last executing test programs:

6.865132338s ago: executing program 0 (id=1926):
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket(0x10, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40bc5311, &(0x7f00000003c0))
syz_open_dev$radio(&(0x7f0000000240), 0x0, 0x2)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000000)={0x0, "f3c492eb0165203d36bec7080089b42c000004002231a110000000005900", <r4=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000100)={"9fcaa0504b38d5004b9277c079417ff857dc9b7ac770169aed764b4d2ada8bde", r4})
r5 = dup(0xffffffffffffffff)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x9b, {"a2e3ad09ed0d09f91a5e070987f70e06d038e7ff7fc6e5539b0d3e0e0f089b3f363063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b39070d075d090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffebd}}, 0x1006)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000280)={<r6=>0x0, 0x4}, &(0x7f0000000340)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f0000000380)=ANY=[@ANYRES32=r6, @ANYBLOB], 0xa)
dup(0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000340))

5.665067793s ago: executing program 0 (id=1931):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
write$cgroup_subtree(r1, 0x0, 0x280)

5.171285379s ago: executing program 3 (id=1932):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000300)={0x0, 0x0})

5.045214074s ago: executing program 0 (id=1934):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x82561000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
setsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)="971a", 0x2)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f00000002c0), 0x0)
ioctl$TIOCSSOFTCAR(r3, 0x5453, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
timer_delete(0x0)
ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, &(0x7f00000000c0)={0x9})

4.977327454s ago: executing program 3 (id=1936):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000280))
setuid(0x0)
syz_clone3(&(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

4.800912861s ago: executing program 4 (id=1938):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$inet(0x2, 0x6, 0x0)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000000c0)='bridge_slave_1\x00', 0x10)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)

4.662709991s ago: executing program 3 (id=1940):
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@loopback, 0x0, 0x4, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x6c}, 0x0, @in6=@empty}}, 0xe8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)

4.541117015s ago: executing program 1 (id=1941):
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket(0x10, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40bc5311, &(0x7f00000003c0))
syz_open_dev$radio(&(0x7f0000000240), 0x0, 0x2)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000000)={0x0, "f3c492eb0165203d36bec7080089b42c000004002231a110000000005900", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r5, 0xc0303e03, &(0x7f0000000100)={"9fcaa0504b38d5004b9277c079417ff857dc9b7ac770169aed764b4d2ada8bde", r5})
r6 = dup(0xffffffffffffffff)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x9b, {"a2e3ad09ed0d09f91a5e070987f70e06d038e7ff7fc6e5539b0d3e0e0f089b3f363063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b39070d075d090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffebd}}, 0x1006)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000280)={<r7=>0x0, 0x4}, &(0x7f0000000340)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r6, 0x84, 0x77, &(0x7f0000000380)=ANY=[@ANYRES32=r7, @ANYBLOB], 0xa)
dup(0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000340))

4.339854323s ago: executing program 3 (id=1942):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f00000000c0)=[{0x45, 0x0, 0x2, 0x80dfffff}, {0x2}, {0x0, 0x0, 0x5, 0x40000}, {0x6, 0x0, 0x1}]})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f00000003c0)={0x1f, 0xffffffffffffffff, 0x4}, 0x6)
r1 = getpid()
r2 = syz_open_procfs(r1, &(0x7f0000000240)='net/netfilter\x00')
fanotify_init(0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x440400, 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc04", 0x10}], 0x1}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, &(0x7f0000006440)={0x0, 0x0, &(0x7f00000063c0)=[{&(0x7f0000000600)={0x34, 0x10, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x4101, 0x0, 0x0, 0x0, @uid}, @typed={0x14, 0x1b, 0x0, 0x0, @ipv6=@loopback={0x21}}]}, 0x34}], 0x1}, 0x0)
r8 = dup2(r5, r5)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r8, 0x0)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r9, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
sendto$inet(r9, 0x0, 0x0, 0x200408c4, &(0x7f0000000200)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r9, &(0x7f0000000240)="94", 0xfffffff2, 0x61, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000500)="b3f171a16425b69e220e3cf634c811f074790d9c872b95a44aae404b8aa1e57d645fca594ddb1c7a83e649deb047d75f7b5961e7f6342f7a980296cfd54d55390d6a545576ad2b888aa9a3f11c8af3b9d5bb9f59789c5a0a630f9a2bee6146243c3455fcb3162cece710feb96d2be3da1c29c4d4091c5702d5ae8ee49ac31f24d34dc29a29e894f4cb263fd833633604b14c8d8803000fd6ca3dcfa807dcefc7fc2dbc9071fa532045740e55411b9f7f6167cf4163fb1f3465b51e8dc69ae8e37570cf6bf1e2719c9a08d81890853cc2c23539f35bdf1917617965cdc603f5c1787d9d07d572b94220241cffdec496a08f7702c17f4d07cf15e10c0c1858a644ac2c7a068aff8cb4abaa5e1bc15ce39ab2d266e108e161e021c86c1dfd891c41fc78808bc1d26f43d8d9f31efc126415e0507a8eb8d5a214927c307fe33489cdcab567dfbd2732684960f0c7d849612b4dc489fbd219551e3185fce4fcdb1701e616a7739a6a757586c69965b08f30f4fb5d71c74e730be39b9dd714a456f2b9651004b5f916d5571456035b6d94f820bbab4a98480020d3094c8f53e7dff379412591306c034ba1bd790bbd524977f678fd0f1ebab9d33aafe1bee265ffecec0cfdf68a611abbc43077837317919d424b15bd7d31f1df4a448e596760feedd6a6cb9c2076e8c868b5ed51e05bc83c68a32b183dd5710472048891140c5f0ce43064525902c3fa127ee4e938325c81eb6f9e12a2b13b13aca2e3b8b55ce6553d9ee4fcbcbd7da72ee20ee91d7add44879474ddfe61291fe02d0d653ea469259abe83c08d8b96da62e5ec2988716a186c63f6339b53bbe1c0d9cc90245c8e13151cbf66ee2189b8772c6e7b31ad0dcb8b7bf3b32f9e300fbf24c6112407950d9553c5b7bea26bed8fc9e57b875b7bb56e12c6f8fbea29906e5aab25d8a9c2cd058b1001c0467488ab7cad3eabddda98c935e07f0acdc70eafb157a4f91e996db42bcef9c234e6a5ba4bae9a2c0e49da0916d1d2ffa7b91d9172bf5b1e3637b6708f0db0e666c6e6ab7083678dca97039e233454a02085be93a5859659bc4b8f389660bb8a3828914ae612ded32fabde6d4bffa6b65521f85fc89d71afd21b40f65c3f0a038423d7adb47afb483a99a91772d7d7589cd69408a848dbaf206f9fbd05317bb2711a6c3f054a0d43033a09b511c14440db9266f044f2f941e018afc498ddfdbe9bdf6f8c6b37e851813f29c6e782a06fcf8369d93f998c78bbc94fc804fc7f74020e74e79917e50d376babede5cd546f93447f7f0bf9655fbce54980247aa6b6231c91d9ce4a72fe220bed1bca150bd3da9b92ba3079913a86f5dc7fe0dd541a75423d94754bbd54894f8d68119c95483640ca415822c23e8201023f191b87cc157c1031e8751bc9b22e57711bdaa6f9e68799f0f8ffd74f6dbe1044c3b464c0a46c277b0cb042e9a234410835a67e75430b62412ba5f543d31c98eb6b418a08d011e528d64c1089416f5e8b0c19bd3bf4646e1b3c0ee15c47276f4fe30ef74e40653e49f6f92837775dd842e81d6f5024768c70c8965e1aa20f1f3919641b4603d6a5e5d42d2a2b9e61031e63ab80affaae8c116f23ec4438d67cc7aae43e5dec76b14ce828b60656ff50e33de2fbe09e21efa2f5fe5589765d056a71a65bdf066ea7656c3582d7cad551ac775715fa7104dc6ba55f6fce8d362009da31032c5c9212bf29acaa3e4851815773930cf34a8401615b866fc4ea96e4e02ec95a38b423cf9327d3a91eba38701506121671f5a6ea6bdc0d4ec48b8034e3811c9bec6d6f32159d36aab4290687452542be3188b21bd8d3b0aa608210e86dd62f69b35ce9c6adefc5d2038dad25afbc3e4031c1eda357e8326a46c1f7e0ee98bd002302da10de9fa39cacf34bc5928337ae17d3fff8e4cf8c53e58207956fa3a3a7a779b5c07383a6698ec5817d6a39c01a7068fc356d8246ddfc47de58605e6dae05d2d15c408b6b6c27dde1eeee9e823ddb34817f5a94c3d8d776f5bd5514b8956cfa0a61f4ed034158c48012172bb6e637716c5eec57657662ef799aea897416b0d9e09048a28db1f00db7fc088c7ba0d2afc66c5258b5256508971a8554f2070e02bf6c9b794094a72f9684caae8338ee7c33a2db8d8d33660303b8948facc83a8e877fb9b64e0c71cf799bfff98cf07587ff2a638e2e7131a9068567227a5d3473c5479023910534af0f79fa096b789ff3262b1ecfb20454048fed3fca430a56add21f8bcd03fb1c751968fcc83fb6e7aa9cca09de76f2096a048f8947e8f85383fa7b04951176f519c410cb152119ebb2dcf7ec1978ea3caa5e6ce9abc3c8eb824d240cb992d01e6ba569647a1ba8a36940ed984f6dc8b44f4d31d1fd95d07d4073cb7554bdfb50344e38a5738309b9e2877b298b4c1de468e3b92c7b46fcea0d1751331a819115c4f398fd950a23105f65f1006b8fd2e9c78a7ea6edcbd88d496112547b0fbb7b65597a57674fd2a530f1616299ceca0a043500f6700a623f5c24990f100f64fd3b55af2feca5a7393e6bf22518261d9aa7f0837531fcb94d089abe5310396db9832a5df8fb2f6da7b97526a2179355efcb94f0a7c364a42cc2c3b952f179d0be8c74a5f351e1b500fc973efb991cc7879caafce919632b2357ddb1683f892b1c0ff24ab5cc061980059fd34eb44072f8050132e6fb7ed575d47889e7b2eb7c77ead00d2827ecf48ad925a50d3e24d891164c9302217a3fab7e7a1f8c3ceb1abbff15dfb509acada37c38579a02a7a27d58cabedb491b2b836fa2fbfed0f5dae365e64df3ec96b765e64285d479f77dd8f31c53f66a430ff6e2bba67d6bd8b7b0cab5791d292aa60d0fc9bba71853e6317122af8e10fcbbcdb091e64f66db278e8b174c2cac5641d4abba10f07487725376d53f39a40256811acfb395b2ca162a51a4f80ff0d2cf691374ed1708359e76509db0b1eb023d6f672610a0e3ac3a85854f5e9f2afc522060659f47df24e0d4c2450935a0191b43877c50f54aa68e960138a9f5760ad8b32281414097b0bad522945a6d", 0x880}], 0x1, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r9, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000ffb000/0x4000)=nil, 0xb00, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/129, 0xffffffffffffffd2, 0x0, 0x0}, &(0x7f0000000080)=0x40)
syz_emit_ethernet(0x5a, &(0x7f0000000080)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@void, {0x8100, 0x7, 0x0, 0x2}}, {@generic={0x88f5, "85a0cfaed6213c7152bff5b6afb5c615ebe8c6d6f4518e486ec0ffffff8af4dbf1240db822118055cd88f9350196d8fdd6add0c7f31d8e920653ab90433cb06ea2e4004a92e7b29a"}}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r3}}, './file0\x00'})
poll(&(0x7f0000000200), 0x0, 0xfffffffe)
syz_open_dev$char_usb(0xc, 0xb4, 0x100)

3.603880684s ago: executing program 1 (id=1944):
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r3}, 0x10)
recvmsg(r0, &(0x7f0000000b00)={0x0, 0xc000000, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x0)

3.272741049s ago: executing program 1 (id=1945):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x0)

2.656307199s ago: executing program 3 (id=1946):
syz_clone(0x10eb22f000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.590559847s ago: executing program 1 (id=1947):
shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0x88}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000240))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmget$private(0x0, 0x4000, 0x4, &(0x7f0000ffa000/0x4000)=nil)

2.421296361s ago: executing program 4 (id=1949):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000005800)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
renameat2(r1, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000180)='./file1\x00', 0x4)
rmdir(&(0x7f0000000380)='./file1\x00')

2.358090559s ago: executing program 4 (id=1950):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000000280))
setuid(0x0)
syz_clone3(&(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

2.203180747s ago: executing program 2 (id=1952):
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@loopback, 0x0, 0x4, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x6c}, 0x0, @in6=@empty}}, 0xe8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)

2.112193547s ago: executing program 3 (id=1953):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[])
chdir(&(0x7f00000000c0)='./file0\x00')
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
r1 = socket$igmp(0x2, 0x3, 0x2)
sendto$x25(0xffffffffffffffff, &(0x7f00000003c0)="02d277bb81b12ea64bae69cbc1f21a620f320060429d20db65a6be", 0x1b, 0x0, &(0x7f0000000440), 0x12)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ptrace$ARCH_GET_GS(0x1e, r2, &(0x7f0000000040), 0x1004)
syz_usb_connect(0x6, 0x0, 0x0, &(0x7f0000000500)={0x0, 0x0, 0x32, &(0x7f00000005c0)={0x5, 0xf, 0x32, 0x4, [@wireless={0xb, 0x10, 0x1, 0x2, 0x10, 0x7, 0x5, 0x1, 0x85}, @ss_container_id={0x14, 0x10, 0x4, 0x3, "2f18aa2b5e1d4a0d740883e2d2435d9f"}, @ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0x6, 0x80, 0x0, 0x43}]}, 0x3, [{0x4, &(0x7f0000000280)=@lang_id={0x4}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x459}}, {0x46, &(0x7f0000000340)=@string={0x46, 0x3, "9b057a1392b16d4f8b745eaf149bdc5200f5ffb9ba0fb38a5405eec32d54eb7974555e0d8782f5ffc79951b12a6d9ce0e5850d04d541a7b1569e8fa8b2a9c65834312822"}}]})
socket$inet_sctp(0x2, 0x1, 0x84)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
ioctl$sock_inet_SIOCDARP(r1, 0x8954, &(0x7f0000000000)={{0x2, 0x0, @empty}, {0x0, @remote}, 0x0, {0x2, 0x0, @multicast2}})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x10012, r0, 0x0)

2.111820987s ago: executing program 4 (id=1954):
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket(0x10, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40bc5311, &(0x7f00000003c0))
syz_open_dev$radio(&(0x7f0000000240), 0x0, 0x2)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000000)={0x0, "f3c492eb0165203d36bec7080089b42c000004002231a110000000005900", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r5, 0xc0303e03, &(0x7f0000000100)={"9fcaa0504b38d5004b9277c079417ff857dc9b7ac770169aed764b4d2ada8bde", r5})
r6 = dup(0xffffffffffffffff)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x9b, {"a2e3ad09ed0d09f91a5e070987f70e06d038e7ff7fc6e5539b0d3e0e0f089b3f363063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b39070d075d090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffebd}}, 0x1006)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000280)={<r7=>0x0, 0x4}, &(0x7f0000000340)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r6, 0x84, 0x77, &(0x7f0000000380)=ANY=[@ANYRES32=r7, @ANYBLOB], 0xa)
dup(0xffffffffffffffff)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000340))

1.701087946s ago: executing program 2 (id=1955):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000080850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='signal_generate\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10)

1.700654477s ago: executing program 1 (id=1956):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f00000000c0)=[{0x45, 0x0, 0x2, 0x80dfffff}, {0x2}, {0x0, 0x0, 0x5, 0x40000}, {0x6, 0x0, 0x1}]})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f00000003c0)={0x1f, 0xffffffffffffffff, 0x4}, 0x6)
r1 = getpid()
r2 = syz_open_procfs(r1, &(0x7f0000000240)='net/netfilter\x00')
fanotify_init(0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x440400, 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc04", 0x10}], 0x1}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, &(0x7f0000006440)={0x0, 0x0, &(0x7f00000063c0)=[{&(0x7f0000000600)={0x34, 0x10, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x4101, 0x0, 0x0, 0x0, @uid}, @typed={0x14, 0x1b, 0x0, 0x0, @ipv6=@loopback={0x21}}]}, 0x34}], 0x1}, 0x0)
r8 = dup2(r5, r5)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r8, 0x0)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r9, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
sendto$inet(r9, 0x0, 0x0, 0x200408c4, &(0x7f0000000200)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r9, &(0x7f0000000240)="94", 0xfffffff2, 0x61, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000500)="b3f171a16425b69e220e3cf634c811f074790d9c872b95a44aae404b8aa1e57d645fca594ddb1c7a83e649deb047d75f7b5961e7f6342f7a980296cfd54d55390d6a545576ad2b888aa9a3f11c8af3b9d5bb9f59789c5a0a630f9a2bee6146243c3455fcb3162cece710feb96d2be3da1c29c4d4091c5702d5ae8ee49ac31f24d34dc29a29e894f4cb263fd833633604b14c8d8803000fd6ca3dcfa807dcefc7fc2dbc9071fa532045740e55411b9f7f6167cf4163fb1f3465b51e8dc69ae8e37570cf6bf1e2719c9a08d81890853cc2c23539f35bdf1917617965cdc603f5c1787d9d07d572b94220241cffdec496a08f7702c17f4d07cf15e10c0c1858a644ac2c7a068aff8cb4abaa5e1bc15ce39ab2d266e108e161e021c86c1dfd891c41fc78808bc1d26f43d8d9f31efc126415e0507a8eb8d5a214927c307fe33489cdcab567dfbd2732684960f0c7d849612b4dc489fbd219551e3185fce4fcdb1701e616a7739a6a757586c69965b08f30f4fb5d71c74e730be39b9dd714a456f2b9651004b5f916d5571456035b6d94f820bbab4a98480020d3094c8f53e7dff379412591306c034ba1bd790bbd524977f678fd0f1ebab9d33aafe1bee265ffecec0cfdf68a611abbc43077837317919d424b15bd7d31f1df4a448e596760feedd6a6cb9c2076e8c868b5ed51e05bc83c68a32b183dd5710472048891140c5f0ce43064525902c3fa127ee4e938325c81eb6f9e12a2b13b13aca2e3b8b55ce6553d9ee4fcbcbd7da72ee20ee91d7add44879474ddfe61291fe02d0d653ea469259abe83c08d8b96da62e5ec2988716a186c63f6339b53bbe1c0d9cc90245c8e13151cbf66ee2189b8772c6e7b31ad0dcb8b7bf3b32f9e300fbf24c6112407950d9553c5b7bea26bed8fc9e57b875b7bb56e12c6f8fbea29906e5aab25d8a9c2cd058b1001c0467488ab7cad3eabddda98c935e07f0acdc70eafb157a4f91e996db42bcef9c234e6a5ba4bae9a2c0e49da0916d1d2ffa7b91d9172bf5b1e3637b6708f0db0e666c6e6ab7083678dca97039e233454a02085be93a5859659bc4b8f389660bb8a3828914ae612ded32fabde6d4bffa6b65521f85fc89d71afd21b40f65c3f0a038423d7adb47afb483a99a91772d7d7589cd69408a848dbaf206f9fbd05317bb2711a6c3f054a0d43033a09b511c14440db9266f044f2f941e018afc498ddfdbe9bdf6f8c6b37e851813f29c6e782a06fcf8369d93f998c78bbc94fc804fc7f74020e74e79917e50d376babede5cd546f93447f7f0bf9655fbce54980247aa6b6231c91d9ce4a72fe220bed1bca150bd3da9b92ba3079913a86f5dc7fe0dd541a75423d94754bbd54894f8d68119c95483640ca415822c23e8201023f191b87cc157c1031e8751bc9b22e57711bdaa6f9e68799f0f8ffd74f6dbe1044c3b464c0a46c277b0cb042e9a234410835a67e75430b62412ba5f543d31c98eb6b418a08d011e528d64c1089416f5e8b0c19bd3bf4646e1b3c0ee15c47276f4fe30ef74e40653e49f6f92837775dd842e81d6f5024768c70c8965e1aa20f1f3919641b4603d6a5e5d42d2a2b9e61031e63ab80affaae8c116f23ec4438d67cc7aae43e5dec76b14ce828b60656ff50e33de2fbe09e21efa2f5fe5589765d056a71a65bdf066ea7656c3582d7cad551ac775715fa7104dc6ba55f6fce8d362009da31032c5c9212bf29acaa3e4851815773930cf34a8401615b866fc4ea96e4e02ec95a38b423cf9327d3a91eba38701506121671f5a6ea6bdc0d4ec48b8034e3811c9bec6d6f32159d36aab4290687452542be3188b21bd8d3b0aa608210e86dd62f69b35ce9c6adefc5d2038dad25afbc3e4031c1eda357e8326a46c1f7e0ee98bd002302da10de9fa39cacf34bc5928337ae17d3fff8e4cf8c53e58207956fa3a3a7a779b5c07383a6698ec5817d6a39c01a7068fc356d8246ddfc47de58605e6dae05d2d15c408b6b6c27dde1eeee9e823ddb34817f5a94c3d8d776f5bd5514b8956cfa0a61f4ed034158c48012172bb6e637716c5eec57657662ef799aea897416b0d9e09048a28db1f00db7fc088c7ba0d2afc66c5258b5256508971a8554f2070e02bf6c9b794094a72f9684caae8338ee7c33a2db8d8d33660303b8948facc83a8e877fb9b64e0c71cf799bfff98cf07587ff2a638e2e7131a9068567227a5d3473c5479023910534af0f79fa096b789ff3262b1ecfb20454048fed3fca430a56add21f8bcd03fb1c751968fcc83fb6e7aa9cca09de76f2096a048f8947e8f85383fa7b04951176f519c410cb152119ebb2dcf7ec1978ea3caa5e6ce9abc3c8eb824d240cb992d01e6ba569647a1ba8a36940ed984f6dc8b44f4d31d1fd95d07d4073cb7554bdfb50344e38a5738309b9e2877b298b4c1de468e3b92c7b46fcea0d1751331a819115c4f398fd950a23105f65f1006b8fd2e9c78a7ea6edcbd88d496112547b0fbb7b65597a57674fd2a530f1616299ceca0a043500f6700a623f5c24990f100f64fd3b55af2feca5a7393e6bf22518261d9aa7f0837531fcb94d089abe5310396db9832a5df8fb2f6da7b97526a2179355efcb94f0a7c364a42cc2c3b952f179d0be8c74a5f351e1b500fc973efb991cc7879caafce919632b2357ddb1683f892b1c0ff24ab5cc061980059fd34eb44072f8050132e6fb7ed575d47889e7b2eb7c77ead00d2827ecf48ad925a50d3e24d891164c9302217a3fab7e7a1f8c3ceb1abbff15dfb509acada37c38579a02a7a27d58cabedb491b2b836fa2fbfed0f5dae365e64df3ec96b765e64285d479f77dd8f31c53f66a430ff6e2bba67d6bd8b7b0cab5791d292aa60d0fc9bba71853e6317122af8e10fcbbcdb091e64f66db278e8b174c2cac5641d4abba10f07487725376d53f39a40256811acfb395b2ca162a51a4f80ff0d2cf691374ed1708359e76509db0b1eb023d6f672610a0e3ac3a85854f5e9f2afc522060659f47df24e0d4c2450935a0191b43877c50f54aa68e960138a9f5760ad8b32281414097b0bad522945a6d", 0x880}], 0x1, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r9, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000ffb000/0x4000)=nil, 0xb00, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/129, 0xffffffffffffffd2, 0x0, 0x0}, &(0x7f0000000080)=0x40)
syz_emit_ethernet(0x5a, &(0x7f0000000080)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@void, {0x8100, 0x7, 0x0, 0x2}}, {@generic={0x88f5, "85a0cfaed6213c7152bff5b6afb5c615ebe8c6d6f4518e486ec0ffffff8af4dbf1240db822118055cd88f9350196d8fdd6add0c7f31d8e920653ab90433cb06ea2e4004a92e7b29a"}}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r3}}, './file0\x00'})
poll(&(0x7f0000000200), 0x0, 0xfffffffe)
syz_open_dev$char_usb(0xc, 0xb4, 0x100)

1.448129067s ago: executing program 2 (id=1957):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x0)

1.255346231s ago: executing program 2 (id=1958):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x4000)
dup3(r0, 0xffffffffffffffff, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
eventfd(0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0xfffffefffffbffaf, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="303e3002a0001f14000000d190c937dc6914243b0402d6dcb70ad80851956fe6727ae888746b02cee670a5882a0ad79716584e6b04b7f62edac751478af9c62f", 0x40, 0xfffffffffffffffc)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x3, 0x3, 0x10)

991.293857ms ago: executing program 4 (id=1959):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x2, 0x1, 0x4}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r1}, 0xfffffffffffffda7)
ioctl$SIOCSIFHWADDR(r0, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})

916.463959ms ago: executing program 0 (id=1960):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000005800)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
renameat2(r1, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000180)='./file1\x00', 0x4)
rmdir(&(0x7f0000000380)='./file1\x00')

260.340976ms ago: executing program 0 (id=1961):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x2, 0x1, 0x4}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r1}, 0xfffffffffffffda7)
ioctl$SIOCSIFHWADDR(r0, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})

180.833891ms ago: executing program 2 (id=1962):
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000600)=ANY=[@ANYBLOB="010000000000000000002100000008000300", @ANYRES32], 0x3c}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

17.317602ms ago: executing program 4 (id=1963):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)

17.170943ms ago: executing program 0 (id=1964):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000100)={0x4})

2.267029ms ago: executing program 1 (id=1965):
r0 = socket$inet6(0xa, 0x0, 0x2f)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@loopback, 0x0, 0x4, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x6c}, 0x0, @in6=@empty}}, 0xe8)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)

0s ago: executing program 2 (id=1966):
shmget(0xffffffffffffffff, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0x88}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000240))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmget$private(0x0, 0x4000, 0x4, &(0x7f0000ffa000/0x4000)=nil)

kernel console output (not intermixed with test programs):

nc data on readonly fs
[  135.174111][ T5123] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  135.327317][ T3623] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  135.461717][ T3623] usb 3-1: device descriptor read/8, error -71
[  135.890049][ T5150] netlink: 'syz.4.365': attribute type 6 has an invalid length.
[  136.044358][ T3623] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  136.144469][ T3623] usb 3-1: device descriptor read/8, error -71
[  136.264587][ T3623] usb usb3-port1: unable to enumerate USB device
[  136.343197][ T5160] MPTCP: kernel_bind error, err=-98
[  137.309965][ T5169] loop3: detected capacity change from 0 to 1024
[  137.368785][ T5169] EXT4-fs: Ignoring removed orlov option
[  137.387164][ T5169] EXT4-fs (loop3): Test dummy encryption mode enabled
[  137.437221][ T5169] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  137.564122][ T4337] EXT4-fs (loop3): unmounting filesystem.
[  137.846064][ T5188] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  138.449164][ T5194] netlink: 'syz.3.377': attribute type 6 has an invalid length.
[  139.135846][ T5177] loop4: detected capacity change from 0 to 40427
[  139.488029][ T5177] F2FS-fs (loop4): invalid crc value
[  139.551404][ T5177] F2FS-fs (loop4): Found nat_bits in checkpoint
[  140.418028][ T5177] F2FS-fs (loop4): recover fsync data on readonly fs
[  140.471901][ T5177] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  140.533187][ T5227] Zero length message leads to an empty skb
[  141.053511][ T5248] netlink: 'syz.3.394': attribute type 6 has an invalid length.
[  141.103574][ T5251] loop4: detected capacity change from 0 to 1024
[  141.131420][ T5251] EXT4-fs: Ignoring removed orlov option
[  141.165963][ T5251] EXT4-fs (loop4): Test dummy encryption mode enabled
[  141.197514][ T5251] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  141.247913][ T4243] EXT4-fs (loop4): unmounting filesystem.
[  141.405425][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  141.884408][ T5274] netlink: 8 bytes leftover after parsing attributes in process `syz.4.399'.
[  141.896764][ T5274] IPVS: Error joining to the multicast group
[  141.927024][ T5274] loop4: detected capacity change from 0 to 256
[  143.323676][ T5288] loop2: detected capacity change from 0 to 1024
[  143.338154][ T5289] overlayfs: failed to clone lowerpath
[  143.380966][ T5288] EXT4-fs: Ignoring removed orlov option
[  143.389236][ T5288] EXT4-fs (loop2): Test dummy encryption mode enabled
[  143.477597][ T5288] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  143.487242][ T5276] loop3: detected capacity change from 0 to 40427
[  143.516414][ T5276] F2FS-fs (loop3): invalid crc value
[  143.549207][ T5276] F2FS-fs (loop3): Found nat_bits in checkpoint
[  143.560371][ T4196] EXT4-fs (loop2): unmounting filesystem.
[  143.679741][ T5276] F2FS-fs (loop3): recover fsync data on readonly fs
[  143.690612][ T5276] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  143.774710][ T3588] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  143.974387][ T3588] usb 2-1: device descriptor read/64, error -71
[  144.264305][ T3588] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  144.423759][ T5318] loop3: detected capacity change from 0 to 1024
[  144.453091][ T5318] EXT4-fs: Ignoring removed orlov option
[  144.484406][ T3588] usb 2-1: device descriptor read/64, error -71
[  144.501885][ T5318] EXT4-fs (loop3): Test dummy encryption mode enabled
[  144.608758][ T3588] usb usb2-port1: attempt power cycle
[  144.703214][ T5318] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  144.915602][ T4337] EXT4-fs (loop3): unmounting filesystem.
[  145.064489][ T3588] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  145.174518][ T3588] usb 2-1: device descriptor read/8, error -71
[  145.462933][ T3588] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  145.614577][ T3588] usb 2-1: device descriptor read/8, error -71
[  145.679338][ T5352] netlink: 'syz.0.429': attribute type 21 has an invalid length.
[  145.774942][ T3588] usb usb2-port1: unable to enumerate USB device
[  146.326937][ T5358] overlayfs: overlapping lowerdir path
[  146.712828][ T5368] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  146.823039][ T5370] MPTCP: kernel_bind error, err=-98
[  146.846614][ T5373] devtmpfs: Unknown parameter '*Û@-!/'
[  147.064019][ T5385] overlayfs: overlapping lowerdir path
[  147.554639][ T3588] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  147.785929][ T3588] usb 3-1: device descriptor read/64, error -71
[  147.963818][ T5397] libceph: resolve 'c8' (ret=-3): failed
[  148.054386][ T3588] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  148.101694][ T5407] MPTCP: kernel_bind error, err=-98
[  148.173728][ T5413] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  148.264348][ T3604] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  148.265622][ T3588] usb 3-1: device descriptor read/64, error -71
[  148.394610][ T3588] usb usb3-port1: attempt power cycle
[  148.664486][ T3604] usb 4-1: unable to get BOS descriptor or descriptor too short
[  148.714505][ T3604] usb 4-1: not running at top speed; connect to a high speed hub
[  148.760946][ T5422] netlink: 703 bytes leftover after parsing attributes in process `syz.1.457'.
[  148.804605][ T3604] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  149.023828][ T3604] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  149.034564][ T3588] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  149.048508][ T3604] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.057252][ T3604] usb 4-1: Product: syz
[  149.061505][ T3604] usb 4-1: Manufacturer: syz
[  149.066569][ T3604] usb 4-1: SerialNumber: syz
[  149.144912][ T3588] usb 3-1: device descriptor read/8, error -71
[  149.462644][ T5438] devtmpfs: Unknown parameter '*Û@-!/'
[  149.544638][ T3588] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  149.675017][ T3588] usb 3-1: device descriptor read/8, error -71
[  149.807533][ T3588] usb usb3-port1: unable to enumerate USB device
[  150.388647][ T5454] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  151.133894][ T5476] netlink: 68 bytes leftover after parsing attributes in process `syz.0.475'.
[  151.348348][ T3604] usb 4-1: USB disconnect, device number 8
[  151.791552][ T5504] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  151.976457][ T5512] libceph: resolve 'c8' (ret=-3): failed
[  152.254446][ T3289] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  152.954499][ T3289] usb 1-1: unable to get BOS descriptor or descriptor too short
[  153.034497][ T3289] usb 1-1: not running at top speed; connect to a high speed hub
[  153.127094][ T3289] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  153.354427][ T3289] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  153.363543][ T3289] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.384499][ T3289] usb 1-1: Product: syz
[  153.389771][ T3289] usb 1-1: Manufacturer: syz
[  153.395330][ T5554] netlink: 68 bytes leftover after parsing attributes in process `syz.2.502'.
[  153.404017][ T3289] usb 1-1: SerialNumber: syz
[  155.507503][ T5594] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  155.620409][ T3289] usb 1-1: USB disconnect, device number 10
[  156.465718][ T5613] MPTCP: kernel_bind error, err=-98
[  156.806064][ T5600] netlink: 68 bytes leftover after parsing attributes in process `syz.0.524'.
[  157.278612][ T5632] libceph: resolve 'c8' (ret=-3): failed
[  157.579299][ T3588] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  158.004557][ T3588] usb 5-1: unable to get BOS descriptor or descriptor too short
[  158.048871][ T3588] usb 5-1: not running at top speed; connect to a high speed hub
[  158.134720][ T3588] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  158.332078][ T3588] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  158.397162][ T3588] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.539441][ T3588] usb 5-1: Product: syz
[  158.603135][ T3588] usb 5-1: Manufacturer: syz
[  158.677374][ T3588] usb 5-1: SerialNumber: syz
[  159.414196][ T5658] Bluetooth: hci5: Frame reassembly failed (-84)
[  159.601569][ T3712] Bluetooth: hci5: Frame reassembly failed (-84)
[  159.708112][ T3712] Bluetooth: hci5: Frame reassembly failed (-84)
[  160.169445][ T5665] MPTCP: kernel_bind error, err=-98
[  161.614464][ T3555] Bluetooth: hci5: command 0x1003 tx timeout
[  161.615612][ T3559] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  161.714128][ T3588] usb 5-1: USB disconnect, device number 3
[  161.898098][ T5699] netlink: 'syz.0.558': attribute type 6 has an invalid length.
[  162.025643][ T5701] netlink: 12 bytes leftover after parsing attributes in process `syz.0.558'.
[  162.948469][ T3555] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  162.959381][ T3555] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  162.967343][ T3555] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  162.983037][ T3555] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  162.991566][ T3555] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  162.998951][ T3555] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  163.193310][ T5719] chnl_net:caif_netlink_parms(): no params data found
[  163.474814][ T5719] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.492262][ T5719] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.546143][ T5719] device bridge_slave_0 entered promiscuous mode
[  163.586126][ T5719] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.593295][ T5719] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.621104][ T5734] libceph: resolve 'c8' (ret=-3): failed
[  163.640358][ T5719] device bridge_slave_1 entered promiscuous mode
[  163.696564][ T5719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  163.732936][ T5719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  163.827335][ T5719] team0: Port device team_slave_0 added
[  163.840016][ T5719] team0: Port device team_slave_1 added
[  163.866772][ T5719] batman_adv: batadv0: Adding interface: batadv_slave_0
[  163.873718][ T5719] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.908845][ T5719] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  163.919513][ T3604] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  163.929502][ T5719] batman_adv: batadv0: Adding interface: batadv_slave_1
[  163.940105][ T5719] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.974996][ T5719] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  164.026606][ T5719] device hsr_slave_0 entered promiscuous mode
[  164.033307][ T5719] device hsr_slave_1 entered promiscuous mode
[  164.157419][ T5719] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.230774][ T5719] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.290003][ T5719] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.344387][ T3604] usb 5-1: unable to get BOS descriptor or descriptor too short
[  164.372993][ T5719] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.394471][ T3604] usb 5-1: not running at top speed; connect to a high speed hub
[  164.470758][ T5719] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  164.477619][ T3604] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  164.492929][ T5719] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  164.507392][ T5719] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  164.517060][ T5719] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  164.573213][ T5719] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.590633][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  164.604488][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  164.617313][ T5719] 8021q: adding VLAN 0 to HW filter on device team0
[  164.644601][ T3604] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  164.653889][ T3604] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.663662][ T3604] usb 5-1: Product: syz
[  164.668366][ T3604] usb 5-1: Manufacturer: syz
[  164.672973][ T3604] usb 5-1: SerialNumber: syz
[  164.681613][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  164.691669][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  164.700381][  T152] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.707501][  T152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  164.715849][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  164.724419][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  164.732841][  T152] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.739965][  T152] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.748633][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  164.757828][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  164.766584][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  164.775441][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  164.784539][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  164.792480][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  164.812040][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  164.822496][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  164.846694][ T5719] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  164.870584][ T5719] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  164.912791][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  164.922833][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  164.935424][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  164.944664][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  165.059652][ T3559] Bluetooth: hci5: command tx timeout
[  165.126078][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  165.230769][ T5761] Bluetooth: hci3: Frame reassembly failed (-84)
[  165.464599][ T3847] Bluetooth: hci3: Frame reassembly failed (-84)
[  165.906071][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  166.363517][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  166.406525][ T5719] 8021q: adding VLAN 0 to HW filter on device batadv0
[  166.731618][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  166.748846][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  166.795121][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  166.810447][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  166.825809][ T5719] device veth0_vlan entered promiscuous mode
[  166.844365][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  166.854114][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  166.877829][ T5719] device veth1_vlan entered promiscuous mode
[  166.941943][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  166.958112][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  166.979708][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  167.046178][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  167.064833][ T5719] device veth0_macvtap entered promiscuous mode
[  167.087383][ T5719] device veth1_macvtap entered promiscuous mode
[  167.117306][ T5719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.144434][ T5719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.144449][ T3559] Bluetooth: hci5: command tx timeout
[  167.154279][ T5719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.154295][ T5719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.154305][ T5719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.154317][ T5719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.154331][ T5719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.154343][ T5719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.155549][ T5719] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.277466][ T5719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.290039][ T5719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.304378][ T3559] Bluetooth: hci3: command 0x1003 tx timeout
[  167.304496][ T3555] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  167.317959][ T5719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.363471][ T5719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.446519][ T5719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.481188][ T5719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.491556][ T5719] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.502402][ T5719] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.579350][ T5719] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.590186][ T3604] usb 5-1: USB disconnect, device number 4
[  167.629344][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  167.638043][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  167.646136][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  167.654817][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  167.665316][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  167.673933][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  167.700200][ T5719] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.711714][ T5800] netlink: 12 bytes leftover after parsing attributes in process `syz.3.586'.
[  167.723716][ T5719] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.736746][ T5719] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.763036][ T5719] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.670837][ T3740] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.708009][ T3740] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.781581][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  169.061584][ T3740] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.087174][ T3740] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.174017][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  169.244860][ T3555] Bluetooth: hci5: command tx timeout
[  169.462574][ T5823] overlayfs: overlapping lowerdir path
[  169.602052][ T5834] netlink: 'syz.3.598': attribute type 6 has an invalid length.
[  169.641697][ T5834] netlink: 12 bytes leftover after parsing attributes in process `syz.3.598'.
[  170.938645][ T5852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.324610][ T3555] Bluetooth: hci5: command tx timeout
[  171.334647][ T3622] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  171.620998][ T5868] overlayfs: overlapping lowerdir path
[  171.674435][ T3622] usb 5-1: Using ep0 maxpacket: 8
[  171.804687][ T3622] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  171.820286][ T3622] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  171.863181][ T3622] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  171.875525][ T3622] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  171.885920][ T3622] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  171.899212][ T3622] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  171.908605][ T3622] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.234830][ T3622] usb 5-1: usb_control_msg returned -32
[  172.242703][ T3622] usbtmc 5-1:16.0: can't read capabilities
[  172.992487][ T5896] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  173.196653][ T5909] overlayfs: overlapping lowerdir path
[  174.224118][ T3622] usb 5-1: USB disconnect, device number 5
[  176.064593][   T26] audit: type=1326 audit(1719941513.562:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.633" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x0
[  176.113543][   T26] audit: type=1326 audit(1719941513.662:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  176.189697][   T26] audit: type=1326 audit(1719941513.662:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  176.287931][   T26] audit: type=1326 audit(1719941513.662:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  177.052059][   T26] audit: type=1326 audit(1719941513.662:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  177.106129][   T26] audit: type=1326 audit(1719941513.662:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  177.201082][   T26] audit: type=1326 audit(1719941513.662:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  177.243986][   T26] audit: type=1326 audit(1719941513.662:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  177.398838][   T26] audit: type=1326 audit(1719941513.662:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  177.444492][   T26] audit: type=1326 audit(1719941513.662:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  177.504407][   T22] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  177.560266][ T5981] netlink: 8 bytes leftover after parsing attributes in process `syz.3.640'.
[  177.570926][ T5981] IPVS: Error joining to the multicast group
[  177.599623][ T5981] loop3: detected capacity change from 0 to 256
[  177.824591][   T22] usb 1-1: Using ep0 maxpacket: 8
[  177.946976][   T22] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  178.035467][   T22] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  178.233450][   T22] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  178.244099][   T22] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  178.255610][   T22] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  178.269504][   T22] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  178.279565][   T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.660251][   T22] usb 1-1: usb_control_msg returned -32
[  178.666218][   T22] usbtmc 1-1:16.0: can't read capabilities
[  179.720009][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  180.097646][ T6030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.657'.
[  180.107228][ T6030] IPVS: Error joining to the multicast group
[  180.136849][ T6030] loop4: detected capacity change from 0 to 256
[  180.624576][ T6033] netlink: 'syz.3.660': attribute type 6 has an invalid length.
[  180.717538][ T6033] netlink: 12 bytes leftover after parsing attributes in process `syz.3.660'.
[  180.924656][ T3604] usb 1-1: USB disconnect, device number 11
[  182.444991][ T6073] netlink: 12 bytes leftover after parsing attributes in process `syz.3.674'.
[  183.257037][ T6082] netlink: 12 bytes leftover after parsing attributes in process `syz.2.677'.
[  184.035390][ T6106] netlink: 12 bytes leftover after parsing attributes in process `syz.2.686'.
[  186.035771][ T6118] sched: RT throttling activated
[  188.162041][ T3559] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  188.187812][ T3559] Bluetooth: hci0: Injecting HCI hardware error event
[  188.204124][ T3555] Bluetooth: hci0: hardware error 0x00
[  188.600255][   T26] kauditd_printk_skb: 3 callbacks suppressed
[  188.600270][   T26] audit: type=1326 audit(1719941526.292:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.3.698" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x0
[  190.358857][ T3555] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  191.447154][ T6182] overlayfs: missing 'lowerdir'
[  191.744359][ T3623] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  192.148740][ T3623] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  192.164181][ T3623] usb 1-1: config 27 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  192.177499][ T3623] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  192.195485][ T3623] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  192.213312][ T3623] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.310012][ T3555] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[  192.344653][ T3555] CPU: 0 PID: 3555 Comm: kworker/u5:3 Not tainted 6.1.96-syzkaller #0
[  192.352831][ T3555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  192.362897][ T3555] Workqueue: hci5 hci_rx_work
[  192.367620][ T3555] Call Trace:
[  192.370906][ T3555]  <TASK>
[  192.373840][ T3555]  dump_stack_lvl+0x1e3/0x2cb
[  192.378540][ T3555]  ? nf_tcp_handle_invalid+0x642/0x642
[  192.384015][ T3555]  ? panic+0x764/0x764
[  192.388112][ T3555]  sysfs_create_dir_ns+0x2c6/0x390
[  192.393247][ T3555]  ? sysfs_warn_dup+0xa0/0xa0
[  192.397961][ T3555]  kobject_add_internal+0x6df/0xd10
[  192.403181][ T3555]  kobject_add+0x14e/0x210
[  192.407619][ T3555]  ? device_add+0x3c2/0xfd0
[  192.412134][ T3555]  ? kobject_init+0x1d0/0x1d0
[  192.416823][ T3555]  ? __raw_spin_lock_init+0x41/0x100
[  192.422120][ T3555]  ? get_device_parent+0x128/0x400
[  192.427247][ T3555]  device_add+0x476/0xfd0
[  192.431598][ T3555]  hci_conn_add_sysfs+0xe4/0x1f0
[  192.436554][ T3555]  le_conn_complete_evt+0xcc6/0x1320
[  192.441856][ T3555]  ? trace_contention_end+0x61/0x170
[  192.447160][ T3555]  ? hci_le_big_info_adv_report_evt+0x390/0x390
[  192.453411][ T3555]  ? __mutex_unlock_slowpath+0x218/0x750
[  192.459058][ T3555]  ? mutex_unlock+0x10/0x10
[  192.463568][ T3555]  ? skb_pull_data+0x10e/0x220
[  192.468348][ T3555]  hci_le_enh_conn_complete_evt+0x181/0x410
[  192.474260][ T3555]  hci_event_packet+0xa40/0x1510
[  192.479218][ T3555]  ? hci_remote_host_features_evt+0x210/0x210
[  192.485304][ T3555]  ? bis_list+0x290/0x290
[  192.489639][ T3555]  ? do_raw_spin_unlock+0x137/0x8a0
[  192.494946][ T3555]  ? kcov_remote_start+0x4b5/0x7d0
[  192.500085][ T3555]  ? lockdep_hardirqs_on+0x50/0x130
[  192.505305][ T3555]  ? hci_send_to_monitor+0x99/0x4d0
[  192.510523][ T3555]  hci_rx_work+0x3cd/0xce0
[  192.514955][ T3555]  ? do_raw_spin_unlock+0x137/0x8a0
[  192.520177][ T3555]  ? process_one_work+0x7a9/0x11d0
[  192.525308][ T3555]  process_one_work+0x8a9/0x11d0
[  192.530280][ T3555]  ? worker_detach_from_pool+0x260/0x260
[  192.535931][ T3555]  ? _raw_spin_lock_irqsave+0x120/0x120
[  192.541492][ T3555]  ? kthread_data+0x4e/0xc0
[  192.546024][ T3555]  ? wq_worker_running+0x97/0x190
[  192.551077][ T3555]  worker_thread+0xa47/0x1200
[  192.555775][ T3555]  ? __sched_text_start+0x8/0x8
[  192.560671][ T3555]  kthread+0x28d/0x320
[  192.564761][ T3555]  ? worker_clr_flags+0x190/0x190
[  192.569806][ T3555]  ? kthread_blkcg+0xd0/0xd0
[  192.574411][ T3555]  ret_from_fork+0x1f/0x30
[  192.578861][ T3555]  </TASK>
[  192.584959][ T3555] kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  192.599891][ T3555] Bluetooth: hci5: failed to register connection device
[  192.620280][ T3623] snd-usb-audio: probe of 1-1:27.0 failed with error -2
[  192.658100][ T3538] udevd[3538]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  192.904955][ T6187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.921306][ T6187] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.937329][   T41] usb 1-1: USB disconnect, device number 12
[  192.995838][ T6221] netlink: 8 bytes leftover after parsing attributes in process `syz.3.722'.
[  193.004825][ T6221] IPVS: Error joining to the multicast group
[  193.016340][ T6221] loop3: detected capacity change from 0 to 256
[  193.785870][ T6226] overlayfs: missing 'lowerdir'
[  194.097719][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  194.107371][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  194.239755][ T6240] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  194.654396][ T3555] Bluetooth: hci5: command tx timeout
[  196.987511][ T6287] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  197.153720][ T6274] loop1: detected capacity change from 0 to 32768
[  197.251849][ T6274] XFS (loop1): Mounting V5 Filesystem
[  197.343234][ T6274] XFS (loop1): Ending clean mount
[  197.365414][ T6274] XFS (loop1): Quotacheck needed: Please wait.
[  197.496738][ T6274] XFS (loop1): Quotacheck: Done.
[  198.280468][ T6309] loop3: detected capacity change from 0 to 512
[  198.317012][ T5719] XFS (loop1): Unmounting Filesystem
[  198.456157][ T6309] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  198.507432][ T6309] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038 (0x7fffffff)
[  198.624336][ T6309] EXT4-fs error (device loop3): ext4_get_verity_descriptor_location:337: inode #15: comm syz.3.751: verity file corrupted; can't find descriptor
[  198.653874][ T6309] fs-verity (loop3, inode 15): Error -117 getting verity descriptor size
[  198.737077][ T4337] EXT4-fs (loop3): unmounting filesystem.
[  198.755605][ T6304] loop4: detected capacity change from 0 to 32768
[  198.971468][ T6304] XFS (loop4): Mounting V5 Filesystem
[  199.818985][ T6304] XFS (loop4): Ending clean mount
[  199.946587][ T3591] XFS (loop4): Metadata CRC error detected at xfs_rmapbt_read_verify+0x39/0xc0, xfs_rmapbt block 0x14 
[  199.980237][ T3591] XFS (loop4): Unmount and run xfs_repair
[  199.993708][ T3591] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  200.043278][ T3591] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  200.073225][ T3591] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80  ..P.............
[  200.083764][ T3591] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  200.125582][ T3591] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  200.164349][ T3591] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  200.180060][ T3591] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  200.195333][ T3591] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  200.208433][ T3591] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  200.218105][ T6304] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x14 len 4 error 74
[  200.271114][ T6304] XFS (loop4): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1acd/0x2210 (fs/xfs/libxfs/xfs_defer.c:573).  Shutting down filesystem.
[  200.380615][ T6304] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  200.411669][ T4243] XFS (loop4): Unmounting Filesystem
[  202.205516][   T26] audit: type=1326 audit(1719941539.912:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.0.774" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x0
[  202.304829][   T26] audit: type=1326 audit(1719941540.012:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  202.331581][ T6385] netlink: 'syz.0.774': attribute type 27 has an invalid length.
[  202.386412][ T6385] device lo entered promiscuous mode
[  202.392627][   T26] audit: type=1326 audit(1719941540.032:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  202.418235][ T6385] device tunl0 entered promiscuous mode
[  202.425183][ T6385] device gre0 entered promiscuous mode
[  202.444651][   T26] audit: type=1326 audit(1719941540.032:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  202.616760][ T6385] device gretap0 entered promiscuous mode
[  202.630478][   T26] audit: type=1326 audit(1719941540.032:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  202.656361][ T6385] device erspan0 entered promiscuous mode
[  202.683908][ T6356] loop3: detected capacity change from 0 to 32768
[  202.721647][ T6385] device ip_vti0 entered promiscuous mode
[  202.748038][   T26] audit: type=1326 audit(1719941540.032:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  202.773494][ T6385] device ip6_vti0 entered promiscuous mode
[  202.779643][   T26] audit: type=1326 audit(1719941540.032:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  202.804647][ T6385] device sit0 entered promiscuous mode
[  202.813521][   T26] audit: type=1326 audit(1719941540.032:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  202.838449][ T6385] device ip6tnl0 entered promiscuous mode
[  202.859195][ T6385] device ip6gre0 entered promiscuous mode
[  202.872247][ T6356] XFS (loop3): Mounting V5 Filesystem
[  202.946773][ T6385] device syz_tun entered promiscuous mode
[  203.028406][ T6385] device ip6gretap0 entered promiscuous mode
[  203.038668][   T26] audit: type=1326 audit(1719941540.032:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  203.118545][ T6356] XFS (loop3): Ending clean mount
[  203.126859][ T6356] XFS (loop3): Quotacheck needed: Please wait.
[  203.152194][ T6356] XFS (loop3): Quotacheck: Done.
[  203.780255][ T6385] device bridge0 entered promiscuous mode
[  203.795627][ T6385] device vcan0 entered promiscuous mode
[  203.801254][   T26] audit: type=1326 audit(1719941540.032:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.0.774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd62e375f19 code=0x7ffc0000
[  203.808930][ T4337] XFS (loop3): Unmounting Filesystem
[  203.845193][ T6385] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  203.863700][ T6385] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  203.884181][ T6385] device bond0 entered promiscuous mode
[  203.899323][ T6385] device bond_slave_0 entered promiscuous mode
[  203.906977][ T6385] device bond_slave_1 entered promiscuous mode
[  203.913338][ T6385] device macvlan0 entered promiscuous mode
[  203.926799][ T6385] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.951410][ T6385] device team0 entered promiscuous mode
[  203.965670][ T6385] device team_slave_0 entered promiscuous mode
[  203.977821][ T6385] device team_slave_1 entered promiscuous mode
[  203.995142][ T6385] 8021q: adding VLAN 0 to HW filter on device team0
[  204.013642][ T6385] device dummy0 entered promiscuous mode
[  204.029962][ T6385] device nlmon0 entered promiscuous mode
[  204.036750][ T6385] device caif0 entered promiscuous mode
[  204.042397][ T6385] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  204.242630][ T6416] loop1: detected capacity change from 0 to 64
[  205.861029][ T6430] loop2: detected capacity change from 0 to 40427
[  206.027173][ T6430] F2FS-fs (loop2): invalid crc value
[  206.147478][ T6430] F2FS-fs (loop2): Found nat_bits in checkpoint
[  206.241330][ T6449] netlink: 'syz.1.789': attribute type 27 has an invalid length.
[  206.403342][ T6449] device lo entered promiscuous mode
[  206.525889][ T6449] device tunl0 entered promiscuous mode
[  206.574063][ T6449] device gre0 entered promiscuous mode
[  206.593124][ T6430] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  206.618137][ T6449] device gretap0 entered promiscuous mode
[  206.638336][ T6449] device erspan0 entered promiscuous mode
[  206.650831][ T6449] device ip_vti0 entered promiscuous mode
[  206.670798][ T6449] device ip6_vti0 entered promiscuous mode
[  206.727760][ T6449] device sit0 entered promiscuous mode
[  206.932253][ T6449] device ip6tnl0 entered promiscuous mode
[  206.942261][ T6449] device ip6gre0 entered promiscuous mode
[  206.959631][ T6449] device syz_tun entered promiscuous mode
[  206.968762][ T6449] device ip6gretap0 entered promiscuous mode
[  206.979937][ T6449] device bridge0 entered promiscuous mode
[  206.989196][ T6449] device vcan0 entered promiscuous mode
[  207.017904][ T6449] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  207.249606][ T6449] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  207.281333][ T6005] Bluetooth: hci3: Frame reassembly failed (-84)
[  207.284577][ T6449] device bond0 entered promiscuous mode
[  207.293231][ T6449] device bond_slave_0 entered promiscuous mode
[  207.317150][ T6449] device bond_slave_1 entered promiscuous mode
[  207.328745][ T6449] device team0 entered promiscuous mode
[  207.355158][ T4196] syz-executor: attempt to access beyond end of device
[  207.355158][ T4196] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  207.360652][ T6449] device team_slave_0 entered promiscuous mode
[  207.404522][ T6449] device team_slave_1 entered promiscuous mode
[  207.422449][ T6449] device dummy0 entered promiscuous mode
[  207.435838][ T6449] device nlmon0 entered promiscuous mode
[  207.444118][ T6449] device caif0 entered promiscuous mode
[  207.477759][ T6449] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  208.234463][ T6478] loop1: detected capacity change from 0 to 40427
[  208.244523][ T6478] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  208.252427][ T6478] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  208.266763][ T6478] F2FS-fs (loop1): Found nat_bits in checkpoint
[  208.323765][ T6478] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  208.331079][ T6478] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  208.375411][   T26] kauditd_printk_skb: 36 callbacks suppressed
[  208.375423][   T26] audit: type=1804 audit(1719941546.082:67): pid=6478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.800" name="/newroot/42/bus/bus" dev="loop1" ino=10 res=1 errno=0
[  208.757900][ T6502] loop2: detected capacity change from 0 to 512
[  208.797236][ T6502] EXT4-fs (loop2): Test dummy encryption mode enabled
[  208.908665][ T6502] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.808: inline data xattr refers to an external xattr inode
[  208.930899][ T3623] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  208.974919][ T6502] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.808: couldn't read orphan inode 12 (err -117)
[  209.004623][ T6502] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  209.116164][ T6515] netlink: 8 bytes leftover after parsing attributes in process `syz.0.810'.
[  209.125845][ T6515] IPVS: Error joining to the multicast group
[  209.589739][ T3555] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  209.597984][ T3562] Bluetooth: hci3: command 0x1003 tx timeout
[  210.985400][ T6518] loop1: detected capacity change from 0 to 256
[  210.993868][ T6518] FAT-fs (loop1): Unrecognized mount option "uni_xlaie90" or missing value
[  211.021810][ T3552] Bluetooth: hci1: Malformed Event: 0x02
[  211.031002][ T4196] EXT4-fs (loop2): unmounting filesystem.
[  211.039340][ T6516] loop1: detected capacity change from 0 to 512
[  211.065448][ T6516] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  211.094355][ T3623] usb 4-1: Using ep0 maxpacket: 8
[  211.120484][ T6516] EXT4-fs (loop1): 1 orphan inode deleted
[  211.135159][ T6516] EXT4-fs (loop1): 1 truncate cleaned up
[  211.143844][ T6525] loop2: detected capacity change from 0 to 512
[  211.146928][ T6516] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  211.170818][ T6525] EXT4-fs: Ignoring removed mblk_io_submit option
[  211.182562][ T6525] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  211.223856][ T6525] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz.2.813: corrupted in-inode xattr
[  211.236189][ T3623] usb 4-1: New USB device found, idVendor=0424, idProduct=7800, bcdDevice=e9.41
[  211.261687][ T3623] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.364664][ T3623] usb 4-1: config 0 descriptor??
[  211.376803][ T6525] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.813: couldn't read orphan inode 15 (err -117)
[  211.402599][ T5719] EXT4-fs (loop1): unmounting filesystem.
[  211.409260][ T6525] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  211.599223][   T26] audit: type=1800 audit(1719941549.302:68): pid=6538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.813" name="bus" dev="loop2" ino=18 res=0 errno=0
[  211.614511][ T3552] Bluetooth: hci1: command tx timeout
[  211.632826][ T3591] usb 4-1: USB disconnect, device number 9
[  212.047376][ T6554] random: crng reseeded on system resumption
[  213.372289][ T4196] EXT4-fs (loop2): unmounting filesystem.
[  213.403341][ T6565] netlink: 8 bytes leftover after parsing attributes in process `syz.0.824'.
[  213.412925][ T6565] IPVS: Error joining to the multicast group
[  214.339610][ T6572] loop4: detected capacity change from 0 to 256
[  214.350955][ T6572] FAT-fs (loop4): Unrecognized mount option "uni_xlaie90" or missing value
[  214.512009][ T6572] loop4: detected capacity change from 0 to 512
[  214.524297][ T6572] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  214.914737][ T6572] EXT4-fs (loop4): 1 orphan inode deleted
[  214.920593][ T6572] EXT4-fs (loop4): 1 truncate cleaned up
[  214.926472][ T6572] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  216.070806][ T6509] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  216.310452][ T3552] Bluetooth: hci2: Malformed Event: 0x02
[  216.313043][ T6509] EXT4-fs (loop4): Remounting filesystem read-only
[  216.344127][ T4243] EXT4-fs (loop4): unmounting filesystem.
[  216.562158][ T6585] loop2: detected capacity change from 0 to 2048
[  216.674684][ T3556] Bluetooth: hci2: command tx timeout
[  216.771628][ T6585] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  216.800649][ T6585] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038 (0x7fffffff)
[  216.812147][ T6585] EXT4-fs (loop2): unmounting filesystem.
[  217.614336][   T41] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  217.752339][ T6618] loop1: detected capacity change from 0 to 8
[  219.006035][ T6628] loop2: detected capacity change from 0 to 256
[  219.012991][ T6628] FAT-fs (loop2): Unrecognized mount option "uni_xlaie90" or missing value
[  219.302586][ T6628] loop2: detected capacity change from 0 to 512
[  219.319677][ T6628] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  219.401975][ T6628] EXT4-fs (loop2): 1 orphan inode deleted
[  219.407841][ T6628] EXT4-fs (loop2): 1 truncate cleaned up
[  219.413522][ T6628] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  219.684368][   T41] usb 1-1: unable to read config index 0 descriptor/start: -71
[  219.691977][   T41] usb 1-1: can't read configurations, error -71
[  219.693642][ T4196] EXT4-fs (loop2): unmounting filesystem.
[  219.967259][   T22] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  220.214367][   T22] usb 2-1: Using ep0 maxpacket: 16
[  220.264730][   T41] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  220.494472][   T22] usb 2-1: New USB device found, idVendor=0557, idProduct=4000, bcdDevice=53.e0
[  220.503650][   T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.516639][   T22] usb 2-1: Product: syz
[  220.520834][   T22] usb 2-1: Manufacturer: syz
[  220.527575][   T22] usb 2-1: SerialNumber: syz
[  220.539187][   T22] usb 2-1: config 0 descriptor??
[  220.634508][   T41] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  220.645689][   T41] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  220.655657][   T41] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  220.714598][   T41] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.754862][ T6643] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  220.905686][   T22] kaweth 2-1:0.0: Firmware present in device.
[  221.608733][   T22] kaweth 2-1:0.0: Statistics collection: 0
[  221.665305][   T41] usb 1-1: USB disconnect, device number 14
[  221.672388][   T22] kaweth 2-1:0.0: Multicast filter limit: 0
[  221.681725][   T22] kaweth 2-1:0.0: MTU: 0
[  221.690002][   T22] kaweth 2-1:0.0: Read MAC address 00:00:00:00:00:00
[  221.791119][ T6659] loop3: detected capacity change from 0 to 8192
[  221.827422][ T6659] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  221.845823][ T6659] REISERFS warning (device loop3): sh-2012 read_super_block: found unknown format "1282" of reiserfs with non-standard magic
[  221.892094][ T6659] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
[  221.903730][ T4723] udevd[4723]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  221.954601][   T22] kaweth 2-1:0.0: Error setting SOFS wait
[  221.960423][   T22] kaweth: probe of 2-1:0.0 failed with error -5
[  221.999772][ T3682] I/O error, dev loop3, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  222.002823][   T22] usb 2-1: USB disconnect, device number 6
[  224.554172][ T6659] loop3: detected capacity change from 0 to 32768
[  224.662416][ T6659] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 scanned by syz.3.855 (6659)
[  225.174424][ T3622] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  225.557595][ T3622] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  225.579690][ T3622] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  225.612954][ T3622] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  225.642321][ T3622] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.706373][ T6705] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  226.904346][ T3552] Bluetooth: hci4: command 0x0406 tx timeout
[  226.985848][ T1148] usb 2-1: USB disconnect, device number 7
[  227.208919][ T6746] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  227.717805][ T6746] syz.0.879 (6746) used greatest stack depth: 18936 bytes left
[  230.024074][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  230.040926][ T6802] syz.0.895 sent an empty control message without MSG_MORE.
[  230.217609][ T3556] Bluetooth: hci1: Malformed Event: 0x02
[  230.866621][ T6823] libceph: resolve 'c8' (ret=-3): failed
[  231.179072][   T41] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  231.584534][   T41] usb 3-1: unable to get BOS descriptor or descriptor too short
[  231.634569][   T41] usb 3-1: not running at top speed; connect to a high speed hub
[  231.728673][   T41] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  231.914368][   T41] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  231.923552][   T41] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.932309][   T41] usb 3-1: Product: syz
[  231.936651][   T41] usb 3-1: Manufacturer: syz
[  231.941312][   T41] usb 3-1: SerialNumber: syz
[  232.487733][ T6859] Bluetooth: hci3: Frame reassembly failed (-84)
[  232.528862][ T3738] Bluetooth: hci3: Frame reassembly failed (-84)
[  233.258882][   T26] audit: type=1326 audit(1719941570.962:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.4.920" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x0
[  233.923773][ T6885] kAFS: unparsable volume name
[  234.574797][ T3552] Bluetooth: hci3: command 0x1003 tx timeout
[  234.615751][ T3556] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  234.758354][   T41] usb 3-1: USB disconnect, device number 13
[  235.908808][ T6919] netlink: 8 bytes leftover after parsing attributes in process `syz.3.934'.
[  235.918384][ T6919] IPVS: Error joining to the multicast group
[  235.946633][ T6919] loop3: detected capacity change from 0 to 256
[  237.099763][ T6932] netlink: 15487 bytes leftover after parsing attributes in process `syz.3.937'.
[  238.525955][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.3.946'.
[  240.655522][   T26] audit: type=1326 audit(1719941578.362:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6972 comm="syz.0.952" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd62e375f19 code=0x0
[  240.877934][   T26] audit: type=1326 audit(1719941578.582:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.4.955" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x0
[  240.983878][   T26] audit: type=1326 audit(1719941578.682:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.4.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  240.987782][ T6988] netlink: 'syz.4.955': attribute type 27 has an invalid length.
[  241.038147][ T6988] device lo entered promiscuous mode
[  241.059350][   T26] audit: type=1326 audit(1719941578.682:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.4.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  241.096476][ T6988] device tunl0 entered promiscuous mode
[  241.103000][ T6988] device gre0 entered promiscuous mode
[  241.156404][   T26] audit: type=1326 audit(1719941578.682:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.4.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  241.200420][ T6988] device gretap0 entered promiscuous mode
[  241.216179][ T6988] device erspan0 entered promiscuous mode
[  241.227689][ T6988] device ip_vti0 entered promiscuous mode
[  241.250039][ T6988] device ip6_vti0 entered promiscuous mode
[  241.256200][   T26] audit: type=1326 audit(1719941578.682:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.4.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  241.276501][ T6988] device sit0 entered promiscuous mode
[  241.308263][ T6988] device ip6tnl0 entered promiscuous mode
[  241.323873][ T6988] device ip6gre0 entered promiscuous mode
[  241.326749][   T26] audit: type=1326 audit(1719941578.682:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.4.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  241.343713][ T6988] device syz_tun entered promiscuous mode
[  241.371285][   T26] audit: type=1326 audit(1719941578.682:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.4.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  241.381609][ T6988] device ip6gretap0 entered promiscuous mode
[  241.439570][ T6988] device bridge0 entered promiscuous mode
[  241.469279][ T6988] device vcan0 entered promiscuous mode
[  241.483915][   T26] audit: type=1326 audit(1719941578.682:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.4.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  241.495288][ T6988] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  241.515979][   T26] audit: type=1326 audit(1719941578.682:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6985 comm="syz.4.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  241.532595][ T6988] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  241.560805][ T6988] device bond0 entered promiscuous mode
[  241.573207][ T6988] device bond_slave_0 entered promiscuous mode
[  241.598118][ T6988] device bond_slave_1 entered promiscuous mode
[  241.615413][ T6988] device macvlan0 entered promiscuous mode
[  241.630386][ T6988] 8021q: adding VLAN 0 to HW filter on device bond0
[  241.646460][ T6988] device team0 entered promiscuous mode
[  241.658948][ T6988] device team_slave_0 entered promiscuous mode
[  241.843195][ T6988] device team_slave_1 entered promiscuous mode
[  241.871350][ T6988] 8021q: adding VLAN 0 to HW filter on device team0
[  241.887110][ T6988] device dummy0 entered promiscuous mode
[  241.904778][ T6988] device nlmon0 entered promiscuous mode
[  241.911710][ T6988] device caif0 entered promiscuous mode
[  241.927684][ T6988] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  243.887089][ T7032] overlayfs: failed to resolve './file1': -2
[  243.891524][ T7024] loop2: detected capacity change from 0 to 8192
[  244.034396][ T7024] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  244.071371][ T7024] REISERFS warning (device loop2): sh-2012 read_super_block: found unknown format "1282" of reiserfs with non-standard magic
[  244.084879][ T7024] REISERFS warning (device loop2): sh-2021 reiserfs_fill_super: can not find reiserfs on loop2
[  244.482792][   T14] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.249470][ T7076] overlayfs: failed to resolve './file1': -2
[  247.599042][ T3556] Bluetooth: hci1: Malformed Event: 0x02
[  247.996755][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  249.205822][ T7127] overlayfs: failed to resolve './file1': -2
[  249.935523][ T7136] netlink: 'syz.2.989': attribute type 1 has an invalid length.
[  250.186115][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  250.426706][ T7148] loop4: detected capacity change from 0 to 2048
[  250.740401][ T7148] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  250.813736][ T7148] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038 (0x7fffffff)
[  251.065167][ T7148] EXT4-fs (loop4): unmounting filesystem.
[  252.025007][ T7166] overlayfs: failed to resolve './file0': -2
[  253.540848][ T7194] loop2: detected capacity change from 0 to 8192
[  254.069354][ T7194] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  254.124707][ T7194] REISERFS warning (device loop2): sh-2012 read_super_block: found unknown format "1282" of reiserfs with non-standard magic
[  254.155992][ T7194] REISERFS warning (device loop2): sh-2021 reiserfs_fill_super: can not find reiserfs on loop2
[  254.372965][ T7213] overlayfs: failed to resolve './file0': -2
[  254.774909][ T7230] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1027'.
[  255.535894][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  255.542216][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  257.604052][ T7264] overlayfs: failed to resolve './file0': -2
[  257.828263][ T7272] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1039'.
[  258.030307][ T7276] libceph: resolve 'c8' (ret=-3): failed
[  259.084340][   T22] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[  259.153080][ T7292] loop4: detected capacity change from 0 to 8192
[  259.198359][ T7292] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  259.253275][ T7292] REISERFS warning (device loop4): sh-2012 read_super_block: found unknown format "1282" of reiserfs with non-standard magic
[  259.270911][ T7292] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4
[  259.484468][   T22] usb 4-1: unable to get BOS descriptor or descriptor too short
[  259.524343][   T22] usb 4-1: not running at top speed; connect to a high speed hub
[  259.614380][   T22] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  260.026279][   T22] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  260.055062][   T22] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.063125][   T22] usb 4-1: Product: syz
[  260.068157][   T22] usb 4-1: Manufacturer: syz
[  260.072778][   T22] usb 4-1: SerialNumber: syz
[  260.516277][ T7315] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  260.713178][ T7318] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  260.779436][ T3552] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  260.790162][ T3552] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  260.798370][ T3552] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  260.808151][ T3552] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  260.817413][ T3552] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  260.830078][ T7322] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1052'.
[  260.833495][ T3552] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  260.852057][ T7276] Bluetooth: hci2: Frame reassembly failed (-84)
[  261.238360][ T7317] chnl_net:caif_netlink_parms(): no params data found
[  261.973695][ T7317] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.986982][ T7317] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.000974][ T7317] device bridge_slave_0 entered promiscuous mode
[  262.015066][ T7317] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.022228][ T7317] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.030621][ T7317] device bridge_slave_1 entered promiscuous mode
[  262.067770][ T7317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  262.079262][ T7317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  262.112003][ T7317] team0: Port device team_slave_0 added
[  262.120060][ T7317] team0: Port device team_slave_1 added
[  262.144352][ T7317] batman_adv: batadv0: Adding interface: batadv_slave_0
[  262.151299][ T7317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  262.194383][ T7317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  262.229773][ T7317] batman_adv: batadv0: Adding interface: batadv_slave_1
[  262.244166][ T7317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  262.304317][ T7317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  262.438463][ T7317] device hsr_slave_0 entered promiscuous mode
[  262.447349][ T7317] device hsr_slave_1 entered promiscuous mode
[  262.463820][ T7317] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  262.483398][ T7317] Cannot create hsr debugfs directory
[  262.894342][ T3552] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  262.894419][ T3562] Bluetooth: hci2: command 0x1003 tx timeout
[  262.908379][ T3556] Bluetooth: hci3: command tx timeout
[  262.987467][   T22] usb 4-1: USB disconnect, device number 10
[  263.034553][ T7317] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.058507][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  263.058552][   T26] audit: type=1326 audit(1719941600.762:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.3.1059" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x0
[  263.151121][ T7317] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.162810][   T26] audit: type=1326 audit(1719941600.852:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.3.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  263.190334][   T26] audit: type=1326 audit(1719941600.852:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.3.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  263.194486][ T7351] netlink: 'syz.3.1059': attribute type 27 has an invalid length.
[  263.212792][   T26] audit: type=1326 audit(1719941600.852:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.3.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  263.352047][   T26] audit: type=1326 audit(1719941600.852:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.3.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  263.369776][ T7351] device lo entered promiscuous mode
[  263.422418][ T7351] device tunl0 entered promiscuous mode
[  263.433867][ T7351] device gre0 entered promiscuous mode
[  263.434310][   T26] audit: type=1326 audit(1719941600.852:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.3.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  263.450719][ T7351] device gretap0 entered promiscuous mode
[  263.519736][ T7351] device erspan0 entered promiscuous mode
[  263.524270][   T26] audit: type=1326 audit(1719941600.852:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.3.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  263.535320][ T7351] device ip_vti0 entered promiscuous mode
[  263.564920][ T7356] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1062'.
[  263.576586][ T7351] device ip6_vti0 entered promiscuous mode
[  263.583236][ T7351] device sit0 entered promiscuous mode
[  263.589740][   T26] audit: type=1326 audit(1719941600.852:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.3.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  263.610862][ T7351] device ip6tnl0 entered promiscuous mode
[  263.630306][ T7351] device ip6gre0 entered promiscuous mode
[  263.649679][ T7351] device syz_tun entered promiscuous mode
[  263.674393][   T26] audit: type=1326 audit(1719941600.852:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.3.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  263.674994][ T7351] device ip6gretap0 entered promiscuous mode
[  263.730364][   T26] audit: type=1326 audit(1719941600.852:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.3.1059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  263.773421][ T7351] device bridge0 entered promiscuous mode
[  263.802115][ T7351] device vcan0 entered promiscuous mode
[  263.853731][ T7351] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  263.874701][ T7351] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  263.916551][ T7351] device bond0 entered promiscuous mode
[  263.922601][ T7351] device bond_slave_0 entered promiscuous mode
[  263.929489][ T7351] device bond_slave_1 entered promiscuous mode
[  263.937902][ T7351] device team0 entered promiscuous mode
[  263.943462][ T7351] device team_slave_0 entered promiscuous mode
[  263.949799][ T7351] device team_slave_1 entered promiscuous mode
[  263.957247][ T7351] device dummy0 entered promiscuous mode
[  263.963720][ T7351] device nlmon0 entered promiscuous mode
[  264.114562][ T7351] device caif0 entered promiscuous mode
[  264.124759][ T7351] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  264.647245][ T7317] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.847482][ T7317] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.995333][ T3552] Bluetooth: hci3: command tx timeout
[  265.590571][ T7374] Device name cannot be null; rc = [-22]
[  266.657529][ T7317] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  266.711936][ T7317] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  266.771626][ T7317] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  266.795514][ T7317] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  266.895283][ T7388] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1072'.
[  266.963744][ T7317] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.011966][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  267.064645][ T3552] Bluetooth: hci3: command tx timeout
[  267.755523][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  267.768505][ T7317] 8021q: adding VLAN 0 to HW filter on device team0
[  267.924476][ T7396] netlink: 'syz.3.1074': attribute type 27 has an invalid length.
[  267.977251][ T7396] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  267.996465][ T7396] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  268.035029][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  268.070855][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  268.083544][ T3604] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.090733][ T3604] bridge0: port 1(bridge_slave_0) entered forwarding state
[  268.111137][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  268.152325][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  268.170341][ T3604] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.177507][ T3604] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.200119][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  268.208971][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  268.227033][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  268.252147][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  268.263068][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  268.290714][ T7317] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  268.313681][ T7317] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  268.345118][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  268.370214][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  268.385582][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  268.399388][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  268.428368][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  268.445072][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  268.463683][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  268.478368][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  269.154478][ T3552] Bluetooth: hci3: command tx timeout
[  269.498908][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  269.524139][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  269.544047][ T7317] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.603762][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  270.615107][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  270.654814][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  270.673236][ T3604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  270.695608][ T7317] device veth0_vlan entered promiscuous mode
[  270.712935][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  270.720863][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  270.741413][ T7317] device veth1_vlan entered promiscuous mode
[  270.783263][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  270.842964][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  270.860404][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  270.892413][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  270.957216][ T7317] device veth0_macvtap entered promiscuous mode
[  271.005701][ T7317] device veth1_macvtap entered promiscuous mode
[  271.053461][ T7451] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  271.176104][ T7317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.186588][ T7317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.239155][ T7317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.275538][ T7317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.285458][ T7317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.296395][ T7317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.306289][ T7317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.316735][ T7317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.334253][ T7317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.345873][ T7317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.373677][ T7317] batman_adv: batadv0: Interface activated: batadv_slave_0
[  271.383667][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  271.402886][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  271.411516][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  271.420469][ T7460] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1094'.
[  271.420500][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  271.541007][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  272.236613][ T7317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.345087][ T7317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.359403][ T7317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.385458][ T7317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.397442][ T7317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.407951][ T7317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.417859][ T7317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.428432][ T7317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.438333][ T7317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.449653][ T7317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.497440][ T7476] libceph: resolve 'c8' (ret=-3): failed
[  272.522607][ T7317] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.542521][ T7317] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.560831][ T7317] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.571957][ T7317] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.597581][ T7317] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.773105][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  272.775262][ T3604] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  272.789096][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  273.070739][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.150256][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.234568][ T3604] usb 5-1: unable to get BOS descriptor or descriptor too short
[  273.304812][ T3604] usb 5-1: not running at top speed; connect to a high speed hub
[  273.468822][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  273.503217][ T3740] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.534670][ T3604] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  273.536639][ T3740] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.566971][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  274.024379][ T3604] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  274.033458][ T3604] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.054338][ T3604] usb 5-1: Product: syz
[  274.058523][ T3604] usb 5-1: Manufacturer: syz
[  274.063120][ T3604] usb 5-1: SerialNumber: syz
[  274.261198][ T7500] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1107'.
[  274.639254][ T3740] Bluetooth: hci2: Frame reassembly failed (-84)
[  274.647225][ T7511] Bluetooth: hci2: Frame reassembly failed (-84)
[  274.648204][ T3622] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.860303][ T7528] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  275.874779][ T7528] Error parsing options; rc = [-22]
[  276.654631][ T3562] Bluetooth: hci2: command 0x1003 tx timeout
[  276.662509][ T3552] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  276.670091][   T22] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  276.997742][ T7539] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1119'.
[  277.804296][   T22] usb 2-1: Using ep0 maxpacket: 8
[  277.924424][   T22] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  277.932657][   T22] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  278.135857][   T22] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  278.146362][   T22] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  278.156630][   T22] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  278.170292][   T22] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  278.179716][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.384479][   T22] usb 2-1: can't set config #16, error -71
[  278.398446][   T22] usb 2-1: USB disconnect, device number 8
[  278.628143][ T3604] usb 5-1: USB disconnect, device number 6
[  279.720905][ T7569] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  279.734085][ T7569] Error parsing options; rc = [-22]
[  280.766072][ T7582] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  280.892924][ T7586] libceph: resolve 'c8' (ret=-3): failed
[  281.394286][ T3588] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  282.294884][ T3588] usb 3-1: unable to get BOS descriptor or descriptor too short
[  282.384475][ T3588] usb 3-1: not running at top speed; connect to a high speed hub
[  282.424879][ T7611] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1146'.
[  282.484541][ T3588] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  282.837323][ T3588] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  282.846497][ T3588] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.855271][ T3588] usb 3-1: Product: syz
[  282.859522][ T3588] usb 3-1: Manufacturer: syz
[  282.864147][ T3588] usb 3-1: SerialNumber: syz
[  283.404084][ T7634] Bluetooth: hci2: Frame reassembly failed (-84)
[  283.410589][ T5965] Bluetooth: hci2: Frame reassembly failed (-84)
[  285.507171][ T3556] Bluetooth: hci2: command 0x1003 tx timeout
[  285.513946][ T3552] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  286.054395][ T7659] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  286.447514][ T3588] usb 3-1: USB disconnect, device number 14
[  287.388947][ T3593] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  287.770808][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  287.871123][ T7691] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1171'.
[  288.104375][ T3593] usb 4-1: Using ep0 maxpacket: 8
[  288.222790][ T7699] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  288.254558][ T3593] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  288.283374][ T3593] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  288.334400][ T3552] Bluetooth: hci5: command 0x0406 tx timeout
[  288.358418][ T3593] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  288.409815][ T3593] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  288.450544][ T3593] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  288.543257][ T3593] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  288.624275][ T3593] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.934464][ T3593] usb 4-1: usb_control_msg returned -71
[  288.950278][ T3593] usbtmc 4-1:16.0: can't read capabilities
[  288.991519][ T3593] usb 4-1: USB disconnect, device number 11
[  290.841059][ T7734] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  291.455629][   T41] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  292.425669][   T41] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  292.478325][   T41] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  292.524392][   T22] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  292.664452][   T41] usb 4-1: New USB device found, idVendor=056a, idProduct=00dd, bcdDevice= 0.00
[  292.774618][   T41] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.794308][   T22] usb 3-1: Using ep0 maxpacket: 8
[  292.828482][   T41] usb 4-1: config 0 descriptor??
[  292.886418][   T41] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  293.075267][   T22] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  293.083582][   T22] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  293.124268][   T22] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  293.134021][   T22] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  293.144847][   T22] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  293.158034][   T22] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  293.174379][   T22] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.209594][ T3604] usb 4-1: USB disconnect, device number 12
[  293.464362][   T22] usb 3-1: usb_control_msg returned -71
[  293.469965][   T22] usbtmc 3-1:16.0: can't read capabilities
[  293.515515][   T22] usb 3-1: USB disconnect, device number 15
[  293.591318][ T7772] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  294.194068][   T26] kauditd_printk_skb: 49 callbacks suppressed
[  294.194086][   T26] audit: type=1326 audit(1719941631.892:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7782 comm="syz.3.1205" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x0
[  294.300562][ T7786] netlink: 'syz.3.1205': attribute type 27 has an invalid length.
[  294.308552][   T26] audit: type=1326 audit(1719941632.002:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7782 comm="syz.3.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  294.364364][ T7786] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  294.383422][ T7786] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  294.396538][ T7786] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  294.414038][   T26] audit: type=1326 audit(1719941632.002:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7782 comm="syz.3.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  294.453094][   T26] audit: type=1326 audit(1719941632.002:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7782 comm="syz.3.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  294.505930][   T26] audit: type=1326 audit(1719941632.002:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7782 comm="syz.3.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  294.551991][   T26] audit: type=1326 audit(1719941632.002:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7782 comm="syz.3.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  294.575027][   T26] audit: type=1326 audit(1719941632.002:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7782 comm="syz.3.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  294.614583][   T26] audit: type=1326 audit(1719941632.002:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7782 comm="syz.3.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  294.693718][   T26] audit: type=1326 audit(1719941632.002:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7782 comm="syz.3.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  294.914781][   T26] audit: type=1326 audit(1719941632.002:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7782 comm="syz.3.1205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  295.622662][ T7805] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  296.759682][ T3552] Bluetooth: hci3: Malformed Event: 0x02
[  296.884360][ T3588] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  296.948141][ T7839] loop2: detected capacity change from 0 to 2048
[  297.014127][ T7839] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  297.065307][ T7839] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038 (0x7fffffff)
[  297.354584][ T7317] EXT4-fs (loop2): unmounting filesystem.
[  297.457762][ T7859] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1229'.
[  297.468029][ T7859] IPVS: Error joining to the multicast group
[  297.491369][ T7859] loop4: detected capacity change from 0 to 256
[  298.425430][ T7871] mmap: syz.2.1230 (7871) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  298.485158][ T3588] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  298.616233][ T3588] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  298.950119][ T3588] usb 1-1: New USB device found, idVendor=056a, idProduct=00dd, bcdDevice= 0.00
[  298.978645][ T3588] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.000021][ T3588] usb 1-1: config 0 descriptor??
[  299.046566][ T3588] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  299.298788][ T3589] usb 1-1: USB disconnect, device number 15
[  299.385749][  T152] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  299.428990][ T7886] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1240'.
[  299.621047][ T7893] loop4: detected capacity change from 0 to 2048
[  299.624305][  T152] usb 4-1: Using ep0 maxpacket: 16
[  299.695491][ T7893] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  299.715162][ T7893] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038 (0x7fffffff)
[  299.795683][ T4243] EXT4-fs (loop4): unmounting filesystem.
[  299.914474][  T152] usb 4-1: New USB device found, idVendor=0557, idProduct=4000, bcdDevice=53.e0
[  299.924977][  T152] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.933582][  T152] usb 4-1: Product: syz
[  299.937926][  T152] usb 4-1: Manufacturer: syz
[  300.204423][  T152] usb 4-1: SerialNumber: syz
[  300.218622][  T152] usb 4-1: config 0 descriptor??
[  300.513544][  T152] kaweth 4-1:0.0: Firmware present in device.
[  300.730595][  T152] kaweth 4-1:0.0: Statistics collection: 0
[  300.754256][  T152] kaweth 4-1:0.0: Multicast filter limit: 0
[  300.781353][  T152] kaweth 4-1:0.0: MTU: 0
[  300.786170][ T3552] Bluetooth: hci3: Malformed Event: 0x02
[  300.801349][  T152] kaweth 4-1:0.0: Read MAC address 00:00:00:00:00:00
[  300.900416][ T7933] loop2: detected capacity change from 0 to 2048
[  300.936236][ T7933] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  300.961436][ T7933] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038 (0x7fffffff)
[  301.004519][ T7937] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1258'.
[  301.404749][  T152] kaweth 4-1:0.0: Error setting receive filter
[  301.431224][  T152] kaweth: probe of 4-1:0.0 failed with error -5
[  301.553326][  T152] usb 4-1: USB disconnect, device number 13
[  301.816084][ T7317] EXT4-fs (loop2): unmounting filesystem.
[  302.100788][ T7954] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1222729745 (39127351840 ns) > initial count (25964891200 ns). Using initial count to start timer.
[  302.647010][ T3552] Bluetooth: hci1: Malformed Event: 0x02
[  303.914369][ T8004] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1222729745 (39127351840 ns) > initial count (25964891200 ns). Using initial count to start timer.
[  304.127776][ T3552] Bluetooth: hci4: Malformed Event: 0x02
[  304.208897][ T8016] loop3: detected capacity change from 0 to 2048
[  304.290422][ T8016] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  304.305927][ T8016] ext4 filesystem being mounted at /229/file0 supports timestamps until 2038 (0x7fffffff)
[  304.328476][ T8016] EXT4-fs (loop3): unmounting filesystem.
[  304.698831][ T8037] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1290'.
[  305.349491][ T8057] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1298'.
[  305.791063][ T3552] Bluetooth: hci1: Malformed Event: 0x02
[  307.320292][   T41] kernel write not supported for file /snd/seq (pid: 41 comm: kworker/1:1)
[  309.502542][   T22] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  309.864504][   T22] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  309.881595][   T22] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  309.901962][   T22] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  309.922160][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.965208][ T8118] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  309.970129][ T3593] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  310.212430][ T8118] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  310.235850][ T8118] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  310.250628][ T3593] usb 4-1: Using ep0 maxpacket: 16
[  310.260764][  T152] usb 2-1: USB disconnect, device number 9
[  310.554562][ T3593] usb 4-1: New USB device found, idVendor=0557, idProduct=4000, bcdDevice=53.e0
[  310.563678][ T3593] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.571742][ T3593] usb 4-1: Product: syz
[  310.577262][ T3593] usb 4-1: Manufacturer: syz
[  310.581876][ T3593] usb 4-1: SerialNumber: syz
[  310.598330][ T3593] usb 4-1: config 0 descriptor??
[  310.866228][ T3593] kaweth 4-1:0.0: Firmware present in device.
[  311.094375][ T3593] kaweth 4-1:0.0: Statistics collection: 0
[  311.100404][ T3593] kaweth 4-1:0.0: Multicast filter limit: 0
[  311.113100][ T3593] kaweth 4-1:0.0: MTU: 0
[  311.117897][ T3593] kaweth 4-1:0.0: Read MAC address 00:00:00:00:00:00
[  311.287616][ T8156] loop4: detected capacity change from 0 to 256
[  312.734494][ T3593] kaweth 4-1:0.0: Error setting receive filter
[  312.740771][ T3593] kaweth: probe of 4-1:0.0 failed with error -5
[  312.768768][ T3593] usb 4-1: USB disconnect, device number 14
[  314.027169][ T8203] bridge0: port 3(erspan0) entered blocking state
[  314.033730][ T8203] bridge0: port 3(erspan0) entered disabled state
[  314.041860][ T8203] bridge0: port 3(erspan0) entered blocking state
[  314.048376][ T8203] bridge0: port 3(erspan0) entered forwarding state
[  314.069001][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  314.099424][   T14] kernel write not supported for file /snd/seq (pid: 14 comm: kworker/0:1)
[  315.323338][ T8236] bridge0: port 3(erspan0) entered blocking state
[  315.330215][ T8236] bridge0: port 3(erspan0) entered disabled state
[  315.345783][ T8236] bridge0: port 3(erspan0) entered blocking state
[  315.352274][ T8236] bridge0: port 3(erspan0) entered forwarding state
[  316.995367][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  317.001678][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  320.262277][ T8343] bridge0: port 3(erspan0) entered blocking state
[  320.269073][ T8343] bridge0: port 3(erspan0) entered disabled state
[  320.280196][ T8343] device erspan0 entered promiscuous mode
[  320.288427][ T8343] bridge0: port 3(erspan0) entered blocking state
[  320.294945][ T8343] bridge0: port 3(erspan0) entered forwarding state
[  321.402636][ T8370] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  321.441073][ T8370] device syzkaller0 entered promiscuous mode
[  324.039251][ T8410] Driver unsupported XDP return value 0 on prog  (id 50) dev N/A, expect packet loss!
[  326.357764][ T8452] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  326.413506][ T8452] device syzkaller0 entered promiscuous mode
[  328.029069][ T3552] Bluetooth: hci1: Malformed Event: 0x02
[  329.185941][ T3552] Bluetooth: hci5: Malformed Event: 0x02
[  329.297441][ T8527] loop1: detected capacity change from 0 to 2048
[  329.360585][ T8527] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  329.370933][ T8527] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038 (0x7fffffff)
[  329.382822][ T8527] EXT4-fs (loop1): unmounting filesystem.
[  329.881905][ T8535] loop1: detected capacity change from 0 to 256
[  330.671838][ T8488] bridge0: port 3(erspan0) entered blocking state
[  330.678409][ T8488] bridge0: port 3(erspan0) entered disabled state
[  330.686358][ T8488] bridge0: port 3(erspan0) entered blocking state
[  330.692791][ T8488] bridge0: port 3(erspan0) entered forwarding state
[  330.784622][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  332.324002][ T8569] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1489'.
[  332.336025][ T8569] IPVS: Error joining to the multicast group
[  332.347814][ T8569] loop2: detected capacity change from 0 to 256
[  335.616288][ T8617] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1501'.
[  335.626669][ T8617] IPVS: Error joining to the multicast group
[  337.064315][  T152] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  337.144715][   T41] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  337.274335][  T152] usb 5-1: device descriptor read/64, error -71
[  337.508492][   T41] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  337.585050][   T41] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  337.595852][  T152] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  337.774095][   T41] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  337.817464][   T41] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.836416][  T152] usb 5-1: device descriptor read/64, error -71
[  338.018729][  T152] usb usb5-port1: attempt power cycle
[  338.044656][ T8638] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  338.434327][  T152] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  338.565075][  T152] usb 5-1: device descriptor read/8, error -71
[  338.777209][ T8638] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  338.887837][ T8638] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.916760][  T152] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  338.985846][ T3604] usb 4-1: USB disconnect, device number 15
[  339.024764][  T152] usb 5-1: device descriptor read/8, error -71
[  339.144789][  T152] usb usb5-port1: unable to enumerate USB device
[  341.844325][  T152] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  342.034350][  T152] usb 2-1: device descriptor read/64, error -71
[  342.304252][  T152] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  342.504478][  T152] usb 2-1: device descriptor read/64, error -71
[  342.625246][  T152] usb usb2-port1: attempt power cycle
[  343.035278][  T152] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  343.174841][  T152] usb 2-1: device descriptor read/8, error -71
[  343.601451][  T152] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  343.775393][  T152] usb 2-1: device descriptor read/8, error -71
[  343.906753][  T152] usb usb2-port1: unable to enumerate USB device
[  347.163637][   T26] kauditd_printk_skb: 26 callbacks suppressed
[  347.163652][   T26] audit: type=1326 audit(1719941684.862:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8793 comm="syz.3.1553" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x0
[  350.232964][ T3593] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  350.510083][ T3593] usb 3-1: Using ep0 maxpacket: 16
[  350.834403][ T3593] usb 3-1: New USB device found, idVendor=0557, idProduct=4000, bcdDevice=53.e0
[  350.847644][ T3593] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.856770][ T3593] usb 3-1: Product: syz
[  350.860973][ T3593] usb 3-1: Manufacturer: syz
[  350.869424][ T3593] usb 3-1: SerialNumber: syz
[  350.876266][ T3593] usb 3-1: config 0 descriptor??
[  351.161699][ T3593] kaweth 3-1:0.0: Firmware present in device.
[  351.215557][ T3593] kaweth 3-1:0.0: Error reading configuration (-71), no net device created
[  351.236457][ T3593] kaweth: probe of 3-1:0.0 failed with error -5
[  351.280281][ T3593] usb 3-1: USB disconnect, device number 16
[  351.561260][ T8848] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  353.125999][ T3712] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.661536][ T3712] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.798339][ T3712] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.834357][ T3593] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  353.878067][ T3712] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.094522][ T3593] usb 3-1: Using ep0 maxpacket: 16
[  354.394623][ T3593] usb 3-1: New USB device found, idVendor=0557, idProduct=4000, bcdDevice=53.e0
[  354.423769][ T3593] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.455107][ T3556] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  354.465185][ T3556] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  354.473109][ T3556] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  354.481413][ T3593] usb 3-1: Product: syz
[  354.486790][ T3556] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  354.492804][ T3593] usb 3-1: Manufacturer: syz
[  354.499525][ T3556] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  354.511881][ T3556] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  354.534260][ T3593] usb 3-1: SerialNumber: syz
[  354.581130][ T3593] usb 3-1: config 0 descriptor??
[  354.884380][ T3593] kaweth 3-1:0.0: Firmware present in device.
[  355.094397][ T3593] kaweth 3-1:0.0: Error reading configuration (-32), no net device created
[  355.105576][ T3593] kaweth: probe of 3-1:0.0 failed with error -5
[  355.226683][ T8898] chnl_net:caif_netlink_parms(): no params data found
[  356.130831][ T3623] usb 3-1: USB disconnect, device number 17
[  356.647824][ T3556] Bluetooth: hci2: command tx timeout
[  357.234398][ T8898] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.288348][ T8898] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.315305][ T8898] device bridge_slave_0 entered promiscuous mode
[  357.353273][ T8898] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.390483][ T8898] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.415193][ T8952] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  357.449257][ T8898] device bridge_slave_1 entered promiscuous mode
[  357.624319][ T8898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  357.689147][ T3712] device hsr_slave_0 left promiscuous mode
[  357.726263][ T3712] device hsr_slave_1 left promiscuous mode
[  357.753576][ T3712] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  357.763574][ T3712] batman_adv: batadv0: Removing interface: batadv_slave_0
[  357.796366][ T3712] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  357.803997][ T3712] batman_adv: batadv0: Removing interface: batadv_slave_1
[  357.826193][ T3712] device bridge_slave_1 left promiscuous mode
[  357.832409][ T3712] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.891130][ T3712] device bridge_slave_0 left promiscuous mode
[  357.931363][ T3712] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.072689][ T3712] device veth1_macvtap left promiscuous mode
[  358.081890][ T3712] device veth0_macvtap left promiscuous mode
[  358.094556][ T3712] device veth1_vlan left promiscuous mode
[  358.108869][ T3712] device veth0_vlan left promiscuous mode
[  358.744512][ T3552] Bluetooth: hci2: command tx timeout
[  360.519789][ T3712] device team_slave_1 left promiscuous mode
[  360.754268][ T3712] team0 (unregistering): Port device team_slave_1 removed
[  361.149328][ T3712] device team_slave_0 left promiscuous mode
[  361.152787][ T3552] Bluetooth: hci2: command tx timeout
[  361.206006][ T3712] team0 (unregistering): Port device team_slave_0 removed
[  361.335164][ T3712] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  361.354564][ T3712] device bond_slave_1 left promiscuous mode
[  361.440869][ T3712] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  361.477682][ T3712] device bond_slave_0 left promiscuous mode
[  362.940324][ T3712] bond0 (unregistering): Released all slaves
[  363.155537][ T8898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  363.233103][ T3552] Bluetooth: hci2: command tx timeout
[  363.296513][ T8898] team0: Port device team_slave_0 added
[  363.491456][ T8898] team0: Port device team_slave_1 added
[  364.078372][ T8898] batman_adv: batadv0: Adding interface: batadv_slave_0
[  364.093133][ T8898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  364.133783][ T8898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  364.151966][ T8898] batman_adv: batadv0: Adding interface: batadv_slave_1
[  364.164221][ T8898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  364.278547][ T8898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  365.136276][ T8898] device hsr_slave_0 entered promiscuous mode
[  365.235639][ T8898] device hsr_slave_1 entered promiscuous mode
[  366.820827][ T9091] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  368.263221][   T26] audit: type=1326 audit(1719941705.962:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.4.1630" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x0
[  368.460645][   T26] audit: type=1326 audit(1719941706.162:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.4.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  368.522248][ T9121] netlink: 'syz.4.1630': attribute type 27 has an invalid length.
[  368.553078][   T26] audit: type=1326 audit(1719941706.192:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.4.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  369.394750][ T9121] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  369.764258][   T26] audit: type=1326 audit(1719941706.192:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.4.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  369.787361][ T9121] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  369.830612][   T26] audit: type=1326 audit(1719941706.192:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.4.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  369.854334][ T9121] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  370.048581][ T8898] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  370.075463][   T26] audit: type=1326 audit(1719941706.192:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.4.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  370.105641][ T8898] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  370.148360][ T8898] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  370.182030][   T26] audit: type=1326 audit(1719941706.192:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.4.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  370.207964][ T8898] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  370.299141][   T26] audit: type=1326 audit(1719941706.192:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.4.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  370.425121][   T26] audit: type=1326 audit(1719941706.192:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.4.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  370.504404][ T8898] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.522429][   T26] audit: type=1326 audit(1719941706.192:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9116 comm="syz.4.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x7ffc0000
[  370.592055][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  370.625571][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  370.667096][ T8898] 8021q: adding VLAN 0 to HW filter on device team0
[  370.703647][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  370.723579][ T3623] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  370.760488][ T3623] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.767704][ T3623] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.838285][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  370.851524][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  370.881044][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  370.912618][ T3622] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.919786][ T3622] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.958618][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  370.987640][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  371.088058][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  371.112612][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  371.142340][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  371.185928][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  371.251972][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  371.282821][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  371.359673][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  371.547068][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  371.556290][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  371.566213][ T8898] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  372.878543][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  372.894691][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  372.942364][ T8898] 8021q: adding VLAN 0 to HW filter on device batadv0
[  373.003553][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  373.016881][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  373.066002][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  373.086587][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  373.098371][ T8898] device veth0_vlan entered promiscuous mode
[  373.109453][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  373.117723][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  373.138431][ T8898] device veth1_vlan entered promiscuous mode
[  373.182376][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  373.201344][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  373.214724][ T3593] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  373.231207][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  373.261552][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  373.294019][ T8898] device veth0_macvtap entered promiscuous mode
[  373.319381][ T8898] device veth1_macvtap entered promiscuous mode
[  373.412054][ T8898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.443314][ T8898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.482467][ T8898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.563598][ T8898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.630641][ T8898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.534700][ T8898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.624279][ T8898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.784413][ T3593] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  374.795566][ T3593] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  374.806655][ T3593] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  374.818735][ T3593] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.835364][   T26] kauditd_printk_skb: 32 callbacks suppressed
[  374.835377][   T26] audit: type=1326 audit(1719941712.542:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9219 comm="syz.4.1644" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f890b375f19 code=0x0
[  374.859957][ T8898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.873447][ T9193] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  374.962923][ T8898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.992493][ T8898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.036378][ T8898] batman_adv: batadv0: Interface activated: batadv_slave_0
[  375.058898][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  375.076341][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  375.101424][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  375.128569][ T9193] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.132337][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  375.138650][ T9193] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  375.176720][ T8898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.198409][ T8898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.217582][ T8898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.219105][ T3604] usb 1-1: USB disconnect, device number 16
[  375.234654][ T8898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.258408][ T8898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.292715][ T8898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.313387][ T8898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.324494][ T8898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.334442][ T8898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.345101][ T8898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.365640][ T8898] batman_adv: batadv0: Interface activated: batadv_slave_1
[  375.373527][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  375.386567][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  375.409846][ T8898] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  375.429471][ T8898] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  375.463465][ T8898] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  375.524981][ T8898] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  376.587536][ T3976] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.694724][ T3976] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.727900][ T3712] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.751577][  T152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  376.812122][ T3712] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.995636][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  378.596304][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  378.602622][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  379.136675][ T9305] device syzkaller0 entered promiscuous mode
[  385.026282][ T9399] device syzkaller0 entered promiscuous mode
[  391.220391][ T9500] device syzkaller0 entered promiscuous mode
[  395.949741][ T9550] loop4: detected capacity change from 0 to 32768
[  396.221073][ T9550] XFS (loop4): Mounting V5 Filesystem
[  396.255018][ T9563] device syzkaller0 entered promiscuous mode
[  396.689721][ T9550] XFS (loop4): Ending clean mount
[  396.837616][ T9550] XFS (loop4): Quotacheck needed: Please wait.
[  396.928677][ T9550] XFS (loop4): Quotacheck: Done.
[  397.180543][ T9577] overlayfs: failed to resolve './file0': -2
[  397.242835][ T4243] XFS (loop4): Unmounting Filesystem
[  401.866581][ T9632] loop2: detected capacity change from 0 to 32768
[  401.982020][ T9632] XFS (loop2): Mounting V5 Filesystem
[  402.121303][ T9632] XFS (loop2): Ending clean mount
[  402.140012][ T9632] XFS (loop2): Quotacheck needed: Please wait.
[  402.184948][ T9632] XFS (loop2): Quotacheck: Done.
[  402.863343][ T7317] XFS (loop2): Unmounting Filesystem
[  403.514474][ T9668] fuse: Bad value for 'fd'
[  404.034238][ T3588] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  404.434562][ T3588] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  404.457393][ T3588] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  404.504252][ T3588] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  404.534051][ T3588] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.555730][ T3588] usb 5-1: config 0 descriptor??
[  405.035740][ T3588] hid (null): invalid report_count -2003902870
[  405.068811][ T3588] lg-g15 0003:046D:C222.0001: invalid report_count -2003902870
[  405.085144][ T3588] lg-g15 0003:046D:C222.0001: item 0 4 1 9 parsing failed
[  405.099122][ T3588] lg-g15: probe of 0003:046D:C222.0001 failed with error -22
[  405.238726][ T3588] usb 5-1: USB disconnect, device number 11
[  406.074400][ T9716] libceph: resolve 'c8' (ret=-3): failed
[  406.488215][ T1148] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  407.424447][ T1148] usb 3-1: unable to get BOS descriptor or descriptor too short
[  407.464502][ T1148] usb 3-1: not running at top speed; connect to a high speed hub
[  407.559968][ T1148] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  407.894477][ T1148] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  407.903921][ T1148] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.922299][ T1148] usb 3-1: Product: syz
[  407.928570][ T1148] usb 3-1: Manufacturer: syz
[  407.933188][ T1148] usb 3-1: SerialNumber: syz
[  408.482697][ T9764] Bluetooth: hci5: Frame reassembly failed (-84)
[  408.529343][ T3738] Bluetooth: hci5: Frame reassembly failed (-84)
[  410.066974][ T9781] input: syz1 as /devices/virtual/input/input5
[  410.574528][ T3552] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  410.581111][ T3556] Bluetooth: hci5: command 0x1003 tx timeout
[  410.717607][ T1148] usb 3-1: USB disconnect, device number 18
[  423.739990][T10132] netlink: 1624 bytes leftover after parsing attributes in process `syz.0.1915'.
[  427.347632][   T26] audit: type=1326 audit(1719941765.052:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.3.1942" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x0
[  427.448772][   T26] audit: type=1326 audit(1719941765.152:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.3.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  427.534741][T10209] netlink: 'syz.3.1942': attribute type 27 has an invalid length.
[  427.623902][T10209] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  427.678198][   T26] audit: type=1326 audit(1719941765.202:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.3.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  427.703552][T10209] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  427.780063][   T26] audit: type=1326 audit(1719941765.202:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.3.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  427.821513][T10209] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  427.839976][   T26] audit: type=1326 audit(1719941765.202:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.3.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  427.911635][   T26] audit: type=1326 audit(1719941765.202:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.3.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  427.997196][   T26] audit: type=1326 audit(1719941765.202:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.3.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  428.020795][   T26] audit: type=1326 audit(1719941765.222:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.3.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  428.070330][   T26] audit: type=1326 audit(1719941765.222:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.3.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  428.599638][   T26] audit: type=1326 audit(1719941765.222:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10206 comm="syz.3.1942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8dee775f19 code=0x7ffc0000
[  429.881724][T10257] netlink: 'syz.1.1956': attribute type 27 has an invalid length.
[  429.967891][T10257] device lo entered promiscuous mode
[  430.018681][T10257] device tunl0 entered promiscuous mode
[  430.025431][T10257] device gre0 entered promiscuous mode
[  430.039859][T10257] device gretap0 entered promiscuous mode
[  430.049168][T10257] device erspan0 entered promiscuous mode
[  430.055751][T10257] device ip_vti0 entered promiscuous mode
[  430.080286][T10257] device ip6_vti0 entered promiscuous mode
[  430.103330][T10257] device sit0 entered promiscuous mode
[  430.122862][T10257] device ip6tnl0 entered promiscuous mode
[  430.149153][T10257] device ip6gre0 entered promiscuous mode
[  430.172075][T10257] device syz_tun entered promiscuous mode
[  430.215066][T10257] device ip6gretap0 entered promiscuous mode
[  430.227564][T10257] device bridge0 entered promiscuous mode
[  430.259470][T10257] device vcan0 entered promiscuous mode
[  430.384769][T10257] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  430.412567][T10257] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  430.443203][T10257] device bond0 entered promiscuous mode
[  430.696803][T10257] device bond_slave_0 entered promiscuous mode
[  430.863314][T10257] device bond_slave_1 entered promiscuous mode
[  431.071550][T10257] device team0 entered promiscuous mode
[  431.092802][T10257] device team_slave_0 entered promiscuous mode
[  431.135784][T10257] device team_slave_1 entered promiscuous mode
[  431.175846][T10257] device dummy0 entered promiscuous mode
[  431.203966][T10257] device nlmon0 entered promiscuous mode
[  431.210907][T10257] device caif0 entered promiscuous mode
[  431.217543][T10257] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  431.414500][T10281] ==================================================================
[  431.422601][T10281] BUG: KASAN: use-after-free in skb_release_head_state+0x35/0x230
[  431.430408][T10281] Read of size 8 at addr ffff888061f867d8 by task syz.0.1964/10281
[  431.438279][T10281] 
[  431.440589][T10281] CPU: 1 PID: 10281 Comm: syz.0.1964 Not tainted 6.1.96-syzkaller #0
[  431.448636][T10281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  431.458675][T10281] Call Trace:
[  431.461937][T10281]  <TASK>
[  431.464857][T10281]  dump_stack_lvl+0x1e3/0x2cb
[  431.469533][T10281]  ? nf_tcp_handle_invalid+0x642/0x642
[  431.474986][T10281]  ? panic+0x764/0x764
[  431.479045][T10281]  ? _printk+0xd1/0x111
[  431.483183][T10281]  ? __virt_addr_valid+0x17f/0x520
[  431.488280][T10281]  ? __virt_addr_valid+0x17f/0x520
[  431.493383][T10281]  print_report+0x15f/0x4f0
[  431.497873][T10281]  ? __virt_addr_valid+0x17f/0x520
[  431.502975][T10281]  ? __virt_addr_valid+0x17f/0x520
[  431.508077][T10281]  ? __virt_addr_valid+0x44a/0x520
[  431.513180][T10281]  ? __phys_addr+0xb6/0x170
[  431.517675][T10281]  ? skb_release_head_state+0x35/0x230
[  431.523130][T10281]  kasan_report+0x136/0x160
[  431.527621][T10281]  ? skb_release_head_state+0x35/0x230
[  431.533081][T10281]  skb_release_head_state+0x35/0x230
[  431.538362][T10281]  ? __hci_req_sync+0x626/0x940
[  431.543207][T10281]  kfree_skb_reason+0x13d/0x390
[  431.548051][T10281]  __hci_req_sync+0x626/0x940
[  431.552714][T10281]  ? trace_contention_end+0x61/0x170
[  431.557991][T10281]  ? hci_req_sync_complete+0x280/0x280
[  431.563442][T10281]  ? mutex_lock_nested+0x10/0x10
[  431.568378][T10281]  ? mutex_unlock+0x10/0x10
[  431.572868][T10281]  ? hci_inquiry+0x860/0x860
[  431.577449][T10281]  hci_req_sync+0xa5/0xc0
[  431.581770][T10281]  hci_inquiry+0x443/0x860
[  431.586178][T10281]  ? do_raw_spin_unlock+0x137/0x8a0
[  431.591368][T10281]  ? hci_remove_remote_oob_data+0x250/0x250
[  431.597254][T10281]  ? hci_sock_ioctl+0x538/0x850
[  431.602094][T10281]  sock_do_ioctl+0x152/0x450
[  431.606677][T10281]  ? sock_show_fdinfo+0xb0/0xb0
[  431.611516][T10281]  ? __fget_files+0x28/0x4a0
[  431.616110][T10281]  sock_ioctl+0x47f/0x770
[  431.620426][T10281]  ? sock_poll+0x410/0x410
[  431.624830][T10281]  ? __fget_files+0x28/0x4a0
[  431.629405][T10281]  ? __fget_files+0x435/0x4a0
[  431.634067][T10281]  ? __fget_files+0x28/0x4a0
[  431.638645][T10281]  ? bpf_lsm_file_ioctl+0x5/0x10
[  431.643569][T10281]  ? security_file_ioctl+0x7d/0xa0
[  431.648838][T10281]  ? sock_poll+0x410/0x410
[  431.653243][T10281]  __se_sys_ioctl+0xf1/0x160
[  431.657827][T10281]  do_syscall_64+0x3b/0xb0
[  431.662239][T10281]  ? clear_bhb_loop+0x45/0xa0
[  431.666908][T10281]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  431.672878][T10281] RIP: 0033:0x7fd62e375f19
[  431.677290][T10281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.696880][T10281] RSP: 002b:00007fd62f0a4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  431.705281][T10281] RAX: ffffffffffffffda RBX: 00007fd62e503f60 RCX: 00007fd62e375f19
[  431.713239][T10281] RDX: 0000000020000100 RSI: 00000000800448f0 RDI: 0000000000000004
[  431.721196][T10281] RBP: 00007fd62e3e4bcd R08: 0000000000000000 R09: 0000000000000000
[  431.729153][T10281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  431.737109][T10281] R13: 000000000000000b R14: 00007fd62e503f60 R15: 00007ffd13bc4858
[  431.745071][T10281]  </TASK>
[  431.748076][T10281] 
[  431.750382][T10281] Allocated by task 3552:
[  431.754687][T10281]  kasan_set_track+0x4b/0x70
[  431.759282][T10281]  __kasan_slab_alloc+0x65/0x70
[  431.764117][T10281]  slab_post_alloc_hook+0x52/0x3a0
[  431.769221][T10281]  kmem_cache_alloc+0x10c/0x2d0
[  431.774056][T10281]  skb_clone+0x1e5/0x360
[  431.778286][T10281]  hci_cmd_work+0x296/0x660
[  431.782780][T10281]  process_one_work+0x8a9/0x11d0
[  431.787703][T10281]  worker_thread+0xa47/0x1200
[  431.792364][T10281]  kthread+0x28d/0x320
[  431.796416][T10281]  ret_from_fork+0x1f/0x30
[  431.800821][T10281] 
[  431.803126][T10281] Freed by task 3552:
[  431.807087][T10281]  kasan_set_track+0x4b/0x70
[  431.811685][T10281]  kasan_save_free_info+0x27/0x40
[  431.816709][T10281]  ____kasan_slab_free+0xd6/0x120
[  431.821730][T10281]  kmem_cache_free+0x292/0x510
[  431.826497][T10281]  hci_cmd_work+0x26b/0x660
[  431.830994][T10281]  process_one_work+0x8a9/0x11d0
[  431.835925][T10281]  worker_thread+0xa47/0x1200
[  431.840604][T10281]  kthread+0x28d/0x320
[  431.844667][T10281]  ret_from_fork+0x1f/0x30
[  431.849079][T10281] 
[  431.851385][T10281] The buggy address belongs to the object at ffff888061f86780
[  431.851385][T10281]  which belongs to the cache skbuff_head_cache of size 240
[  431.865944][T10281] The buggy address is located 88 bytes inside of
[  431.865944][T10281]  240-byte region [ffff888061f86780, ffff888061f86870)
[  431.879210][T10281] 
[  431.881522][T10281] The buggy address belongs to the physical page:
[  431.887926][T10281] page:ffffea000187e180 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61f86
[  431.898153][T10281] memcg:ffff88802130d101
[  431.902374][T10281] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[  431.909916][T10281] raw: 00fff00000000200 ffffea0001771f40 dead000000000002 ffff888013a40500
[  431.918486][T10281] raw: 0000000000000000 00000000000c000c 00000001ffffffff ffff88802130d101
[  431.927051][T10281] page dumped because: kasan: bad access detected
[  431.933450][T10281] page_owner tracks the page as allocated
[  431.939145][T10281] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 41, tgid 41 (kworker/1:1), ts 122814929169, free_ts 121804774313
[  431.958578][T10281]  post_alloc_hook+0x18d/0x1b0
[  431.963329][T10281]  get_page_from_freelist+0x31a1/0x3320
[  431.968859][T10281]  __alloc_pages+0x28d/0x770
[  431.973432][T10281]  alloc_slab_page+0x6a/0x150
[  431.978099][T10281]  new_slab+0x84/0x2d0
[  431.982155][T10281]  ___slab_alloc+0xc20/0x1270
[  431.986816][T10281]  kmem_cache_alloc_node+0x1cf/0x310
[  431.992128][T10281]  __alloc_skb+0xde/0x670
[  431.996450][T10281]  nsim_dev_trap_report_work+0x24c/0xa90
[  432.002069][T10281]  process_one_work+0x8a9/0x11d0
[  432.007001][T10281]  worker_thread+0xa47/0x1200
[  432.011684][T10281]  kthread+0x28d/0x320
[  432.015742][T10281]  ret_from_fork+0x1f/0x30
[  432.020151][T10281] page last free stack trace:
[  432.024802][T10281]  free_unref_page_prepare+0xf63/0x1120
[  432.030335][T10281]  free_unref_page+0x33/0x3e0
[  432.035002][T10281]  __unfreeze_partials+0x1b7/0x210
[  432.040116][T10281]  put_cpu_partial+0x17b/0x250
[  432.044869][T10281]  qlist_free_all+0x76/0xe0
[  432.049359][T10281]  kasan_quarantine_reduce+0x156/0x170
[  432.054806][T10281]  __kasan_slab_alloc+0x1f/0x70
[  432.059643][T10281]  slab_post_alloc_hook+0x52/0x3a0
[  432.064744][T10281]  __kmem_cache_alloc_node+0x137/0x260
[  432.070191][T10281]  __kmalloc+0xa1/0x230
[  432.074333][T10281]  tomoyo_realpath_from_path+0xcb/0x5d0
[  432.079867][T10281]  tomoyo_path_number_perm+0x21f/0x7f0
[  432.085310][T10281]  security_file_ioctl+0x6d/0xa0
[  432.090230][T10281]  __se_sys_ioctl+0x47/0x160
[  432.094810][T10281]  do_syscall_64+0x3b/0xb0
[  432.099217][T10281]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  432.105098][T10281] 
[  432.107405][T10281] Memory state around the buggy address:
[  432.113013][T10281]  ffff888061f86680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  432.121143][T10281]  ffff888061f86700: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[  432.129186][T10281] >ffff888061f86780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  432.137224][T10281]                                                     ^
[  432.144137][T10281]  ffff888061f86800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[  432.152179][T10281]  ffff888061f86880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  432.160217][T10281] ==================================================================
[  432.344527][T10281] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  432.351756][T10281] CPU: 0 PID: 10281 Comm: syz.0.1964 Not tainted 6.1.96-syzkaller #0
[  432.359822][T10281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  432.369873][T10281] Call Trace:
[  432.373150][T10281]  <TASK>
[  432.376079][T10281]  dump_stack_lvl+0x1e3/0x2cb
[  432.380773][T10281]  ? nf_tcp_handle_invalid+0x642/0x642
[  432.386247][T10281]  ? panic+0x764/0x764
[  432.390324][T10281]  ? preempt_schedule_common+0xa6/0xd0
[  432.395793][T10281]  ? vscnprintf+0x59/0x80
[  432.400131][T10281]  panic+0x318/0x764
[  432.404028][T10281]  ? check_panic_on_warn+0x1d/0xa0
[  432.409142][T10281]  ? memcpy_page_flushcache+0xfc/0xfc
[  432.414526][T10281]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  432.420518][T10281]  ? _raw_spin_unlock+0x40/0x40
[  432.425378][T10281]  ? print_report+0x4a3/0x4f0
[  432.430064][T10281]  check_panic_on_warn+0x7e/0xa0
[  432.435014][T10281]  ? skb_release_head_state+0x35/0x230
[  432.440490][T10281]  end_report+0x66/0x110
[  432.444736][T10281]  kasan_report+0x143/0x160
[  432.449242][T10281]  ? skb_release_head_state+0x35/0x230
[  432.454722][T10281]  skb_release_head_state+0x35/0x230
[  432.460021][T10281]  ? __hci_req_sync+0x626/0x940
[  432.464874][T10281]  kfree_skb_reason+0x13d/0x390
[  432.469740][T10281]  __hci_req_sync+0x626/0x940
[  432.474422][T10281]  ? trace_contention_end+0x61/0x170
[  432.479717][T10281]  ? hci_req_sync_complete+0x280/0x280
[  432.485189][T10281]  ? mutex_lock_nested+0x10/0x10
[  432.490134][T10281]  ? mutex_unlock+0x10/0x10
[  432.494643][T10281]  ? hci_inquiry+0x860/0x860
[  432.499239][T10281]  hci_req_sync+0xa5/0xc0
[  432.503567][T10281]  hci_inquiry+0x443/0x860
[  432.507974][T10281]  ? do_raw_spin_unlock+0x137/0x8a0
[  432.513158][T10281]  ? hci_remove_remote_oob_data+0x250/0x250
[  432.519041][T10281]  ? hci_sock_ioctl+0x538/0x850
[  432.523877][T10281]  sock_do_ioctl+0x152/0x450
[  432.528456][T10281]  ? sock_show_fdinfo+0xb0/0xb0
[  432.533296][T10281]  ? __fget_files+0x28/0x4a0
[  432.537878][T10281]  sock_ioctl+0x47f/0x770
[  432.542194][T10281]  ? sock_poll+0x410/0x410
[  432.546593][T10281]  ? __fget_files+0x28/0x4a0
[  432.551172][T10281]  ? __fget_files+0x435/0x4a0
[  432.555834][T10281]  ? __fget_files+0x28/0x4a0
[  432.560421][T10281]  ? bpf_lsm_file_ioctl+0x5/0x10
[  432.565347][T10281]  ? security_file_ioctl+0x7d/0xa0
[  432.570444][T10281]  ? sock_poll+0x410/0x410
[  432.574843][T10281]  __se_sys_ioctl+0xf1/0x160
[  432.579426][T10281]  do_syscall_64+0x3b/0xb0
[  432.583832][T10281]  ? clear_bhb_loop+0x45/0xa0
[  432.588502][T10281]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  432.594383][T10281] RIP: 0033:0x7fd62e375f19
[  432.598783][T10281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.618371][T10281] RSP: 002b:00007fd62f0a4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  432.626771][T10281] RAX: ffffffffffffffda RBX: 00007fd62e503f60 RCX: 00007fd62e375f19
[  432.634727][T10281] RDX: 0000000020000100 RSI: 00000000800448f0 RDI: 0000000000000004
[  432.642682][T10281] RBP: 00007fd62e3e4bcd R08: 0000000000000000 R09: 0000000000000000
[  432.650637][T10281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  432.658590][T10281] R13: 000000000000000b R14: 00007fd62e503f60 R15: 00007ffd13bc4858
[  432.666551][T10281]  </TASK>
[  432.669675][T10281] Kernel Offset: disabled
[  432.673983][T10281] Rebooting in 86400 seconds..