0x3})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r4, 0x29, 0x37, &(0x7f0000000040)={0x3c}, 0x8)

7.208450171s ago: executing program 2 (id=1172):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fsopen(0x0, 0x1)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x5, 0x0, 0x0, 0x0, 0x2, 0x9, 0x8, 0x40, 0x3}, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0x40086602, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
io_setup(0xffffff7f, &(0x7f0000000280)=<r2=>0x0)
r3 = openat$sysfs(0xffffff9c, 0x0, 0x42, 0x0)
io_submit(r2, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
keyctl$instantiate(0xc, 0x0, &(0x7f00000002c0)=@encrypted_update={'update ', 'default', 0x20, 'user:', '({]{]%@'}, 0x1c, 0xfffffffffffffff9)
pipe2$watch_queue(&(0x7f00000000c0), 0x80)
r5 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r3, 0x40039)
keyctl$clear(0x7, r5)
keyctl$instantiate(0xc, 0x0, 0x0, 0x1a, 0xffffffffffffffff)
setsockopt(r4, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r4, 0x84, 0x15, &(0x7f00000000c0), 0x1)

5.736405969s ago: executing program 7 (id=1173):
socket$can_bcm(0x1d, 0x2, 0x2)
socket$unix(0x1, 0x1, 0x0)
socket$inet(0x2, 0x2, 0x73)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000280)="32780f6439832375", 0x8, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f00000004c0)={{0x12, 0x1, 0x141, 0x30, 0xf5, 0x69, 0x20, 0x5ac, 0x219, 0xf072, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x55, 0x7, 0x1, 0x3, 0x49, 0x2, 0x0, [], [{{0x9, 0x5, 0x82, 0x3, 0x400, 0x0, 0x33, 0x81}}]}}]}}]}}, 0x0)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x4814)
syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4)
shutdown(r0, 0x1)

5.429507143s ago: executing program 3 (id=1174):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
unshare(0x28020480)
r10 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_WATCH_KEY(0x20, r10, 0xffffffffffffffff, 0xffffffffffffffff)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x5}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r11 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r11, 0x0, 0x482, &(0x7f0000000180)={0x84, @remote, 0x0, 0x0, 'lblc\x00'}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r11, 0x0, 0x484, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x0, 'rr\x00'}, 0x2c)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5.289353705s ago: executing program 0 (id=1175):
syz_emit_ethernet(0x46, &(0x7f0000000240)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r4, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

5.227734065s ago: executing program 2 (id=1176):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x4fed0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)

4.283444217s ago: executing program 0 (id=1177):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe6, 0xb}, {0xfff2, 0x3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x9}, @TCA_CAKE_RAW={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008080)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

4.263708398s ago: executing program 7 (id=1178):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
syz_usb_connect(0x6, 0x0, 0x0, 0x0)

4.169415839s ago: executing program 8 (id=1179):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$setsig(r2, 0xa, 0x800020)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, 0x0)
ioctl$SNDCTL_DSP_POST(r3, 0x5008, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, 0x0)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0x0)

4.160733228s ago: executing program 3 (id=1180):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00', r1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wg0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x18)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/timer_list\x00', 0x0, 0x0)
preadv(r5, &(0x7f0000001500)=[{&(0x7f00000002c0)=""/4084, 0xff4}], 0x1, 0xf73, 0x0)

1.989187855s ago: executing program 2 (id=1181):
r0 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000000a40)=[{{&(0x7f00000001c0)={0x2, 0xfffd, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064c6", 0x15}, {&(0x7f00000002c0)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}], 0x1, 0x4004040)

1.789506118s ago: executing program 2 (id=1182):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket(0x8, 0x800, 0x80000000)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000340)={0x0, 0x8, [@dev={'\xaa\xaa\xaa\xaa\xaa', 0x14}, @local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}, @random="58b5c0fa4096", @multicast, @random="3bf0770a5d7b", @multicast, @empty]})
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000040)={0x1, 0x7, 0x3})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r4, 0x29, 0x37, &(0x7f0000000040)={0x3c}, 0x8)

1.60579577s ago: executing program 8 (id=1183):
syz_emit_ethernet(0x76, &(0x7f0000000080)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd6012000800403a01fe8000000000000000000000000000bbfe8000000000000000000000000000aa040090e67a8d8001a1970e4c0f2b03780000000468e632fd00008800fc000000000000000000000000000000fc00000cd0f33a00000000008800000000000000"], 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
unshare(0x2a020400)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@mpls_delroute={0x28, 0x19, 0x1, 0x0, 0x2, {0x1c, 0x14, 0x0, 0x0, 0xff, 0x0, 0x0, 0x1}, [@RTA_MULTIPATH={0xc, 0x9, {0x29b, 0x0, 0xe}}]}, 0x28}, 0x1, 0x0, 0x0, 0x140c1}, 0x44)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x0, 0x8, 0x0)
fsopen(&(0x7f0000000140)='ext3\x00', 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@migrate={0xd8, 0x21, 0x1, 0x0, 0x0, {{@in6=@dev, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@migrate={0x50, 0x11, [{@in=@empty, @in6=@private2, @in6=@rand_addr=' \x01\x00', @in=@local}]}, @user_kmaddress={0x2c, 0x13, {@in=@remote, @in6=@loopback}}, @policy_type={0xa}]}, 0xd8}}, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000000dc0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = landlock_create_ruleset(&(0x7f0000000080)={0xc97a, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)
listen(r2, 0xa)

1.139179436s ago: executing program 3 (id=1184):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xfffffdff})
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@flushpolicy={0x10, 0x1d, 0x1}, 0x10}}, 0x0)

1.132373236s ago: executing program 7 (id=1185):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route_sched(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r3, {0xf000, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000034c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x5, 0x7}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0xf, 0xffe0}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c080}, 0x40)

1.029632728s ago: executing program 0 (id=1186):
landlock_create_ruleset(&(0x7f00000002c0)={0x2da8}, 0x18, 0x0)
syz_open_procfs(0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x2e0000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f00000000c0)=0x3, 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x1f0268bc, @empty, 0x6}}, 0x0, 0x0, 0x3fc, 0x1, 0x32, 0xb}, 0x9c)
bind$inet6(r2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{}, 0x0, &(0x7f00000006c0), 0x2000000}, 0x20)

1.029218808s ago: executing program 3 (id=1187):
syz_emit_ethernet(0x46, &(0x7f0000000240)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x0)

979.081688ms ago: executing program 8 (id=1188):
socket$can_bcm(0x1d, 0x2, 0x2)
socket$unix(0x1, 0x1, 0x0)
socket$inet(0x2, 0x2, 0x73)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000280)="32780f6439832375", 0x8, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f00000004c0)={{0x12, 0x1, 0x141, 0x30, 0xf5, 0x69, 0x20, 0x5ac, 0x219, 0xf072, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x55, 0x7, 0x1, 0x3, 0x49, 0x2, 0x0, [], [{{0x9, 0x5, 0x82, 0x3, 0x400, 0x0, 0x33, 0x81}}]}}]}}]}}, 0x0)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x4814)
syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4)
shutdown(r0, 0x1)

927.019249ms ago: executing program 7 (id=1189):
socket$inet(0x2, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x50)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000240)=ANY=[@ANYBLOB="e0000002ac1414aa0100000002"], 0x18)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2}}}}}, 0x0)

781.749571ms ago: executing program 7 (id=1190):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a80)={0x2c, 0x7, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x7}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x18d643ac380b3942)

22.26134ms ago: executing program 7 (id=1191):
setuid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0xa, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setpgid(r0, r0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
setxattr$trusted_overlay_redirect(0x0, &(0x7f0000000380), &(0x7f00000003c0)='./file0\x00', 0x8, 0x1)
io_submit(0x0, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r5, 0x0}])
ioctl$BINDER_WRITE_READ(r5, 0x40046208, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"})
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@o_path={&(0x7f0000000180)='./file0\x00', 0x0, 0x10, r1}, 0x18)

0s ago: executing program 2 (id=1192):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000140)='lp\x00', 0x3)
r3 = syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, &(0x7f0000000100)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000580)="17", 0xfdef, 0x10008095, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x6, 0x76, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

 47.093288][ T4476] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   47.122439][ T4306] EXT4-fs error (device loop1): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extra_isize 50 (inode size 256)
[   47.172377][ T4306] EXT4-fs error (device loop1): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extra_isize 50 (inode size 256)
[   47.173490][ T4476] EXT4-fs (loop3): resizing filesystem from 512 to 0 blocks
[   47.216586][ T4476] EXT4-fs warning (device loop3): ext4_resize_fs:2051: can't shrink FS - resize aborted
[   47.378650][ T4316] EXT4-fs (loop3): unmounting filesystem.
[   47.537016][ T4313] Bluetooth: hci4: command 0x0419 tx timeout
[   47.537300][ T4318] Bluetooth: hci2: command 0x0419 tx timeout
[   47.538782][ T4313] Bluetooth: hci0: command 0x0419 tx timeout
[   47.538813][ T4313] Bluetooth: hci3: command 0x0419 tx timeout
[   47.613807][   T55] bridge0: port 3(bond1) entered disabled state
[   47.686279][ T4306] EXT4-fs (loop1): unmounting filesystem.
[   48.059899][   T39] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.214859][   T39] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.231141][ T4502] netlink: 'syz.3.30': attribute type 1 has an invalid length.
[   48.265141][ T4318] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   48.269405][ T4318] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   48.272428][ T4318] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   48.276297][ T4318] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   48.279595][ T4318] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   48.285452][ T4318] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   48.501809][   T39] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.511464][ T4510] loop4: detected capacity change from 0 to 512
[   48.551221][ T4510] EXT4-fs: Ignoring removed i_version option
[   48.592360][ T4510] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   48.619554][ T4510] EXT4-fs (loop4): 1 truncate cleaned up
[   48.621172][ T4510] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   48.639089][   T39] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   48.989688][ T4319] EXT4-fs error (device loop4): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extra_isize 50 (inode size 256)
[   49.013264][ T4319] EXT4-fs error (device loop4): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extra_isize 50 (inode size 256)
[   49.033288][    T7] usb 1-1: unable to get BOS descriptor or descriptor too short
[   49.051566][    T7] usb 1-1: unable to read config index 0 descriptor/start: -71
[   49.054488][    T7] usb 1-1: can't read configurations, error -71
[   49.496555][ T4503] chnl_net:caif_netlink_parms(): no params data found
[   49.569841][ T4319] EXT4-fs (loop4): unmounting filesystem.
[   49.712839][ T4548] binder: 4547:4548 ioctl 4018620d 0 returned -22
[   49.748958][ T4548] binder: 4547:4548 got transaction to invalid handle, 1
[   49.764001][ T4548] binder: 4548:4547 cannot find target node
[   49.771371][ T4548] binder: 4547:4548 transaction call to 0:0 failed 4/29201/-22, size 0-0 line 3054
[   49.859199][  T112] binder: undelivered TRANSACTION_ERROR: 29201
[   49.861121][  T112] binder: undelivered TRANSACTION_ERROR: 29201
[   49.985681][ T4503] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.997804][ T4503] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.025140][ T4503] device bridge_slave_0 entered promiscuous mode
[   50.046636][ T4318] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   50.055741][ T4318] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   50.067257][ T4318] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   50.071710][ T4318] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   50.074403][ T4318] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   50.076922][ T4318] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   50.158910][ T4503] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.161038][ T4503] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.163585][ T4503] device bridge_slave_1 entered promiscuous mode
[   50.185024][ T4566] netlink: 4 bytes leftover after parsing attributes in process `syz.2.42'.
[   50.337222][ T4318] Bluetooth: hci1: command 0x0409 tx timeout
[   50.528418][ T4592] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   50.531138][ T4592] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   50.615009][ T4503] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   50.699261][ T4503] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   50.704622][ T4600] fuse: root generation should be zero
[   51.087379][ T4503] team0: Port device team_slave_0 added
[   51.092771][ T4503] team0: Port device team_slave_1 added
[   51.176568][ T4503] batman_adv: batadv0: Adding interface: batadv_slave_0
[   51.178891][ T4503] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.208806][ T4503] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   51.237089][ T4503] batman_adv: batadv0: Adding interface: batadv_slave_1
[   51.239066][ T4503] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.281504][ T4503] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   51.724657][   T39] device hsr_slave_0 left promiscuous mode
[   51.757019][   T39] device hsr_slave_1 left promiscuous mode
[   51.806936][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   51.809045][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[   51.838333][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   51.840798][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[   51.843542][   T39] device bridge_slave_1 left promiscuous mode
[   51.846301][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.889775][   T39] device bridge_slave_0 left promiscuous mode
[   51.891817][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.037280][   T39] device veth1_macvtap left promiscuous mode
[   52.039379][   T39] device veth0_macvtap left promiscuous mode
[   52.041170][   T39] device veth1_vlan left promiscuous mode
[   52.043036][   T39] device veth0_vlan left promiscuous mode
[   52.096973][   T47] Bluetooth: hci4: command 0x0409 tx timeout
[   52.426815][   T47] Bluetooth: hci1: command 0x041b tx timeout
[   53.970241][   T39] team0 (unregistering): Port device team_slave_1 removed
[   54.177810][   T47] Bluetooth: hci4: command 0x041b tx timeout
[   54.497035][ T4318] Bluetooth: hci1: command 0x040f tx timeout
[   54.768168][   T39] team0 (unregistering): Port device team_slave_0 removed
[   54.938553][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   55.140223][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   55.306868][ T4308] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   55.499087][ T4308] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   55.502571][ T4308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   55.505859][ T4308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   55.508937][ T4308] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   55.514024][ T4308] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   55.516499][ T4308] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   55.518951][ T4308] usb 1-1: Manufacturer: syz
[   55.523324][ T4308] usb 1-1: config 0 descriptor??
[   55.945905][ T4308] appleir 0003:05AC:8243.0001: unknown main item tag 0x0
[   55.949195][ T4308] appleir 0003:05AC:8243.0001: No inputs registered, leaving
[   55.963530][ T4308] appleir 0003:05AC:8243.0001: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[   56.256859][ T4318] Bluetooth: hci4: command 0x040f tx timeout
[   56.577435][   T47] Bluetooth: hci1: command 0x0419 tx timeout
[   57.569519][   T39] bond0 (unregistering): Released all slaves
[   57.812393][ T4639] netlink: 4 bytes leftover after parsing attributes in process `syz.2.56'.
[   57.826864][ T4563] chnl_net:caif_netlink_parms(): no params data found
[   58.028938][ T4503] device hsr_slave_0 entered promiscuous mode
[   58.069822][   T14] usb 1-1: USB disconnect, device number 4
[   58.128288][ T4503] device hsr_slave_1 entered promiscuous mode
[   58.300901][ T4563] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.302886][ T4563] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.305547][ T4563] device bridge_slave_0 entered promiscuous mode
[   58.336983][ T4318] Bluetooth: hci4: command 0x0419 tx timeout
[   58.425716][ T4563] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.434495][ T4563] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.448604][ T4563] device bridge_slave_1 entered promiscuous mode
[   58.636295][ T4563] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.678786][ T4563] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.949252][ T4563] team0: Port device team_slave_0 added
[   58.952747][ T4563] team0: Port device team_slave_1 added
[   59.035097][ T4503] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   59.105314][ T4503] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   59.167445][ T4563] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.169506][ T4563] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.176677][ T4563] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.206266][ T4503] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   59.258471][ T4503] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   59.306768][ T4719] netlink: 4 bytes leftover after parsing attributes in process `syz.0.79'.
[   59.662147][   T39] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.679215][ T4563] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.681182][ T4563] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.696800][ T4563] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.848821][   T39] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.998994][   T39] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.068747][ T4563] device hsr_slave_0 entered promiscuous mode
[   60.089195][ T4563] device hsr_slave_1 entered promiscuous mode
[   60.146815][ T4563] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.148908][ T4563] Cannot create hsr debugfs directory
[   60.218901][   T39] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.327872][ T4503] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.376241][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   60.382816][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   60.419212][ T4503] 8021q: adding VLAN 0 to HW filter on device team0
[   60.493597][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   60.503515][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   60.515854][ T4657] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.518089][ T4657] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.537219][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   60.549589][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   60.552781][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   60.561260][   T55] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.563351][   T55] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.617159][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   60.640518][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   60.681860][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   60.686283][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   60.698840][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   60.713546][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   60.717880][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   60.837999][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   60.841167][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   60.844154][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   60.872031][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   60.884718][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   60.943032][ T4777] netlink: 388 bytes leftover after parsing attributes in process `syz.0.87'.
[   60.965308][ T4563] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   60.989554][ T4563] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   61.151631][ T4563] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   61.163132][ T4783] loop0: detected capacity change from 0 to 512
[   61.172629][ T4783] EXT4-fs: Ignoring removed orlov option
[   61.189240][ T4563] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   61.205959][ T4783] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   61.247584][ T4783] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   61.289195][ T4783] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2195: inode #15: comm syz.0.88: corrupted in-inode xattr
[   61.315294][ T4783] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.88: couldn't read orphan inode 15 (err -117)
[   61.340977][ T4783] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   61.403972][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   61.406281][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   61.519232][ T4503] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.682684][ T4305] EXT4-fs (loop0): unmounting filesystem.
[   61.742763][ T4563] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.845077][ T4563] 8021q: adding VLAN 0 to HW filter on device team0
[   61.865729][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   61.868894][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   61.890856][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   61.899093][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   61.907533][   T55] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.909684][   T55] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.018868][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   62.021752][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   62.024654][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   62.036902][   T55] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.039026][   T55] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.041495][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   62.046653][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   62.054840][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   62.068988][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   62.172213][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   62.175185][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   62.209739][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   62.217455][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   62.226347][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   62.253332][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   62.259740][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   62.265866][ T4563] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   63.150750][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   63.153938][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   63.185158][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   63.188264][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   63.887405][ T4836] netlink: 12 bytes leftover after parsing attributes in process `syz.0.93'.
[   63.892013][ T4503] device veth0_vlan entered promiscuous mode
[   63.895329][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   63.898403][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   63.926602][   T39] device hsr_slave_0 left promiscuous mode
[   63.962887][   T39] device hsr_slave_1 left promiscuous mode
[   64.036975][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   64.039210][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[   64.049723][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   64.052120][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[   64.061106][   T39] device bridge_slave_1 left promiscuous mode
[   64.065716][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.098563][   T39] device bridge_slave_0 left promiscuous mode
[   64.100904][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.247051][   T39] device veth1_macvtap left promiscuous mode
[   64.248930][   T39] device veth0_macvtap left promiscuous mode
[   64.250649][   T39] device veth1_vlan left promiscuous mode
[   64.252289][   T39] device veth0_vlan left promiscuous mode
[   65.433002][ T4845] netlink: 388 bytes leftover after parsing attributes in process `syz.3.96'.
[   65.482572][ T4847] loop3: detected capacity change from 0 to 512
[   65.485784][ T4847] EXT4-fs: Ignoring removed orlov option
[   65.491524][ T4847] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   65.495699][ T4847] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   65.505142][ T4847] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.97: corrupted in-inode xattr
[   65.516871][ T4847] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.97: couldn't read orphan inode 15 (err -117)
[   65.520701][ T4847] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   66.129771][   T39] team0 (unregistering): Port device team_slave_1 removed
[   66.309614][   T39] team0 (unregistering): Port device team_slave_0 removed
[   66.487577][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   66.707649][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   69.192409][   T39] bond0 (unregistering): Released all slaves
[   69.433756][ T4837] netlink: 4 bytes leftover after parsing attributes in process `syz.0.93'.
[   69.440751][ T4843] netlink: 44 bytes leftover after parsing attributes in process `syz.2.95'.
[   69.448313][ T4503] device veth1_vlan entered promiscuous mode
[   69.497091][ T4824] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   69.499781][ T4824] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   69.506390][ T4563] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.528212][ T4316] EXT4-fs (loop3): unmounting filesystem.
[   69.588150][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   69.591471][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   69.657689][ T2060] ieee802154 phy0 wpan0: encryption failed: -22
[   69.660019][ T2060] ieee802154 phy1 wpan1: encryption failed: -22
[   69.745776][ T1515] cfg80211: failed to load regulatory.db
[   69.755663][ T4503] device veth0_macvtap entered promiscuous mode
[   69.779109][ T4503] device veth1_macvtap entered promiscuous mode
[   70.501538][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   70.504364][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   70.527704][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.573404][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.576278][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.594064][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.621442][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.624326][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.650004][ T4503] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.665141][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.681889][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.694929][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.709251][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.722387][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.758225][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.789877][ T4503] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.990379][ T4878] netlink: 388 bytes leftover after parsing attributes in process `syz.2.105'.
[   71.165080][ T4880] netlink: 12 bytes leftover after parsing attributes in process `syz.2.106'.
[   71.219495][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   71.222496][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   71.257242][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   71.278095][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   71.309855][ T4503] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.312804][ T4503] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.322696][ T4503] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.327084][ T4503] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.336247][ T4881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.106'.
[   71.387938][ T4887] loop0: detected capacity change from 0 to 512
[   71.408616][ T4887] EXT4-fs: Ignoring removed orlov option
[   71.420429][ T4887] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   71.447400][ T4887] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   71.469777][ T4887] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2195: inode #15: comm syz.0.107: corrupted in-inode xattr
[   71.488926][ T4887] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.107: couldn't read orphan inode 15 (err -117)
[   71.492529][ T4656] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.494885][ T4656] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.499155][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   71.528732][ T4887] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   71.563642][ T4657] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.566001][ T4657] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.591890][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   71.746336][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   71.750005][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   71.759638][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   71.769031][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   71.776144][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   71.784228][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   71.798212][ T4563] device veth0_vlan entered promiscuous mode
[   71.858219][ T4903] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   71.961120][ T4563] device veth1_vlan entered promiscuous mode
[   72.020564][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   72.023731][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   72.026576][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   72.041507][ T4305] EXT4-fs (loop0): unmounting filesystem.
[   72.062165][   T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   72.068154][ T4563] device veth0_macvtap entered promiscuous mode
[   72.090606][ T4563] device veth1_macvtap entered promiscuous mode
[   72.125794][ T4563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.129998][ T4563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.132799][ T4563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.135848][ T4563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.156726][ T4563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.159708][ T4563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.162711][ T4563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.165663][ T4563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.245365][ T4563] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.267336][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   72.271002][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   72.282880][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   72.313367][ T4657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   73.028877][ T4563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.031701][ T4563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.034465][ T4563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.046840][ T4563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.049655][ T4563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.052581][ T4563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.055392][ T4563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.067176][ T4563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.071545][ T4563] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.073903][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   73.088790][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   73.095291][ T4563] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.163360][ T4563] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.166637][ T4563] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.174972][ T4563] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.400735][ T4935] netlink: 12 bytes leftover after parsing attributes in process `syz.5.116'.
[   73.518877][ T4824] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.521318][ T4824] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.526004][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   73.533318][ T4935] netlink: 4 bytes leftover after parsing attributes in process `syz.5.116'.
[   73.854320][ T4825] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.857232][ T4825] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.862059][ T4825] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   74.225017][ T4956] loop2: detected capacity change from 0 to 512
[   74.232074][ T4956] EXT4-fs: Ignoring removed orlov option
[   74.248789][ T4956] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   74.280687][ T4956] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   74.295664][ T4956] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.121: corrupted in-inode xattr
[   74.315665][ T4956] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.121: couldn't read orphan inode 15 (err -117)
[   74.325295][ T4956] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   74.629584][ T4307] EXT4-fs (loop2): unmounting filesystem.
[   75.672882][ T5014] device bpq0 entered promiscuous mode
[   75.896937][ T5024] loop6: detected capacity change from 0 to 512
[   75.902628][ T5024] EXT4-fs: Ignoring removed orlov option
[   75.935694][ T5024] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[   76.689193][ T5024] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   76.693809][ T5024] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2195: inode #15: comm syz.6.136: corrupted in-inode xattr
[   76.718542][ T5024] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.136: couldn't read orphan inode 15 (err -117)
[   76.725694][ T5024] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   77.025974][ T4563] EXT4-fs (loop6): unmounting filesystem.
[   77.810862][ T5070] loop2: detected capacity change from 0 to 512
[   77.813793][ T5070] EXT4-fs: Ignoring removed orlov option
[   77.824013][ T5070] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   77.831457][ T5070] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   77.835141][ T5070] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.152: corrupted in-inode xattr
[   77.948463][ T5070] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.152: couldn't read orphan inode 15 (err -117)
[   77.954427][ T5070] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   78.982657][ T4307] EXT4-fs (loop2): unmounting filesystem.
[   79.912442][ T5125] loop3: detected capacity change from 0 to 512
[   79.915059][ T5125] EXT4-fs: Ignoring removed orlov option
[   79.949614][ T5125] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   80.125403][ T5125] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   80.139676][ T5125] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.164: corrupted in-inode xattr
[   80.147118][ T5125] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.164: couldn't read orphan inode 15 (err -117)
[   80.158749][ T5125] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   81.076486][ T4316] EXT4-fs (loop3): unmounting filesystem.
[   81.831823][ T5200] loop5: detected capacity change from 0 to 512
[   81.838755][ T5200] EXT4-fs: Ignoring removed orlov option
[   81.852965][ T5200] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[   81.893558][ T5200] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   81.902254][ T5200] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.183: corrupted in-inode xattr
[   81.913144][ T5200] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.183: couldn't read orphan inode 15 (err -117)
[   81.932734][ T5200] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   83.272954][ T4503] EXT4-fs (loop5): unmounting filesystem.
[   83.521277][ T5232] Zero length message leads to an empty skb
[   83.816218][ T5243] device wlan0 entered promiscuous mode
[   84.265386][ T5268] loop0: detected capacity change from 0 to 512
[   84.271797][ T5268] EXT4-fs: Ignoring removed orlov option
[   84.284607][ T5268] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   84.353057][ T5268] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   84.360516][ T5268] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2195: inode #15: comm syz.0.200: corrupted in-inode xattr
[   84.382374][ T5268] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.200: couldn't read orphan inode 15 (err -117)
[   84.398347][ T5268] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   84.556389][ T4305] EXT4-fs (loop0): unmounting filesystem.
[   84.940785][ T5298] netlink: 4 bytes leftover after parsing attributes in process `syz.5.206'.
[   85.823550][ T5341] netlink: 24 bytes leftover after parsing attributes in process `syz.0.220'.
[   86.570338][ T5381] netlink: 24 bytes leftover after parsing attributes in process `syz.2.231'.
[   87.444949][ T5409] loop0: detected capacity change from 0 to 512
[   87.450576][ T5409] EXT4-fs: Ignoring removed orlov option
[   87.452690][ T5409] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   87.468696][ T5409] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   87.498240][ T5409] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2195: inode #15: comm syz.0.240: corrupted in-inode xattr
[   87.515046][ T5409] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.240: couldn't read orphan inode 15 (err -117)
[   87.532456][ T5409] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   87.721761][ T4305] EXT4-fs (loop0): unmounting filesystem.
[   88.080273][ T5438] process 'syz.6.246' launched './file0' with NULL argv: empty string added
[   88.418850][ T5452] netlink: 4 bytes leftover after parsing attributes in process `syz.6.249'.
[   88.514439][ T5466] loop2: detected capacity change from 0 to 512
[   88.518055][ T5466] EXT4-fs: Ignoring removed orlov option
[   88.525662][ T5466] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   88.536078][ T5466] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   88.544092][ T5466] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.253: corrupted in-inode xattr
[   88.549126][ T5466] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.253: couldn't read orphan inode 15 (err -117)
[   88.554202][ T5466] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   88.614165][ T4307] EXT4-fs (loop2): unmounting filesystem.
[   89.309390][ T5490] input: syz0 as /devices/virtual/input/input2
[   89.693592][ T5509] loop3: detected capacity change from 0 to 512
[   89.705327][ T5509] EXT4-fs: Ignoring removed orlov option
[   89.712911][ T5509] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   89.727432][ T5509] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   89.753823][ T5509] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.264: corrupted in-inode xattr
[   89.761420][ T5509] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.264: couldn't read orphan inode 15 (err -117)
[   89.771038][ T5509] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   89.807349][ T4316] EXT4-fs (loop3): unmounting filesystem.
[   89.948038][ T5517] netlink: 4 bytes leftover after parsing attributes in process `syz.3.266'.
[   90.363714][ T5531] netlink: 12 bytes leftover after parsing attributes in process `syz.3.270'.
[   91.913225][ T5564] loop0: detected capacity change from 0 to 512
[   91.935158][ T5564] EXT4-fs: Ignoring removed orlov option
[   91.947664][ T5564] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   91.954725][ T5564] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   91.977767][ T5564] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2195: inode #15: comm syz.0.276: corrupted in-inode xattr
[   91.996412][ T5564] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.276: couldn't read orphan inode 15 (err -117)
[   92.059028][ T5564] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   92.227930][ T4305] EXT4-fs (loop0): unmounting filesystem.
[   92.393774][ T5585] netlink: 4 bytes leftover after parsing attributes in process `syz.0.280'.
[   92.402923][ T5588] netlink: 12 bytes leftover after parsing attributes in process `syz.5.282'.
[   92.468622][ T5589] netlink: 12 bytes leftover after parsing attributes in process `syz.0.280'.
[   93.725980][ T5610] netlink: 80 bytes leftover after parsing attributes in process `syz.6.287'.
[   93.899792][ T5621] loop6: detected capacity change from 0 to 512
[   93.980288][ T5621] EXT4-fs: Ignoring removed orlov option
[   93.998853][ T5621] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[   94.035805][ T5621] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   94.042806][ T5621] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2195: inode #15: comm syz.6.291: corrupted in-inode xattr
[   94.059103][ T5621] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.291: couldn't read orphan inode 15 (err -117)
[   94.070883][ T5621] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   94.237411][ T4563] EXT4-fs (loop6): unmounting filesystem.
[   95.269934][ T5645] netlink: 12 bytes leftover after parsing attributes in process `syz.6.294'.
[   95.418596][ T5652] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.443349][ T5652] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.315728][ T5663] loop0: detected capacity change from 0 to 512
[   96.328248][ T5666] netlink: 80 bytes leftover after parsing attributes in process `syz.2.301'.
[   96.444990][ T5675] loop2: detected capacity change from 0 to 512
[   96.448711][ T5675] EXT4-fs: Ignoring removed orlov option
[   96.456931][ T5663] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   96.461946][ T5663] netlink: 96 bytes leftover after parsing attributes in process `syz.0.299'.
[   96.464891][ T5675] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   96.520918][ T5675] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   96.557075][ T5675] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.304: corrupted in-inode xattr
[   96.568893][ T5675] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.304: couldn't read orphan inode 15 (err -117)
[   96.581919][ T5675] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   96.614011][ T4305] EXT4-fs (loop0): unmounting filesystem.
[   96.670204][ T4307] EXT4-fs (loop2): unmounting filesystem.
[   97.620653][ T5685] netlink: 4 bytes leftover after parsing attributes in process `syz.5.306'.
[   97.796954][ T5707] netlink: 40 bytes leftover after parsing attributes in process `syz.3.310'.
[   99.188469][ T5727] netlink: 80 bytes leftover after parsing attributes in process `syz.0.315'.
[   99.330516][ T5734] loop5: detected capacity change from 0 to 512
[   99.333923][ T5734] EXT4-fs: Ignoring removed orlov option
[   99.375580][ T5734] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[   99.386510][ T5734] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[   99.404704][ T5734] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.318: corrupted in-inode xattr
[   99.420147][ T5734] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.318: couldn't read orphan inode 15 (err -117)
[   99.431402][ T5734] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   99.492061][ T5748] netlink: 4 bytes leftover after parsing attributes in process `syz.3.322'.
[   99.526211][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  100.606297][ T5765] netlink: 60 bytes leftover after parsing attributes in process `syz.6.326'.
[  100.702127][ T5773] loop5: detected capacity change from 0 to 256
[  100.726073][ T5773] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  100.734598][ T5773] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  100.771489][ T5773] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  100.819460][ T5776] netlink: 80 bytes leftover after parsing attributes in process `syz.6.330'.
[  102.659002][ T5800] netlink: 4 bytes leftover after parsing attributes in process `syz.6.335'.
[  103.755135][ T5827] netlink: 80 bytes leftover after parsing attributes in process `syz.2.341'.
[  104.929787][ T5862] netlink: 4 bytes leftover after parsing attributes in process `syz.5.350'.
[  106.950057][ T5886] netlink: 80 bytes leftover after parsing attributes in process `syz.2.355'.
[  107.217304][ T5905] device bpq0 left promiscuous mode
[  107.219511][ T5905] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  107.312940][ T5903] loop6: detected capacity change from 0 to 4096
[  107.834716][ T5903] fscrypt: Error allocating hmac(sha512): -2
[  108.431580][ T5927] fuse: Bad value for 'fd'
[  109.489388][ T5950] netlink: 4 bytes leftover after parsing attributes in process `syz.0.367'.
[  109.531224][ T5951] netlink: 72 bytes leftover after parsing attributes in process `syz.6.369'.
[  110.937727][ T5994] netlink: 48 bytes leftover after parsing attributes in process `syz.5.380'.
[  111.061404][ T6001] netlink: 72 bytes leftover after parsing attributes in process `syz.3.383'.
[  111.080962][ T6000] x_tables: ip_tables: hashlimit.1 match: invalid size 56 (kernel) != (user) 616
[  111.085513][   T27] audit: type=1326 audit(111.050:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.381" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  111.100339][   T27] audit: type=1326 audit(111.050:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.381" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  111.201601][   T27] audit: type=1326 audit(111.050:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.381" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  111.251656][   T27] audit: type=1326 audit(111.050:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.381" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  111.255563][ T6000] binder: 5999:6000 BC_FREE_BUFFER u0000000000000000 no match
[  111.258394][   T27] audit: type=1326 audit(111.050:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.381" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  111.265539][ T6013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.385'.
[  111.266264][   T27] audit: type=1326 audit(111.060:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.381" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  111.275291][   T27] audit: type=1326 audit(111.070:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.381" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  111.281621][   T27] audit: type=1326 audit(111.070:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.381" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  111.287754][   T27] audit: type=1326 audit(111.070:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.381" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  111.294077][   T27] audit: type=1326 audit(111.070:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5997 comm="syz.0.381" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=68 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  111.308662][ T6000] binder: 5999:6000 got reply transaction with no transaction stack
[  111.310870][ T6000] binder: 5999:6000 transaction reply to 0:0 failed 7/29201/-71, size 104-0 line 2955
[  112.030019][ T6000] binder: 5999:6000 ioctl 89f6 200000c0 returned -22
[  112.049316][ T6000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.051912][ T6000] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.121111][ T1515] binder: undelivered TRANSACTION_ERROR: 29201
[  113.358954][ T6048] netlink: 72 bytes leftover after parsing attributes in process `syz.0.395'.
[  114.147670][ T6046] loop6: detected capacity change from 0 to 4096
[  114.238862][ T6046] EXT4-fs (loop6): Test dummy encryption mode enabled
[  114.300092][ T6062] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.302622][ T6062] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.322228][ T6046] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  114.530160][ T4563] EXT4-fs (loop6): unmounting filesystem.
[  115.552489][ T6082] netlink: 4 bytes leftover after parsing attributes in process `syz.2.401'.
[  115.566695][    C0] sched: RT throttling activated
[  115.987398][ T6104] netlink: 72 bytes leftover after parsing attributes in process `syz.3.408'.
[  116.573060][ T6129] netlink: 4 bytes leftover after parsing attributes in process `syz.3.416'.
[  118.712746][ T6143] loop5: detected capacity change from 0 to 1024
[  118.715462][ T6143] EXT4-fs: Ignoring removed orlov option
[  118.728975][ T6150] netlink: 72 bytes leftover after parsing attributes in process `syz.2.420'.
[  118.770237][ T6143] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  119.043988][ T6170] capability: warning: `syz.3.425' uses deprecated v2 capabilities in a way that may be insecure
[  119.095009][ T6172] syz.2.426 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  119.157778][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  119.205503][ T6177] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  119.209136][ T6177] netlink: 8 bytes leftover after parsing attributes in process `syz.6.412'.
[  119.345019][ T6178] netlink: 4 bytes leftover after parsing attributes in process `syz.2.429'.
[  120.345403][ T6196] netlink: 72 bytes leftover after parsing attributes in process `syz.0.433'.
[  121.455990][ T6219] netlink: 24 bytes leftover after parsing attributes in process `syz.3.440'.
[  121.490539][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  121.490551][   T27] audit: type=1326 audit(121.460:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6220 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86b5cc28 code=0x7ffc0000
[  121.528823][   T27] audit: type=1326 audit(121.470:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6220 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=100 compat=0 ip=0xffff86b5cc28 code=0x7ffc0000
[  121.548897][   T27] audit: type=1326 audit(121.470:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6220 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86b5cc28 code=0x7ffc0000
[  121.736885][ T6231] netlink: 4 bytes leftover after parsing attributes in process `syz.2.443'.
[  122.705811][ T6250] fuse: Bad value for 'fd'
[  123.832348][ T6269] loop2: detected capacity change from 0 to 512
[  123.847711][ T6269] EXT4-fs: Ignoring removed i_version option
[  123.865928][ T6269] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  124.628380][ T6269] EXT4-fs (loop2): 1 truncate cleaned up
[  124.642059][ T6269] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  124.789197][ T6269] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  124.792941][ T6269] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  124.925114][ T4307] EXT4-fs (loop2): unmounting filesystem.
[  125.258597][ T6286] loop0: detected capacity change from 0 to 40427
[  125.291851][ T6286] F2FS-fs (loop0): invalid crc value
[  125.319454][ T6286] F2FS-fs (loop0): Found nat_bits in checkpoint
[  125.359427][ T6286] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0
[  125.371437][ T6286] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  125.662389][ T6286] syz.0.457: attempt to access beyond end of device
[  125.662389][ T6286] loop0: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  126.993509][ T4305] syz-executor: attempt to access beyond end of device
[  126.993509][ T4305] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  127.975876][ T6339] netlink: 4 bytes leftover after parsing attributes in process `syz.2.464'.
[  128.039394][ T6340] netlink: 64 bytes leftover after parsing attributes in process `syz.3.465'.
[  128.324757][ T6357] loop3: detected capacity change from 0 to 512
[  128.344990][ T6357] EXT4-fs: Ignoring removed i_version option
[  128.362316][ T6357] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  128.392282][ T6357] EXT4-fs (loop3): 1 truncate cleaned up
[  128.394110][ T6357] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  128.526071][ T6357] overlayfs: missing 'lowerdir'
[  128.544490][ T4316] EXT4-fs (loop3): unmounting filesystem.
[  131.364035][ T6400] netlink: 64 bytes leftover after parsing attributes in process `syz.2.479'.
[  131.467620][ T2060] ieee802154 phy0 wpan0: encryption failed: -22
[  131.469503][ T2060] ieee802154 phy1 wpan1: encryption failed: -22
[  132.207099][ T6416] netlink: 4 bytes leftover after parsing attributes in process `syz.2.481'.
[  132.341516][ T6422] loop5: detected capacity change from 0 to 512
[  132.344007][ T6422] EXT4-fs: Ignoring removed i_version option
[  132.346206][ T6422] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  132.388908][ T6422] EXT4-fs (loop5): 1 truncate cleaned up
[  132.390602][ T6422] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  132.563591][ T6422] overlayfs: missing 'lowerdir'
[  133.476263][ T4503] EXT4-fs (loop5): unmounting filesystem.
[  133.632613][ T6448] netlink: 64 bytes leftover after parsing attributes in process `syz.0.491'.
[  136.057354][ T6475] netlink: 56 bytes leftover after parsing attributes in process `syz.6.498'.
[  136.114995][ T6481] netlink: 4 bytes leftover after parsing attributes in process `syz.3.497'.
[  136.880170][ T6488] loop2: detected capacity change from 0 to 512
[  136.917710][ T6488] EXT4-fs: Ignoring removed i_version option
[  136.927149][ T6488] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  137.008130][ T6488] EXT4-fs (loop2): 1 truncate cleaned up
[  137.009940][ T6488] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  137.049695][ T6501] netlink: 'syz.3.503': attribute type 1 has an invalid length.
[  137.053005][ T6501] netlink: 'syz.3.503': attribute type 1 has an invalid length.
[  137.055128][ T6501] netlink: 4 bytes leftover after parsing attributes in process `syz.3.503'.
[  137.064100][ T6488] overlayfs: missing 'lowerdir'
[  137.218526][ T4307] EXT4-fs (loop2): unmounting filesystem.
[  140.427829][ T6543] netlink: 56 bytes leftover after parsing attributes in process `syz.5.514'.
[  140.434166][ T6551] loop2: detected capacity change from 0 to 512
[  140.462025][ T6552] netlink: 4 bytes leftover after parsing attributes in process `syz.6.513'.
[  140.473449][ T6547] netlink: 'syz.3.517': attribute type 1 has an invalid length.
[  140.482001][ T6551] EXT4-fs: Ignoring removed i_version option
[  140.484240][ T6551] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  140.489290][ T6547] netlink: 'syz.3.517': attribute type 1 has an invalid length.
[  140.506010][ T6547] netlink: 4 bytes leftover after parsing attributes in process `syz.3.517'.
[  140.530847][ T6551] EXT4-fs (loop2): 1 truncate cleaned up
[  140.532778][ T6551] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  140.578269][ T6551] overlayfs: missing 'workdir'
[  140.732456][ T4307] EXT4-fs (loop2): unmounting filesystem.
[  143.767648][ T6598] netlink: 56 bytes leftover after parsing attributes in process `syz.6.528'.
[  143.976281][ T6605] netlink: 'syz.3.530': attribute type 1 has an invalid length.
[  143.979204][ T6605] netlink: 'syz.3.530': attribute type 1 has an invalid length.
[  143.981466][ T6605] netlink: 4 bytes leftover after parsing attributes in process `syz.3.530'.
[  143.995511][ T6611] loop0: detected capacity change from 0 to 512
[  144.002700][ T6611] EXT4-fs: Ignoring removed i_version option
[  144.021106][ T6611] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  144.065403][ T6611] EXT4-fs (loop0): 1 truncate cleaned up
[  144.068257][ T6611] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  144.116531][ T6611] overlayfs: missing 'workdir'
[  144.168967][ T6622] netlink: 4 bytes leftover after parsing attributes in process `syz.3.533'.
[  144.176630][ T4305] EXT4-fs (loop0): unmounting filesystem.
[  147.673187][ T6670] netlink: 56 bytes leftover after parsing attributes in process `syz.3.542'.
[  147.931050][ T6677] loop3: detected capacity change from 0 to 512
[  147.934619][ T6677] EXT4-fs: Ignoring removed i_version option
[  148.008586][ T6677] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  148.023115][ T6691] netlink: 4 bytes leftover after parsing attributes in process `syz.0.546'.
[  148.046829][ T6677] EXT4-fs (loop3): 1 truncate cleaned up
[  148.050220][ T6677] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  148.116301][ T6677] overlayfs: missing 'workdir'
[  148.942260][ T4316] EXT4-fs (loop3): unmounting filesystem.
[  149.197348][ T6716] netlink: 56 bytes leftover after parsing attributes in process `syz.6.556'.
[  150.662262][ T6737] loop5: detected capacity change from 0 to 512
[  150.664891][ T6737] EXT4-fs: Ignoring removed i_version option
[  150.700916][ T6741] netlink: 44 bytes leftover after parsing attributes in process `syz.3.563'.
[  150.753260][ T6737] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  150.800028][ T6737] EXT4-fs (loop5): 1 truncate cleaned up
[  150.801821][ T6737] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  151.556981][ T6741] netlink: 4 bytes leftover after parsing attributes in process `syz.3.563'.
[  151.718186][ T4503] EXT4-fs error (device loop5): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extra_isize 50 (inode size 256)
[  151.738121][ T4503] EXT4-fs error (device loop5): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extra_isize 50 (inode size 256)
[  151.844621][ T6764] netlink: 56 bytes leftover after parsing attributes in process `syz.3.568'.
[  153.328659][ T6783] netlink: 40 bytes leftover after parsing attributes in process `syz.3.572'.
[  153.400941][ T5758] EXT4-fs (loop5): unmounting filesystem.
[  154.483199][ T6798] loop6: detected capacity change from 0 to 512
[  154.485716][ T6798] EXT4-fs: Ignoring removed i_version option
[  154.508741][ T6797] netlink: 44 bytes leftover after parsing attributes in process `syz.0.578'.
[  154.566875][ T6798] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  154.583998][   T47] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  154.601047][    T9] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.607169][   T47] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  154.622505][ T6798] EXT4-fs (loop6): 1 truncate cleaned up
[  154.624137][ T6798] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  154.634380][   T47] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  154.639641][   T47] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  154.643279][ T4313] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  154.645664][ T4313] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  154.671091][ T6803] netlink: 56 bytes leftover after parsing attributes in process `syz.2.580'.
[  154.673670][ T6806] netlink: 4 bytes leftover after parsing attributes in process `syz.0.578'.
[  154.729252][    T9] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.777266][ T6813] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.779477][ T6813] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.782866][ T6813] device bridge0 entered promiscuous mode
[  154.847084][ T4563] EXT4-fs error (device loop6): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extra_isize 50 (inode size 256)
[  154.867055][ T4563] EXT4-fs error (device loop6): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extra_isize 50 (inode size 256)
[  155.113997][    T9] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.000367][ T6816] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.002528][ T6816] bridge0: port 2(bridge_slave_1) entered forwarding state
[  156.004683][ T6816] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.007598][ T6816] bridge0: port 1(bridge_slave_0) entered forwarding state
[  156.614265][    T9] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.962554][ T4318] Bluetooth: hci1: command 0x0409 tx timeout
[  157.778429][ T6801] chnl_net:caif_netlink_parms(): no params data found
[  157.890463][ T6801] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.892577][ T6801] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.908902][ T6801] device bridge_slave_0 entered promiscuous mode
[  157.914793][ T6801] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.929160][ T6801] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.934606][ T6801] device bridge_slave_1 entered promiscuous mode
[  157.984399][ T6801] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  158.002022][ T6801] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  158.146183][ T6879] netlink: 40 bytes leftover after parsing attributes in process `syz.0.590'.
[  158.218116][ T6884] netlink: 44 bytes leftover after parsing attributes in process `syz.3.593'.
[  158.223557][ T6614] EXT4-fs (loop6): unmounting filesystem.
[  158.304316][ T6801] team0: Port device team_slave_0 added
[  158.371712][ T6801] team0: Port device team_slave_1 added
[  158.374158][ T6886] netlink: 4 bytes leftover after parsing attributes in process `syz.3.593'.
[  158.439567][ T6801] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.441809][ T6801] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.454020][ T6801] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.458598][ T6801] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.460723][ T6801] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.468159][ T6801] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.986931][ T4318] Bluetooth: hci1: command 0x041b tx timeout
[  159.710369][   T47] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  159.714267][   T47] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  159.718961][ T6801] device hsr_slave_0 entered promiscuous mode
[  159.721570][   T47] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  159.724387][   T47] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  159.727363][   T47] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  159.729707][   T47] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  160.108370][ T6801] device hsr_slave_1 entered promiscuous mode
[  160.473958][ T6801] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  160.646987][ T6801] Cannot create hsr debugfs directory
[  161.056848][   T47] Bluetooth: hci1: command 0x040f tx timeout
[  161.817619][ T4318] Bluetooth: hci4: command 0x0409 tx timeout
[  162.064370][ T6953] netlink: 40 bytes leftover after parsing attributes in process `syz.0.607'.
[  162.143476][ T6951] netlink: 4 bytes leftover after parsing attributes in process `syz.2.605'.
[  163.144214][   T47] Bluetooth: hci1: command 0x0419 tx timeout
[  164.025323][ T4318] Bluetooth: hci4: command 0x041b tx timeout
[  164.029272][ T4318] Bluetooth: hci3: command 0x0406 tx timeout
[  164.034611][ T4318] Bluetooth: hci2: command 0x0406 tx timeout
[  164.035512][ T4318] Bluetooth: hci0: command 0x0406 tx timeout
[  164.442480][ T6801] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  164.562149][ T6985] netlink: 188 bytes leftover after parsing attributes in process `syz.2.615'.
[  164.637072][ T6801] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  164.689965][ T6907] chnl_net:caif_netlink_parms(): no params data found
[  164.711074][ T6801] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  164.739186][ T6801] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  166.107118][   T47] Bluetooth: hci4: command 0x040f tx timeout
[  166.309628][ T6907] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.335283][ T6907] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.352073][ T6907] device bridge_slave_0 entered promiscuous mode
[  166.362503][ T7028] netlink: 4 bytes leftover after parsing attributes in process `syz.0.619'.
[  166.446339][    T9] device hsr_slave_0 left promiscuous mode
[  166.587682][    T9] device hsr_slave_1 left promiscuous mode
[  166.858089][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  166.860997][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  166.950148][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  167.015342][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  167.220301][    T9] device bridge_slave_1 left promiscuous mode
[  167.233263][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.325480][ T7044] netlink: 188 bytes leftover after parsing attributes in process `syz.3.624'.
[  167.432310][ T7050] netlink: 20 bytes leftover after parsing attributes in process `syz.2.626'.
[  168.502949][    T9] device bridge_slave_0 left promiscuous mode
[  168.505814][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.855020][   T47] Bluetooth: hci4: command 0x0419 tx timeout
[  169.504034][    T9] device veth1_macvtap left promiscuous mode
[  169.511352][    T9] device veth0_macvtap left promiscuous mode
[  169.514844][    T9] device veth1_vlan left promiscuous mode
[  169.518075][    T9] device veth0_vlan left promiscuous mode
[  170.311031][ T7079] netlink: 188 bytes leftover after parsing attributes in process `syz.3.633'.
[  171.233189][ T7090] netlink: 20 bytes leftover after parsing attributes in process `syz.3.637'.
[  174.143082][ T7114] netlink: 172 bytes leftover after parsing attributes in process `syz.3.642'.
[  175.082787][    T9] team0 (unregistering): Port device team_slave_1 removed
[  175.279897][    T9] team0 (unregistering): Port device team_slave_0 removed
[  175.478418][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  175.679325][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  178.001715][    T9] bond0 (unregistering): Released all slaves
[  178.227108][ T6907] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.229180][ T6907] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.231929][ T6907] device bridge_slave_1 entered promiscuous mode
[  178.255008][ T7076] netlink: 4 bytes leftover after parsing attributes in process `syz.0.631'.
[  178.303700][ T6907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.319179][ T6907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.390880][ T6801] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.424755][ T6801] 8021q: adding VLAN 0 to HW filter on device team0
[  178.451623][ T6907] team0: Port device team_slave_0 added
[  178.461783][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  178.464638][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  178.470013][ T6907] team0: Port device team_slave_1 added
[  178.527411][ T7125] netlink: 20 bytes leftover after parsing attributes in process `syz.3.646'.
[  179.287026][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  179.577568][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  179.590612][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.592602][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.610778][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  179.621056][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  179.635684][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.637864][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.651505][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  179.677498][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  179.732777][ T6907] batman_adv: batadv0: Adding interface: batadv_slave_0
[  179.738937][ T6907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.771149][ T6907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.779417][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  179.799421][ T5949] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  179.804872][ T5949] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  179.828796][ T5949] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  179.850527][ T6907] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.853748][ T6907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.894531][ T6907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.935384][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  179.938800][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  179.941588][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  179.964790][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  179.974734][ T7148] netlink: 'syz.2.649': attribute type 1 has an invalid length.
[  179.992201][ T7148] 8021q: adding VLAN 0 to HW filter on device bond1
[  179.999629][ T6801] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  180.003182][ T6801] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  180.141543][ T7154] bond1: (slave wlan0): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  180.300438][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  180.303355][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  181.073066][ T7148] bond1: (slave vlan2): making interface the new active one
[  181.098673][ T7148] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  181.148354][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  181.234541][ T6907] device hsr_slave_0 entered promiscuous mode
[  181.277169][ T6907] device hsr_slave_1 entered promiscuous mode
[  181.508963][ T7175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.654'.
[  183.407449][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  183.409883][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  183.414469][ T6801] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.559499][    T9] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.660284][ T6907] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  184.732904][ T6907] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  184.909962][    T9] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.918471][ T6907] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  185.029929][ T6907] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  185.058227][ T7229] netlink: 4 bytes leftover after parsing attributes in process `syz.3.666'.
[  185.159063][    T9] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.279762][    T9] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.300323][ T7243] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  185.327674][ T7243] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  185.363334][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  185.366379][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  185.439616][ T6907] 8021q: adding VLAN 0 to HW filter on device bond0
[  185.478877][ T6907] 8021q: adding VLAN 0 to HW filter on device team0
[  185.516316][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  185.519506][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  185.530843][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  185.533918][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  185.542382][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  185.565300][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  185.570538][ T4656] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.572649][ T4656] bridge0: port 1(bridge_slave_0) entered forwarding state
[  185.575112][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  185.753290][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  185.946387][ T4656] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.948634][ T4656] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.304262][ T6801] device veth0_vlan entered promiscuous mode
[  186.325520][ T6801] device veth1_vlan entered promiscuous mode
[  186.358162][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  186.361524][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  186.368675][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  186.403568][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  186.417875][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  186.422995][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  186.426602][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  186.437839][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  186.447870][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  186.458187][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  186.461652][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  186.478325][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  186.481210][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  186.589305][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  186.592350][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  186.600431][ T6907] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  186.642575][ T5718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  186.659799][ T5718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  186.672366][ T6801] device veth0_macvtap entered promiscuous mode
[  186.678265][ T6801] device veth1_macvtap entered promiscuous mode
[  186.759978][ T6801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  186.763116][ T6801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.766067][ T6801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  186.774964][ T6801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.785888][ T6801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  186.798100][ T6801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.804961][ T6801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  186.818468][ T6801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.834696][ T6801] batman_adv: batadv0: Interface activated: batadv_slave_0
[  186.842709][ T7289] netlink: 4 bytes leftover after parsing attributes in process `syz.2.678'.
[  186.855392][ T6801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  186.872811][ T6801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.893545][ T6801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  186.896646][ T6801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.924004][ T6801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  186.934141][ T6801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.946914][ T6801] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  186.949842][ T6801] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.972752][ T6801] batman_adv: batadv0: Interface activated: batadv_slave_1
[  186.977841][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  186.980934][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  186.983682][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  187.011026][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  187.028710][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  187.034738][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  187.180550][ T7309] netlink: 4 bytes leftover after parsing attributes in process `syz.3.683'.
[  187.185476][ T1308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  187.191917][ T1308] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  187.194163][ T7309] netlink: 12 bytes leftover after parsing attributes in process `syz.3.683'.
[  187.205733][ T6801] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.210254][ T6801] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.212814][ T6801] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.215565][ T6801] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.230147][ T6907] 8021q: adding VLAN 0 to HW filter on device batadv0
[  187.386292][ T1515] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  187.567544][ T1515] usb 1-1: Using ep0 maxpacket: 32
[  188.176850][ T1515] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  188.183313][ T1515] usb 1-1: config 0 has no interface number 0
[  188.186219][ T1515] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  188.189616][ T1515] usb 1-1: config 0 interface 85 has no altsetting 0
[  188.208935][ T1515] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  188.211527][ T1515] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.215220][ T1515] usb 1-1: Product: syz
[  188.216438][ T1515] usb 1-1: Manufacturer: syz
[  188.218392][ T1515] usb 1-1: SerialNumber: syz
[  188.229787][ T1515] usb 1-1: config 0 descriptor??
[  188.376470][ T5844] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.384641][ T5844] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.404076][ T5844] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  189.201760][ T1515] appletouch 1-1:0.85: Failed to read mode from device.
[  189.204079][ T1515] appletouch: probe of 1-1:0.85 failed with error -5
[  189.225354][ T1515] usb 1-1: USB disconnect, device number 5
[  189.331180][ T4405] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.333655][ T4405] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.350581][ T1308] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  189.561312][ T7349] netlink: 4 bytes leftover after parsing attributes in process `syz.2.689'.
[  189.564164][ T5718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  189.570419][ T5718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  189.646790][ T7353] netlink: 'syz.7.690': attribute type 1 has an invalid length.
[  189.651733][ T5718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  189.654609][ T5718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  189.664736][ T5718] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  189.667924][ T5718] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  189.672818][ T6907] device veth0_vlan entered promiscuous mode
[  189.824621][ T6907] device veth1_vlan entered promiscuous mode
[  190.067676][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  190.079689][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  190.086558][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  191.402245][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  191.408297][ T6907] device veth0_macvtap entered promiscuous mode
[  192.123563][ T4656] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  192.128461][ T6907] device veth1_macvtap entered promiscuous mode
[  192.149305][ T6907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.152164][ T6907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.162774][ T6907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.170674][ T6907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.201455][ T6907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.225225][ T6907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.228370][ T6907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.231149][ T6907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.234462][ T6907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.240765][ T6907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.244886][ T6907] batman_adv: batadv0: Interface activated: batadv_slave_0
[  192.251889][ T6907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.258519][ T6907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.261317][ T6907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.264112][ T6907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.306925][ T6907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.311921][ T6907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.314531][ T6907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.334660][ T6907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.351100][ T6907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.353969][ T6907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.359852][ T7392] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.374502][ T7392] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.408371][ T6907] batman_adv: batadv0: Interface activated: batadv_slave_1
[  192.410584][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  192.414945][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  192.437376][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  192.440290][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  192.488830][ T7391] netlink: 4 bytes leftover after parsing attributes in process `syz.3.700'.
[  192.493654][ T6907] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.496086][ T6907] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.500018][ T2060] ieee802154 phy0 wpan0: encryption failed: -22
[  192.501830][ T2060] ieee802154 phy1 wpan1: encryption failed: -22
[  192.524790][ T6907] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.528753][ T6907] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.184787][    T9] device hsr_slave_0 left promiscuous mode
[  193.384970][    T9] device hsr_slave_1 left promiscuous mode
[  193.518774][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.522183][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.784928][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.952991][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.961055][    T9] device bridge_slave_1 left promiscuous mode
[  193.962945][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.051389][    T9] device bridge_slave_0 left promiscuous mode
[  194.053322][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.247194][    T9] device veth1_macvtap left promiscuous mode
[  194.248938][    T9] device veth0_macvtap left promiscuous mode
[  194.250738][    T9] device veth1_vlan left promiscuous mode
[  194.252475][    T9] device veth0_vlan left promiscuous mode
[  196.230749][    T9] team0 (unregistering): Port device team_slave_1 removed
[  196.420911][    T9] team0 (unregistering): Port device team_slave_0 removed
[  196.649268][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  196.879406][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  199.360514][    T9] bond0 (unregistering): Released all slaves
[  199.598102][ T7439] netlink: 4 bytes leftover after parsing attributes in process `syz.0.712'.
[  199.652210][   T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  199.654687][   T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  199.711977][ T5844] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  199.721226][ T5844] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  199.723613][ T5844] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  199.767797][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  201.206939][ T7468] tipc: Started in network mode
[  201.208459][ T7468] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[  201.210935][ T7468] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  201.806381][ T4308] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  202.076929][ T4308] usb 1-1: Using ep0 maxpacket: 32
[  202.081090][ T4308] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  202.083428][ T4308] usb 1-1: config 0 has no interface number 0
[  202.085268][ T4308] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  202.113122][ T4308] usb 1-1: config 0 interface 85 has no altsetting 0
[  202.120937][ T4308] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  202.143965][ T4308] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.156818][ T4308] usb 1-1: Product: syz
[  202.158058][ T4308] usb 1-1: Manufacturer: syz
[  202.159416][ T4308] usb 1-1: SerialNumber: syz
[  202.207384][ T4308] usb 1-1: config 0 descriptor??
[  202.219640][ T7477] netlink: 56 bytes leftover after parsing attributes in process `syz.8.595'.
[  202.458545][ T7487] loop3: detected capacity change from 0 to 1024
[  202.634022][ T4308] appletouch 1-1:0.85: Failed to read mode from device.
[  202.636385][ T4308] appletouch: probe of 1-1:0.85 failed with error -5
[  202.650552][ T4308] usb 1-1: USB disconnect, device number 6
[  202.687443][ T7487] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  202.817033][ T7505] loop7: detected capacity change from 0 to 16
[  203.771146][ T7505] erofs: (device loop7): mounted with root inode @ nid 36.
[  204.360749][ T7510] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 1: comm syz.3.723: lblock 1 mapped to illegal pblock 1 (length 15)
[  204.520501][ T7514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.727'.
[  204.544824][ T5844] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:16: lblock 1 mapped to illegal pblock 1 (length 1)
[  204.573822][ T5844] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 117
[  204.604355][ T5844] EXT4-fs (loop3): This should not happen!! Data will be lost
[  204.604355][ T5844] 
[  204.633253][ T4316] EXT4-fs (loop3): unmounting filesystem.
[  204.799561][ T7519] netlink: 4 bytes leftover after parsing attributes in process `syz.0.731'.
[  205.072053][ T7519] netlink: 12 bytes leftover after parsing attributes in process `syz.0.731'.
[  206.382279][ T7534] netlink: 56 bytes leftover after parsing attributes in process `syz.7.734'.
[  206.954573][ T7537] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.959164][ T7537] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.983666][ T7547] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.986333][ T7547] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.988907][ T7542] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.991337][ T7542] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.181054][ T7558] loop7: detected capacity change from 0 to 512
[  207.188069][ T7558] ext4: Unknown parameter 'defcontext'
[  207.824064][ T7580] overlayfs: missing 'lowerdir'
[  208.453330][ T7583] loop8: detected capacity change from 0 to 512
[  208.478911][   T27] audit: type=1326 audit(208.450:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.3.748" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8555cc28 code=0x7ffc0000
[  208.495103][   T27] audit: type=1326 audit(208.460:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.3.748" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8555cc28 code=0x7ffc0000
[  208.513543][   T27] audit: type=1326 audit(208.470:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.3.748" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8555cc28 code=0x7ffc0000
[  208.530084][ T7583] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  208.574111][   T27] audit: type=1326 audit(208.470:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.3.748" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8555cc28 code=0x7ffc0000
[  208.596321][   T27] audit: type=1326 audit(208.470:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.3.748" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8555cc28 code=0x7ffc0000
[  208.629312][   T27] audit: type=1326 audit(208.470:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.3.748" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8555cc28 code=0x7ffc0000
[  208.636042][   T27] audit: type=1326 audit(208.470:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.3.748" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8555cc28 code=0x7ffc0000
[  208.642733][   T27] audit: type=1326 audit(208.470:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.3.748" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8555cc28 code=0x7ffc0000
[  208.648867][   T27] audit: type=1326 audit(208.480:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.3.748" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8555cc28 code=0x7ffc0000
[  208.654877][   T27] audit: type=1326 audit(208.480:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.3.748" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=102 compat=0 ip=0xffff8555cc28 code=0x7ffc0000
[  208.665752][ T7585] netlink: 4 bytes leftover after parsing attributes in process `syz.2.746'.
[  208.682623][ T7583] EXT4-fs (loop8): 1 truncate cleaned up
[  208.684481][ T7583] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  210.265998][ T6907] EXT4-fs (loop8): unmounting filesystem.
[  210.268164][ T7625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.270675][ T7625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.424904][ T7630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.429653][ T7630] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.428326][ T7655] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  211.431278][ T7655] FAT-fs (loop15): unable to read boot sector
[  211.580084][ T7666] netlink: 4 bytes leftover after parsing attributes in process `syz.2.765'.
[  211.758537][ T7671] loop7: detected capacity change from 0 to 2048
[  212.173921][ T7671] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  214.626038][ T6801] EXT4-fs (loop7): unmounting filesystem.
[  214.785864][ T7699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  214.800656][ T7699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  214.994560][ T7689] loop2: detected capacity change from 0 to 40427
[  215.003613][ T7689] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff
[  215.014769][ T7689] F2FS-fs (loop2): invalid crc value
[  215.045880][ T7689] F2FS-fs (loop2): Found nat_bits in checkpoint
[  215.094188][ T7689] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  215.230431][ T7724] binder: 7723:7724 tried to acquire reference to desc 0, got 1 instead
[  215.251858][  T112] binder: release 7723:7724 transaction 12 out, still active
[  215.254340][  T112] binder: undelivered TRANSACTION_COMPLETE
[  215.337132][  T112] binder: send failed reply for transaction 12, target dead
[  215.476541][ T7737] netlink: 4 bytes leftover after parsing attributes in process `syz.8.782'.
[  216.295477][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  216.295502][   T27] audit: type=1326 audit(216.210:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.7.789" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa035cc28 code=0x7ffc0000
[  216.303739][   T27] audit: type=1326 audit(216.210:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.7.789" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa035cc28 code=0x7ffc0000
[  216.310448][   T27] audit: type=1326 audit(216.210:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.7.789" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa035cc28 code=0x7ffc0000
[  216.316416][   T27] audit: type=1326 audit(216.210:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.7.789" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa035cc28 code=0x7ffc0000
[  216.322654][   T27] audit: type=1326 audit(216.210:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.7.789" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa035cc28 code=0x7ffc0000
[  216.329015][   T27] audit: type=1326 audit(216.210:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.7.789" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa035cc28 code=0x7ffc0000
[  216.335128][   T27] audit: type=1326 audit(216.210:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.7.789" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa035cc28 code=0x7ffc0000
[  216.341109][   T27] audit: type=1326 audit(216.210:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.7.789" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=210 compat=0 ip=0xffffa035cc28 code=0x7ffc0000
[  216.358908][   T27] audit: type=1326 audit(216.210:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.7.789" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa035cc28 code=0x7ffc0000
[  216.836846][ T4423] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  217.009457][ T7786] netlink: 4 bytes leftover after parsing attributes in process `syz.8.798'.
[  217.129734][ T4423] usb 1-1: Using ep0 maxpacket: 32
[  217.343325][ T4423] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  217.346155][ T4423] usb 1-1: config 0 has no interface number 0
[  217.378477][ T4423] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  217.452480][ T4423] usb 1-1: config 0 interface 85 has no altsetting 0
[  217.843978][ T4423] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  217.848046][ T4423] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.857009][ T4423] usb 1-1: Product: syz
[  217.858201][ T4423] usb 1-1: Manufacturer: syz
[  217.859431][ T4423] usb 1-1: SerialNumber: syz
[  217.868263][ T4423] usb 1-1: config 0 descriptor??
[  218.075270][ T4423] appletouch 1-1:0.85: Failed to read mode from device.
[  218.078171][ T4423] appletouch: probe of 1-1:0.85 failed with error -5
[  218.089887][ T4423] usb 1-1: USB disconnect, device number 7
[  218.421527][ T7819] loop7: detected capacity change from 0 to 8192
[  219.103096][ T7846] netlink: 4 bytes leftover after parsing attributes in process `syz.8.812'.
[  220.570146][ T7875] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  220.573204][ T7875] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  221.297463][  T112] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  221.566786][  T112] usb 1-1: Using ep0 maxpacket: 32
[  221.570032][  T112] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  221.572273][  T112] usb 1-1: config 0 has no interface number 0
[  221.573963][  T112] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  221.586780][  T112] usb 1-1: config 0 interface 85 has no altsetting 0
[  221.590822][  T112] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  221.593261][  T112] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.595581][  T112] usb 1-1: Product: syz
[  221.599498][  T112] usb 1-1: Manufacturer: syz
[  221.600749][  T112] usb 1-1: SerialNumber: syz
[  221.847351][ T7890] loop8: detected capacity change from 0 to 16
[  221.944095][ T7890] erofs: (device loop8): erofs_read_superblock: blkszbits 0 isn't supported
[  222.727125][  T112] usb 1-1: config 0 descriptor??
[  224.323772][  T112] appletouch 1-1:0.85: Failed to read mode from device.
[  224.326650][  T112] appletouch: probe of 1-1:0.85 failed with error -5
[  224.351197][  T112] usb 1-1: USB disconnect, device number 8
[  224.398430][ T7900] netlink: 4 bytes leftover after parsing attributes in process `syz.8.825'.
[  226.315225][ T7949] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  226.319403][ T7949] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  227.911149][ T7964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.839'.
[  228.496843][ T4484] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  228.686795][ T4484] usb 1-1: Using ep0 maxpacket: 32
[  228.694440][ T4484] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  228.697332][ T4484] usb 1-1: config 0 has no interface number 0
[  228.701337][ T4484] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  228.711780][ T4484] usb 1-1: config 0 interface 85 has no altsetting 0
[  228.719916][ T4484] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  228.729254][ T4484] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.744589][ T4484] usb 1-1: Product: syz
[  228.751565][ T4484] usb 1-1: Manufacturer: syz
[  228.756329][ T4484] usb 1-1: SerialNumber: syz
[  228.771475][ T4484] usb 1-1: config 0 descriptor??
[  228.980961][ T4484] appletouch 1-1:0.85: Failed to read mode from device.
[  228.983099][ T4484] appletouch: probe of 1-1:0.85 failed with error -5
[  229.007149][ T4484] usb 1-1: USB disconnect, device number 9
[  229.328002][ T8003] netlink: 4 bytes leftover after parsing attributes in process `syz.3.851'.
[  229.535650][ T7991] loop7: detected capacity change from 0 to 40427
[  229.570961][ T7991] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  229.582834][ T7991] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  229.589705][ T7991] F2FS-fs (loop7): invalid crc value
[  229.613978][ T7991] F2FS-fs (loop7): Found nat_bits in checkpoint
[  229.664992][ T7991] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  229.678855][ T7991] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  229.718180][ T8014] device veth1_macvtap left promiscuous mode
[  229.727101][ T8014] device macsec0 entered promiscuous mode
[  231.370928][ T8042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.373621][ T8042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.452413][ T8050] binder: 8049:8050 tried to acquire reference to desc 0, got 1 instead
[  231.455450][ T8050] binder: 8049:8050 got transaction with invalid data ptr
[  231.468495][ T8050] binder: 8049:8050 transaction call to 8049:0 failed 18/29201/-14, size 0-4088 line 3342
[  231.472049][  T112] binder: undelivered TRANSACTION_COMPLETE
[  231.473709][  T112] binder: undelivered TRANSACTION_ERROR: 29201
[  231.522472][  T112] binder: undelivered transaction 17, process died.
[  232.013506][ T8072] netlink: 68 bytes leftover after parsing attributes in process `syz.2.873'.
[  233.962858][ T8099] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  233.965440][ T8099] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.134453][ T8086] loop7: detected capacity change from 0 to 40427
[  234.137845][ T4485] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  234.147324][ T8086] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  234.149613][ T8086] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  234.154141][ T8086] F2FS-fs (loop7): invalid crc value
[  234.235467][ T8086] F2FS-fs (loop7): Found nat_bits in checkpoint
[  234.255961][ T8086] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  234.271607][ T8086] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  234.329455][ T4485] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  234.333588][ T4485] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  234.341141][ T4485] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  234.346002][ T4485] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.351831][ T4485] usb 1-1: Product: syz
[  234.353209][ T4485] usb 1-1: Manufacturer: syz
[  234.354673][ T4485] usb 1-1: SerialNumber: syz
[  234.566254][ T4485] usb 1-1: 0:2 : does not exist
[  234.573714][ T4485] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  234.625101][ T4485] usb 1-1: USB disconnect, device number 10
[  234.860695][ T7527] udevd[7527]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  235.566961][ T4485] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  235.746954][ T4485] usb 1-1: Using ep0 maxpacket: 32
[  235.761478][ T4485] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  235.763934][ T4485] usb 1-1: config 0 has no interface number 0
[  235.765765][ T4485] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  235.771127][ T4485] usb 1-1: config 0 interface 85 has no altsetting 0
[  235.774907][ T4485] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  235.777826][ T4485] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.780313][ T4485] usb 1-1: Product: syz
[  235.781619][ T4485] usb 1-1: Manufacturer: syz
[  235.783126][ T4485] usb 1-1: SerialNumber: syz
[  235.787384][ T4485] usb 1-1: config 0 descriptor??
[  236.198387][ T4485] appletouch 1-1:0.85: Failed to read mode from device.
[  236.201366][ T4485] appletouch: probe of 1-1:0.85 failed with error -5
[  236.207190][ T4485] usb 1-1: USB disconnect, device number 11
[  244.815842][ T8152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.822538][ T8152] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.872876][ T8197] binder: 8196:8197 tried to acquire reference to desc 0, got 1 instead
[  248.888319][ T8197] binder: 8196:8197 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  248.901134][ T8197] binder: 8197 RLIMIT_NICE not set
[  248.921849][ T8197] binder: 8197 RLIMIT_NICE not set
[  248.985318][  T112] binder: release 8196:8197 transaction 23 out, still active
[  248.987825][  T112] binder: undelivered TRANSACTION_COMPLETE
[  248.990730][  T112] binder: send failed reply for transaction 30 to 8196:8197
[  248.994488][  T112] binder: release 8196:8197 transaction 23 in, still active
[  249.009720][  T112] binder: send failed reply for transaction 23, target dead
[  249.019264][  T112] binder: undelivered TRANSACTION_COMPLETE
[  249.025355][  T112] binder: undelivered TRANSACTION_ERROR: 29189
[  253.397839][ T8260] netlink: 16 bytes leftover after parsing attributes in process `syz.3.925'.
[  253.958090][ T2060] ieee802154 phy0 wpan0: encryption failed: -22
[  253.960536][ T2060] ieee802154 phy1 wpan1: encryption failed: -22
[  254.198688][ T8258] loop2: detected capacity change from 0 to 1024
[  254.288081][ T8258] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  254.497818][ T4307] EXT4-fs (loop2): unmounting filesystem.
[  254.587038][ T8278] fuse: Bad value for 'group_id'
[  256.011553][   T11] Bluetooth: hci5: Frame reassembly failed (-84)
[  256.893306][ T8300] bridge0: port 3(ip6gretap1) entered blocking state
[  256.895350][ T8300] bridge0: port 3(ip6gretap1) entered disabled state
[  256.898763][ T8300] device ip6gretap1 entered promiscuous mode
[  256.900762][ T8300] bridge0: port 3(ip6gretap1) entered blocking state
[  256.902710][ T8300] bridge0: port 3(ip6gretap1) entered forwarding state
[  257.170721][ T8310] overlayfs: missing 'lowerdir'
[  257.951956][ T4318] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  258.263469][ T8328] fuse: Bad value for 'group_id'
[  258.433529][ T8339] vlan0: mtu less than device minimum
[  258.681403][   T27] audit: type=1326 audit(258.650:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.8.950" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  259.062710][ T8349] loop3: detected capacity change from 0 to 512
[  259.458646][   T27] audit: type=1326 audit(258.710:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.8.950" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  259.509674][ T8349] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c01c, mo2=0002]
[  259.512537][ T8349] System zones: 1-3, 19-19, 35-38
[  259.616246][ T8349] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  260.386185][   T27] audit: type=1326 audit(260.350:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.8.950" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=134 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  260.394003][   T27] audit: type=1326 audit(260.360:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.8.950" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  260.644069][   T27] audit: type=1326 audit(260.360:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.8.950" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  261.529621][ T8358] loop7: detected capacity change from 0 to 40427
[  261.582913][ T8358] F2FS-fs (loop7): Invalid SB checksum offset: 0
[  261.584927][ T8358] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock
[  261.607823][ T8358] F2FS-fs (loop7): invalid crc value
[  261.790116][   T27] audit: type=1326 audit(260.370:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.8.950" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  262.050294][ T8358] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  262.242386][   T27] audit: type=1326 audit(260.370:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.8.950" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  262.298399][ T8358] F2FS-fs (loop7): Try to recover 2th superblock, ret: 0
[  262.300585][ T8358] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  262.408605][ T4316] EXT4-fs (loop3): unmounting filesystem.
[  262.750259][   T27] audit: type=1326 audit(260.370:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.8.950" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  263.307307][   T27] audit: type=1326 audit(260.370:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.8.950" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  263.376877][   T27] audit: type=1326 audit(260.400:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.8.950" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  263.752984][ T8394] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.754272][ T8383] loop0: detected capacity change from 0 to 256
[  263.755554][ T8394] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.788528][ T8383] exfat: Unknown parameter '00000000000000000625ÝÛYO†ÐRÝÓ¬Na™‡G©Ž@‡C;Ídvqà$ó8Lõ‘`Ž
!'
[  264.790741][ T8403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.961'.
[  264.793367][ T8403] netlink: 4 bytes leftover after parsing attributes in process `syz.2.961'.
[  266.841380][ T8437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.860040][ T8437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.229202][ T8440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.235793][ T8440] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.990865][ T8459] loop0: detected capacity change from 0 to 8192
[  270.301612][ T8495] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  270.304945][ T8495] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  271.875421][ T8539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  271.907592][ T8539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.490822][ T8581] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  274.465432][ T8581] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  274.752692][ T8601] loop8: detected capacity change from 0 to 512
[  274.769051][ T8601] EXT4-fs: Ignoring removed bh option
[  274.775127][ T8601] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  274.809428][ T8605] loop2: detected capacity change from 0 to 128
[  274.859382][ T8601] EXT4-fs (loop8): 1 truncate cleaned up
[  274.861130][ T8601] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  274.864141][ T8605] EXT4-fs: Ignoring removed nobh option
[  274.915120][ T8605] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  274.975126][ T8601] EXT4-fs (loop8): shut down requested (2)
[  275.808592][ T4307] EXT4-fs (loop2): unmounting filesystem.
[  275.857383][ T6907] EXT4-fs (loop8): unmounting filesystem.
[  276.087642][ T8629] loop0: detected capacity change from 0 to 8192
[  277.152332][ T8648] tmpfs: Bad value for 'huge'
[  278.923145][ T8685] loop3: detected capacity change from 0 to 256
[  281.295923][ T8722] loop8: detected capacity change from 0 to 512
[  281.307409][ T8726] loop7: detected capacity change from 0 to 256
[  281.328320][ T8722] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  281.342883][ T8726] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  281.352906][ T8726] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  281.402961][ T8722] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  281.590414][ T8726] exFAT-fs (loop7): failed to load upcase table (idx : 0x0001031b, chksum : 0xd41f077c, utbl_chksum : 0xe619d30d)
[  281.626872][ T4318] Bluetooth: hci1: command 0x0406 tx timeout
[  282.503553][ T6907] EXT4-fs (loop8): unmounting filesystem.
[  282.862540][ T8763] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  282.866949][ T8763] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  284.413800][ T8765] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  284.493338][ T8765] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  286.650507][ T8782] serio: Serial port ptm0
[  286.733746][ T8792] loop2: detected capacity change from 0 to 1024
[  286.742903][ T8792] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  286.792448][ T4307] EXT4-fs (loop2): unmounting filesystem.
[  286.811935][ T4318] Bluetooth: hci4: command 0x0406 tx timeout
[  287.698009][ T8801] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  287.727127][ T8801] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  288.113435][ T8790] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1059'.
[  288.122678][ T8790] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1059'.
[  288.131818][ T8790] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1059'.
[  288.526229][ T8831] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  288.541956][ T8831] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.632543][ T8846] xt_bpf: check failed: parse error
[  291.684258][ T8871] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1078'.
[  292.314612][ T8884] loop8: detected capacity change from 0 to 16
[  293.016646][ T8884] erofs: (device loop8): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832
[  296.709378][ T8887] loop3: detected capacity change from 0 to 512
[  296.839356][ T8887] __quota_error: 47 callbacks suppressed
[  296.839373][ T8887] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  296.871002][ T8887] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  296.873981][ T8887] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1082: Failed to acquire dquot type 1
[  296.983034][ T8887] EXT4-fs (loop3): 1 truncate cleaned up
[  296.994984][ T8887] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  298.127578][ T8932] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1092'.
[  298.548234][ T4316] EXT4-fs (loop3): unmounting filesystem.
[  298.626100][ T8945] loop8: detected capacity change from 0 to 512
[  298.640358][ T8945] EXT4-fs: Ignoring removed bh option
[  298.712577][ T8945] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  298.809682][ T8945] EXT4-fs (loop8): 1 truncate cleaned up
[  298.811447][ T8945] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  298.844483][ T8945] EXT4-fs (loop8): shut down requested (2)
[  299.746086][ T6907] EXT4-fs (loop8): unmounting filesystem.
[  301.382354][ T8984] binder: 8983:8984 tried to acquire reference to desc 0, got 1 instead
[  301.400951][ T8984] binder: 8983:8984 got reply transaction with bad transaction stack, transaction 35 has target 8983:0
[  301.407159][ T8984] binder: 8983:8984 transaction reply to 0:0 failed 42/29201/-71, size 0-0 line 2970
[  301.413615][  T112] binder: release 8983:8984 transaction 35 out, still active
[  301.415706][  T112] binder: undelivered TRANSACTION_COMPLETE
[  301.419965][ T8985] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1105'.
[  301.422479][ T8985] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  301.424692][ T8985] batman_adv: batadv0: Removing interface: batadv_slave_0
[  301.427169][  T112] binder: undelivered TRANSACTION_ERROR: 29201
[  301.435605][ T8986] netlink: 'syz.2.1103': attribute type 11 has an invalid length.
[  301.444984][ T8986] netlink: 'syz.2.1103': attribute type 8 has an invalid length.
[  301.455128][ T8985] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  301.470775][  T112] binder: send failed reply for transaction 35, target dead
[  301.475606][ T8985] batman_adv: batadv0: Removing interface: batadv_slave_1
[  301.542260][ T8989] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1107'.
[  301.733166][ T8997] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1110'.
[  303.351319][ T9037] overlayfs: failed to resolve './file1': -2
[  303.393363][ T9037] overlayfs: failed to resolve './file1': -2
[  304.482416][ T9057] netlink: set zone limit has 8 unknown bytes
[  305.201118][   T27] audit: type=1326 audit(305.170:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9059 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  305.230055][   T27] audit: type=1326 audit(305.200:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9059 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  305.246801][   T27] audit: type=1326 audit(305.210:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9059 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=97 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  305.253057][   T27] audit: type=1326 audit(305.210:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9059 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  305.316532][   T27] audit: type=1326 audit(305.210:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9059 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  305.343374][   T27] audit: type=1326 audit(305.210:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9059 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  305.361345][   T27] audit: type=1326 audit(305.210:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9059 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  305.372436][ T9067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  305.397230][ T9067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  305.402778][   T27] audit: type=1326 audit(305.210:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9059 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  305.445480][   T27] audit: type=1326 audit(305.210:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9059 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  305.445528][   T27] audit: type=1326 audit(305.210:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9059 comm="syz.0.1123" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35cc28 code=0x7ffc0000
[  307.284252][ T9093] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  307.286994][ T9093] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  307.434941][ T9096] overlayfs: failed to resolve './file1': -2
[  307.477164][ T9096] overlayfs: failed to resolve './file1': -2
[  308.202709][ T9104] futex_wake_op: syz.8.1133 tries to shift op by -1; fix this program
[  311.469954][ T9128] loop8: detected capacity change from 0 to 512
[  311.482169][ T9128] EXT4-fs: Ignoring removed bh option
[  311.506357][ T9128] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  311.553063][ T9128] EXT4-fs (loop8): 1 truncate cleaned up
[  311.554762][ T9128] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  311.688725][ T6907] EXT4-fs (loop8): unmounting filesystem.
[  315.390897][ T2060] ieee802154 phy0 wpan0: encryption failed: -22
[  315.392973][ T2060] ieee802154 phy1 wpan1: encryption failed: -22
[  316.098461][ T9163] loop6: detected capacity change from 0 to 7
[  316.125652][ T8165] Dev loop6: unable to read RDB block 7
[  316.131192][ T8165]  loop6: AHDI p1 p2 p3 p4
[  316.134555][ T8165] loop6: partition table partially beyond EOD, truncated
[  316.149106][ T8165] loop6: p1 start 2401632844 is beyond EOD, truncated
[  316.150943][ T8165] loop6: p2 size 47 extends beyond EOD, truncated
[  316.178292][ T8165] loop6: p3 start 1886353253 is beyond EOD, truncated
[  316.196615][ T9163] Dev loop6: unable to read RDB block 7
[  316.206933][ T9163]  loop6: AHDI p1 p2 p3 p4
[  316.208290][ T9163] loop6: partition table partially beyond EOD, truncated
[  316.227050][ T9163] loop6: p1 start 2401632844 is beyond EOD, truncated
[  316.250933][ T9163] loop6: p2 size 47 extends beyond EOD, truncated
[  316.313404][ T9163] loop6: p3 start 1886353253 is beyond EOD, truncated
[  316.365986][ T8165] udevd[8165]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  316.433597][ T8165] udevd[8165]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  317.903406][ T9184] binder: 9183:9184 tried to acquire reference to desc 0, got 1 instead
[  317.929684][ T9184] binder: 9183:9184 got transaction with invalid data ptr
[  317.931736][ T9184] binder: 9183:9184 transaction call to 9183:0 failed 48/29201/-14, size 0-4088 line 3342
[  317.937425][ T4485] binder: undelivered TRANSACTION_COMPLETE
[  317.939080][ T4485] binder: undelivered TRANSACTION_ERROR: 29201
[  317.984508][ T4485] binder: undelivered transaction 47, process died.
[  321.500081][ T9194] vxfs: WRONG superblock magic 00000000 at 1
[  321.502436][ T9194] vxfs: WRONG superblock magic 00000000 at 8
[  321.504055][ T9194] vxfs: can't find superblock.
[  321.565515][ T9210] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1164'.
[  322.765275][ T9229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  322.785712][ T9229] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  325.497184][ T9254] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  325.501187][ T9254] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  325.554484][ T9256] tipc: Started in network mode
[  325.555944][ T9256] tipc: Node identity 080211000001, cluster identity 4711
[  325.566364][ T9256] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  325.590707][ T9256] device syzkaller0 entered promiscuous mode
[  326.614099][ T4366] tipc: Node number set to 134418688
[  326.725528][ T9257] tipc: Resetting bearer <eth:syzkaller0>
[  326.742742][ T9266] tipc: Started in network mode
[  326.744232][ T9266] tipc: Node identity 080211000001, cluster identity 4711
[  326.746405][ T9266] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  326.759054][ T9266] device syzkaller0 entered promiscuous mode
[  326.764523][ T9268] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1178'.
[  328.666901][ T4491] tipc: Node number set to 134418688
[  329.869374][   T27] kauditd_printk_skb: 94 callbacks suppressed
[  329.869388][   T27] audit: type=1326 audit(329.830:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9285 comm="syz.8.1183" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  329.890982][   T27] audit: type=1326 audit(329.830:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9285 comm="syz.8.1183" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  329.907198][   T27] audit: type=1326 audit(329.840:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9285 comm="syz.8.1183" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=97 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  329.919710][   T27] audit: type=1326 audit(329.850:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9285 comm="syz.8.1183" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  329.933376][   T27] audit: type=1326 audit(329.850:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9285 comm="syz.8.1183" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  329.945680][   T27] audit: type=1326 audit(329.850:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9285 comm="syz.8.1183" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  329.956643][   T27] audit: type=1326 audit(329.850:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9285 comm="syz.8.1183" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  330.009869][ T9297] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  330.012629][ T9297] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  330.147854][   T27] audit: type=1326 audit(329.870:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9285 comm="syz.8.1183" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  330.168107][   T27] audit: type=1326 audit(329.890:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9285 comm="syz.8.1183" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  331.002632][   T27] audit: type=1326 audit(329.890:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9285 comm="syz.8.1183" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=293 compat=0 ip=0xffffbb35cc28 code=0x7ffc0000
[  352.146681][    C0] watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [ksoftirqd/0:15]
[  352.148942][    C0] Modules linked in:
[  352.150007][    C0] irq event stamp: 1803981
[  352.151181][    C0] hardirqs last  enabled at (1803980): [<ffff8000083b9468>] timekeeping_get_ns+0x124/0x3b8
[  352.153924][    C0] hardirqs last disabled at (1803981): [<ffff8000119456c8>] el1_interrupt+0x24/0x54
[  352.156545][    C0] softirqs last  enabled at (1382860): [<ffff8000081a9670>] handle_softirqs+0xaf8/0xc6c
[  352.159203][    C0] softirqs last disabled at (1382865): [<ffff8000081abf10>] run_ksoftirqd+0x7c/0x2a0
[  352.161867][    C0] CPU: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 6.1.147-syzkaller #0
[  352.164093][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  352.166811][    C0] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  352.169012][    C0] pc : cake_heapify+0x16c/0x530
[  352.170331][    C0] lr : cake_heapify+0x108/0x530
[  352.171678][    C0] sp : ffff80001c8b6e90
[  352.172783][    C0] x29: ffff80001c8b6ea0 x28: 1fffe0001ba8085b x27: 00000000000198d0
[  352.174946][    C0] x26: 00000000000005fc x25: ffff0000fcd93f0c x24: 00000000000002fe
[  352.177119][    C0] x23: dfff800000000000 x22: 00000000000005fd x21: 0000000000000000
[  352.179325][    C0] x20: ffff0000dd4002d0 x19: 00000000000002fe x18: 000000005be5cb2b
[  352.181439][    C0] x17: 0000000000000000 x16: ffff8000082d2374 x15: 0000000000000000
[  352.183603][    C0] x14: 0000000000000004 x13: 1ffff00002a160b1 x12: 0000000000ff0100
[  352.185786][    C0] x11: ff0080000ffb9940 x10: 0000000000000000 x9 : 00000000000000bf
[  352.188007][    C0] x8 : ffff0000fcd7ff0c x7 : ffff8000083b9874 x6 : 0000000000000000
[  352.190132][    C0] x5 : 0000000000000080 x4 : 0000000000000001 x3 : 0000000000000000
[  352.192314][    C0] x2 : 0000000000000002 x1 : 00000000000002fe x0 : 0000000000001000
[  352.194410][    C0] Call trace:
[  352.195263][    C0]  cake_heapify+0x16c/0x530
[  352.196518][    C0]  cake_enqueue+0x333c/0x6880
[  352.197765][    C0]  sfb_enqueue+0x794/0x1294
[  352.199010][    C0]  dev_qdisc_enqueue+0x5c/0x38c
[  352.200329][    C0]  __dev_queue_xmit+0xad0/0x309c
[  352.201660][    C0]  tipc_l2_send_msg+0x29c/0x35c
[  352.202930][    C0]  tipc_bearer_xmit_skb+0x244/0x384
[  352.204304][    C0]  tipc_disc_timeout+0x4c8/0x608
[  352.205638][    C0]  call_timer_fn+0x1b8/0x964
[  352.206829][    C0]  __run_timers+0x460/0x6bc
[  352.208022][    C0]  run_timer_softirq+0x7c/0x114
[  352.209341][    C0]  handle_softirqs+0x318/0xc6c
[  352.210597][    C0]  run_ksoftirqd+0x7c/0x2a0
[  352.211866][    C0]  smpboot_thread_fn+0x4b0/0x964
[  352.213173][    C0]  kthread+0x250/0x2d8
[  352.214255][    C0]  ret_from_fork+0x10/0x20
[  352.215468][    C0] Kernel panic - not syncing: softlockup: hung tasks
[  352.217272][    C0] CPU: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G             L     6.1.147-syzkaller #0
[  352.219775][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  352.222438][    C0] Call trace:
[  352.223295][    C0]  dump_backtrace+0x1c8/0x1f4
[  352.224522][    C0]  show_stack+0x2c/0x3c
[  352.225633][    C0]  __dump_stack+0x30/0x40
[  352.226818][    C0]  dump_stack_lvl+0xf8/0x160
[  352.228054][    C0]  dump_stack+0x1c/0x5c
[  352.229151][    C0]  panic+0x2e0/0x79c
[  352.230165][    C0]  softlockup_fn+0x0/0x120
[  352.231352][    C0]  __hrtimer_run_queues+0x420/0xc64
[  352.232745][    C0]  hrtimer_interrupt+0x2bc/0xb5c
[  352.234073][    C0]  arch_timer_handler_virt+0x74/0x88
[  352.235452][    C0]  handle_percpu_devid_irq+0x174/0x34c
[  352.236963][    C0]  generic_handle_domain_irq+0xe0/0x140
[  352.238498][    C0]  gic_handle_irq+0x70/0x1e4
[  352.239706][    C0]  call_on_irq_stack+0x24/0x30
[  352.240999][    C0]  do_interrupt_handler+0xd4/0x138
[  352.242373][    C0]  el1_interrupt+0x34/0x54
[  352.243653][    C0]  el1h_64_irq_handler+0x18/0x24
[  352.244950][    C0]  el1h_64_irq+0x64/0x68
[  352.246140][    C0]  cake_heapify+0x16c/0x530
[  352.247340][    C0]  cake_enqueue+0x333c/0x6880
[  352.248616][    C0]  sfb_enqueue+0x794/0x1294
[  352.249789][    C0]  dev_qdisc_enqueue+0x5c/0x38c
[  352.251117][    C0]  __dev_queue_xmit+0xad0/0x309c
[  352.252448][    C0]  tipc_l2_send_msg+0x29c/0x35c
[  352.253751][    C0]  tipc_bearer_xmit_skb+0x244/0x384
[  352.255213][    C0]  tipc_disc_timeout+0x4c8/0x608
[  352.256524][    C0]  call_timer_fn+0x1b8/0x964
[  352.257802][    C0]  __run_timers+0x460/0x6bc
[  352.259049][    C0]  run_timer_softirq+0x7c/0x114
[  352.260356][    C0]  handle_softirqs+0x318/0xc6c
[  352.261667][    C0]  run_ksoftirqd+0x7c/0x2a0
[  352.262851][    C0]  smpboot_thread_fn+0x4b0/0x964
[  352.264143][    C0]  kthread+0x250/0x2d8
[  352.265206][    C0]  ret_from_fork+0x10/0x20
[  352.266440][    C0] SMP: stopping secondary CPUs
[  352.267697][    C0] Kernel Offset: disabled
[  352.268845][    C0] CPU features: 0x080000,02070084,26017203
[  352.270370][    C0] Memory Limit: none
[  352.300107][    C0] 
[  352.300766][    C0] ================================
[  352.302151][    C0] WARNING: inconsistent lock state
[  352.303601][    C0] 6.1.147-syzkaller #0 Tainted: G             L    
[  352.305356][    C0] --------------------------------
[  352.306750][    C0] inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage.
[  352.308545][    C0] ksoftirqd/0/15 [HC1[1]:SC1[3]:HE0:SE0] takes:
[  352.310186][    C0] ffff8000150f13d8 (efi_rt_lock){?...}-{2:2}, at: virt_efi_set_variable_nonblocking+0x74/0x16c
[  352.312977][    C0] {HARDIRQ-ON-W} state was registered at:
[  352.314497][    C0]   lock_acquire+0x20c/0x644
[  352.315719][    C0]   _raw_spin_lock+0x54/0x6c
[  352.316943][    C0]   efi_call_rts+0x260/0x9f4
[  352.318151][    C0]   process_one_work+0x7f4/0x13a8
[  352.319491][    C0]   worker_thread+0x8c8/0xfbc
[  352.320771][    C0]   kthread+0x250/0x2d8
[  352.321877][    C0]   ret_from_fork+0x10/0x20
[  352.323039][    C0] irq event stamp: 1803981
[  352.324199][    C0] hardirqs last  enabled at (1803980): [<ffff8000083b9468>] timekeeping_get_ns+0x124/0x3b8
[  352.326867][    C0] hardirqs last disabled at (1803981): [<ffff8000119456c8>] el1_interrupt+0x24/0x54
[  352.329413][    C0] softirqs last  enabled at (1382860): [<ffff8000081a9670>] handle_softirqs+0xaf8/0xc6c
[  352.332148][    C0] softirqs last disabled at (1382865): [<ffff8000081abf10>] run_ksoftirqd+0x7c/0x2a0
[  352.334665][    C0] 
[  352.334665][    C0] other info that might help us debug this:
[  352.336846][    C0]  Possible unsafe locking scenario:
[  352.336846][    C0] 
[  352.338852][    C0]        CPU0
[  352.339734][    C0]        ----
[  352.340595][    C0]   lock(efi_rt_lock);
[  352.341657][    C0]   <Interrupt>
[  352.342553][    C0]     lock(efi_rt_lock);
[  352.343699][    C0] 
[  352.343699][    C0]  *** DEADLOCK ***
[  352.343699][    C0] 
[  352.345930][    C0] 6 locks held by ksoftirqd/0/15:
[  352.347264][    C0]  #0: ffff80001c8b7a00 ((&d->timer)){+.-.}-{0:0}, at: call_timer_fn+0xd0/0x964
[  352.349728][    C0]  #1: ffff800015286e00 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c
[  352.352339][    C0]  #2: ffff800015286e60 (rcu_read_lock_bh){....}-{1:2}, at: rcu_lock_acquire+0x18/0x54
[  352.355065][    C0]  #3: ffff0000d0a04108 (&sch->root_lock_key#220){+.-.}-{2:2}, at: __dev_queue_xmit+0x974/0x309c
[  352.358008][    C0]  #4: ffff800015286e00 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c
[  352.360583][    C0]  #5: ffff8000171528a8 (&psinfo->buf_lock){....}-{2:2}, at: pstore_dump+0x180/0x728
[  352.363217][    C0] 
[  352.363217][    C0] stack backtrace:
[  352.364836][    C0] CPU: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G             L     6.1.147-syzkaller #0
[  352.367477][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  352.370309][    C0] Call trace:
[  352.371137][    C0]  dump_backtrace+0x1c8/0x1f4
[  352.372436][    C0]  show_stack+0x2c/0x3c
[  352.373600][    C0]  __dump_stack+0x30/0x40
[  352.374771][    C0]  dump_stack_lvl+0xf8/0x160
[  352.376075][    C0]  dump_stack+0x1c/0x5c
[  352.377203][    C0]  print_usage_bug+0x4c0/0x6d8
[  352.378508][    C0]  mark_lock_irq+0x788/0x9e4
[  352.379810][    C0]  mark_lock+0x224/0x320
[  352.380936][    C0]  __lock_acquire+0xd2c/0x6544
[  352.382249][    C0]  lock_acquire+0x20c/0x644
[  352.383485][    C0]  _raw_spin_lock+0x54/0x6c
[  352.384726][    C0]  virt_efi_set_variable_nonblocking+0x74/0x16c
[  352.386481][    C0]  efivar_set_variable_locked+0x1d0/0x204
[  352.388115][    C0]  efi_pstore_write+0x26c/0x358
[  352.389454][    C0]  pstore_dump+0x504/0x728
[  352.390650][    C0]  kmsg_dump+0x170/0x260
[  352.391818][    C0]  panic+0x36c/0x79c
[  352.392939][    C0]  softlockup_fn+0x0/0x120
[  352.394152][    C0]  __hrtimer_run_queues+0x420/0xc64
[  352.395632][    C0]  hrtimer_interrupt+0x2bc/0xb5c
[  352.397016][    C0]  arch_timer_handler_virt+0x74/0x88
[  352.398439][    C0]  handle_percpu_devid_irq+0x174/0x34c
[  352.399975][    C0]  generic_handle_domain_irq+0xe0/0x140
[  352.401565][    C0]  gic_handle_irq+0x70/0x1e4
[  352.402828][    C0]  call_on_irq_stack+0x24/0x30
[  352.404170][    C0]  do_interrupt_handler+0xd4/0x138
[  352.405649][    C0]  el1_interrupt+0x34/0x54
[  352.406802][    C0]  el1h_64_irq_handler+0x18/0x24
[  352.408115][    C0]  el1h_64_irq+0x64/0x68
[  352.409304][    C0]  cake_heapify+0x16c/0x530
[  352.410566][    C0]  cake_enqueue+0x333c/0x6880
[  352.411838][    C0]  sfb_enqueue+0x794/0x1294
[  352.413073][    C0]  dev_qdisc_enqueue+0x5c/0x38c
[  352.414449][    C0]  __dev_queue_xmit+0xad0/0x309c
[  352.415774][    C0]  tipc_l2_send_msg+0x29c/0x35c
[  352.417059][    C0]  tipc_bearer_xmit_skb+0x244/0x384
[  352.418496][    C0]  tipc_disc_timeout+0x4c8/0x608
[  352.419937][    C0]  call_timer_fn+0x1b8/0x964
[  352.421269][    C0]  __run_timers+0x460/0x6bc
[  352.422553][    C0]  run_timer_softirq+0x7c/0x114
[  352.423936][    C0]  handle_softirqs+0x318/0xc6c
[  352.425265][    C0]  run_ksoftirqd+0x7c/0x2a0
[  352.426536][    C0]  smpboot_thread_fn+0x4b0/0x964
[  352.427960][    C0]  kthread+0x250/0x2d8
[  352.429108][    C0]  ret_from_fork+0x10/0x20
[  352.934841][    C0] Rebooting in 86400 seconds..