last executing test programs:

28.005157279s ago: executing program 2 (id=819):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x0, 0x0, 0x9}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000000))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000980)={[{@nombcache}, {@sysvgroups}, {@norecovery}, {@grpid}, {@norecovery}]}, 0x9, 0x60b, &(0x7f00000001c0)="$eJzs3c1vVOUaAPDnTKcftPfeFnJz7+UupIkxkCgtLWCIMRHilhD82LmqtBCkUEJrtEhiSXCjMW5cmLhyIf4XSuLWhVsXblwZksYYFmJQxpzpmTofnTKdzkfb+f2SQ99zDnPe5ww8fd955z3nBNCzxtM/chEHI+J6EjFati8f2c7xtb/34NdbF9IliULhtV+SuPV+slJ+rCT7OZK9+M/RSL7PRRzoq613cfnmlZn5+bkb2frk0tXrk4vLN49evjpzae7S3LXp56dPnTxx8tTUsW2dX76sfPbOW++MfnjujS8/f5RMffXjuSROx+MstvS8ql87uK2a0/dsPAprHlbHdGqbx94pfhutfI9TSfUGdqyL2f/H/oj4b4xGX9m/5mh88EpXgwPaqpBEqY0Cek7SVP4PtT4QoMNK/YDSZ/uNPgfXyrW5VwJ0wuqZtQGAtdzvj4hS/ufXxgZjqDg2MPwgqRjnSSJieyNza9I6vvv23J10iTrjcEB7rNwujXJXt/9JMTfHYqi4NvwgV5H/ubIl3f5qk/WPV63Lf+icldsR8b+s/R+IpvP/zSbrl/8AAAAAAADQOvfORMRzG83/y63P/xnYYP7PSEScbkH9T/7+L3c/KyQtqA4os3om4sWa+b9/lM8OHuvLvuf/Z3E+QH/u4uX5uWMR8a+IOBL9g+n6VOVhKyYIH/34wGf16i+f/5cuaf2luYDZoe7nqy7EnZ1ZmmnN2UNvW70d8f/i/N9D2ZbK+T9p+5/UtP8fvZwm+PUG6zjwzN3z9fY9Of+Bdil8EXF4w+t//u5uJ5vfn2Oy2B+YLPUKaj313idf16tf/kP3pO3/8Ob5P5iU369ncWvHH4iI48v5Qr39zfb/B5LX+0rHT707s7R0YypiIDlbu316azHDXlXKh1K+pPl/5OnNx//W+/9lebgvIlYarPM/j0d+qrdP+w/dk+b/7Obt/1hl+7/VwlBM3x37JrvFWI3zDbX/J4pt+pFsi/E/KFd7P45GE7Qr4QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALpeLiH9EkptYL+dyExMRIxHx7xjOzS8sLj17ceHta7Ppvsrn/4+urSel5/+Pla1PV60fj4j9EfFp377i+sSFhfnZbp88AAAAAAAAAAAAAAAAAAAA7BAjxWv+C4PV1/+nfu7rdnRA2+Wzn/Idek++6VcWBlsaCNBxzec/sNs1nv/9bY0D6Lz6+f/wUaGoo+EAHaT/D72ryfz3dQHsAdp/6FUNjukNtTsOoBsabv9X2xsHAAAAAADQEvsP3fshiYiVF/YVl9RAts9kf9jbct0OAOgac3ihd+UXuh0B0C0+4wPJeun3DS/2rz/7P2lPQAAAAAAAAAAAAABAjcMHXf8PvSoXsckjvM3th71sk+v/N0p+twuAPaT+oz8aafsTPQTYxXzGB57Ujrv+HwAAAAAAAAAAAAB2gKGbV2bm5+duLC7vvsJLOyOMrRVWZnZEGC0tPG7PkfsjYmecYKcLpVtwdDGMLv9eAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1v0VAAD//wwXMFk=")

26.078852477s ago: executing program 2 (id=828):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000500)="d8000000180081054e81f782db4cb904021d0800fe007c05e8fe55a10a0015000200142603600e12080005007f370401a8001600200006000500027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2e98a61e284ce5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xd8}], 0x1}, 0x0)

25.002130535s ago: executing program 2 (id=829):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
close(r0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000002000000000000000000000a00000000000000000000000d"], 0x0, 0x32}, 0x20)
close(r0)

24.738092877s ago: executing program 2 (id=832):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x13, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000063013d000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

24.653833324s ago: executing program 2 (id=833):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x13, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000063019d000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

23.704662391s ago: executing program 2 (id=835):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x0, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, 0x0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r8, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r7, 0x400448e0, &(0x7f00000003c0))
socket$packet(0x11, 0x3, 0x300)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x8, [@enum={0xb}]}, {0x0, [0x0, 0x5f, 0x0, 0x5f, 0x3e, 0x0]}}, &(0x7f0000000340)=""/137, 0x2c, 0x89, 0x1, 0x6}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x68, &(0x7f0000000640)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x72}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x39)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000010180)='kmem_cache_free\x00'}, 0x10)

12.707308771s ago: executing program 0 (id=890):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x14, 0x0, 0x3, 0x0, [{@remote}, {@dev, 0x65c}]}, @timestamp_prespec={0x44, 0x14, 0x0, 0x3, 0x0, [{@broadcast, 0x52b1}, {@multicast2}]}]}}}}})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(r2, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
bind$can_raw(r2, &(0x7f0000000000), 0x10)
dup3(r1, r2, 0x0)

12.538100624s ago: executing program 0 (id=895):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000040)={0x38, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}]}, 0x38}}, 0x0)

12.325733292s ago: executing program 0 (id=897):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00')
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040ed5000410"], 0x11)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(0xffffffffffffffff, 0xc034564b, 0x0)

12.288745145s ago: executing program 0 (id=898):
socket$phonet(0x23, 0x2, 0x1)
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_add_memb(r0, 0x107, 0x18, &(0x7f0000000800)={0x0, 0x1, 0x6, @local}, 0x10)
sendto$packet(r0, &(0x7f0000000040)="0303020000010000000045", 0xff4b, 0x4000050, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x4560}, 0x0, {0x0, r1}})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x0, 0x0, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
io_setup(0x1, &(0x7f0000000040)=<r2=>0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
r4 = dup(r3)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000180), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x12, r4, 0x0)
io_submit(r2, 0x1, &(0x7f00000001c0)=[0x0])

12.160069035s ago: executing program 0 (id=899):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sys_exit\x00'}, 0x10)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000100)=@assoc_value={<r2=>0x0}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={r2, @in={{0x2, 0x0, @empty}}}, 0x9c)

12.043565125s ago: executing program 0 (id=902):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x0, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, 0x0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r8, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r7, 0x400448e0, &(0x7f00000003c0))
socket$packet(0x11, 0x3, 0x300)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x8, [@enum={0xb}]}, {0x0, [0x0, 0x5f, 0x0, 0x5f, 0x3e, 0x0]}}, &(0x7f0000000340)=""/137, 0x2c, 0x89, 0x1, 0x6}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x68, &(0x7f0000000640)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x72}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x39)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000010180)='kmem_cache_free\x00'}, 0x10)

3.507153003s ago: executing program 1 (id=934):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@ifindex, 0xffffffffffffffff, 0x0, 0x0, 0x4, @prog_fd}, 0x20)

3.483475645s ago: executing program 1 (id=935):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x401, 0x6c, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}}, 0x0)

3.412172281s ago: executing program 1 (id=936):
socket$inet6(0xa, 0x2, 0x3a)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000000))
syz_io_uring_setup(0x24f5, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"})
r3 = syz_open_pts(r2, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f00000000c0))
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000140)=0x11)

3.411797041s ago: executing program 1 (id=937):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000495"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$kcm(0x10, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0x40}, 0x48)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000001540)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000000280)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010002fdb35d580000000c00000014000180080403000200000008000100540935a58296076e4096a4216124584cc82a21f53ae6c90b95726a7721f42eef05cd95e03ce10d2b0f47eb0016781561dc6e7868f47aa05200"/102, @ANYRES32=r5, @ANYBLOB="0800038004000380"], 0x30}}, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r3}, 0x20)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r6 = semget$private(0x0, 0x4000000009, 0x0)
semop(r6, &(0x7f0000000240)=[{0x2, 0x7fff, 0x1000}], 0x1)
semop(r6, &(0x7f0000000100)=[{0x2, 0xd5db}], 0x1)
semop(r6, &(0x7f0000000140)=[{0x0, 0xfffb}, {0x2, 0x7f, 0x1800}], 0x2)
semop(r6, &(0x7f0000001400)=[{0x0, 0x200}], 0x1)

2.854955327s ago: executing program 4 (id=939):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r3, 0x1, 0x25, &(0x7f00000000c0)=0xffff, 0x4)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
socket(0x2, 0x1, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000001)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fcntl$getflags(r2, 0x401)
dup(0xffffffffffffffff)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_vs\x00')
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(r4, &(0x7f0000004000)={0x2020}, 0x2020)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0xff, @dev={0xac, 0x14, 0x14, 0x14}, 0x4e22, 0x0, 'lblcr\x00', 0x10, 0x0, 0x7c}, 0x2c)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f00000002c0)={0x0, 0x0, 0x1000}, 0x0, &(0x7f0000000300), &(0x7f0000006040)=""/4096)
read(0xffffffffffffffff, &(0x7f0000000380)=""/194, 0xc2)

2.750218835s ago: executing program 3 (id=941):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
accept4$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @my=0x1}, 0x10, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000001c0), 0x4)
shutdown(r1, 0x1)
ppoll(&(0x7f00000002c0)=[{r1}], 0x1, 0x0, 0x0, 0xfffffffffffffd4c)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r3, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, <r4=>0xffffffffffffffff})
r5 = fcntl$dupfd(r4, 0x0, r2)
mmap(&(0x7f0000000000/0x2000)=nil, 0x152000, 0x0, 0x12, r5, 0x0)

1.892048835s ago: executing program 4 (id=943):
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000100), 0x12)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100))

1.785840194s ago: executing program 3 (id=944):
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty, 0x6}, 0x1c)
ioctl$SIOCRSSL2CALL(r0, 0x89e2, &(0x7f0000000000)=@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0})

1.785545954s ago: executing program 4 (id=945):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000180)=ANY=[@ANYBLOB="28000000690005"], 0x28}}, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000440)=0xfffffbff, 0x4)
recvmmsg(r0, &(0x7f0000006440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002022, 0x0)

1.742491297s ago: executing program 3 (id=946):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000033c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000012c0)=ANY=[@ANYBLOB=','], 0x60}}], 0x2, 0x0)

1.667898054s ago: executing program 3 (id=947):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_DEVMASK(r4, 0xc0044dff, &(0x7f0000001480))

1.667650813s ago: executing program 4 (id=948):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000001bc0), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$SNAPSHOT_S2RAM(r0, 0x330b)

1.433841673s ago: executing program 4 (id=949):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x14, 0x0, 0x3, 0x0, [{@remote}, {@dev, 0x65c}]}, @timestamp_prespec={0x44, 0x14, 0x0, 0x3, 0x0, [{@broadcast, 0x52b1}, {@multicast2}]}]}}}}})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(r2, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
bind$can_raw(r2, &(0x7f0000000000), 0x10)
dup3(r1, r2, 0x0)

1.294300454s ago: executing program 1 (id=950):
unshare(0x20400)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$getflags(r0, 0x401)

1.261807896s ago: executing program 1 (id=951):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x0, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, 0x0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r8, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r7, 0x400448e0, &(0x7f00000003c0))
socket$packet(0x11, 0x3, 0x300)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x8, [@enum={0xb}]}, {0x0, [0x0, 0x5f, 0x0, 0x5f, 0x3e, 0x0]}}, &(0x7f0000000340)=""/137, 0x2c, 0x89, 0x1, 0x6}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x68, &(0x7f0000000640)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x72}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x39)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000010180)='kmem_cache_free\x00'}, 0x10)

1.211710061s ago: executing program 4 (id=952):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={'syzkaller1\x00', {0x2, 0x0, @broadcast}})
fchdir(0xffffffffffffffff)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"])
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000014000000160a01000000000000000000010000002c000000180a0101000b000000000000010000000900020073797a3000e7df623250368185611d0000000900010073797a3000000000140000001000010000000000000000000000000a"], 0x88}}, 0x0)
ioctl$USBDEVFS_RELEASEINTERFACE(r0, 0x80045510, &(0x7f0000000200))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x4)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040), 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000040)={0x4000000, 0x1, 0x4})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
sched_setscheduler(0x0, 0x0, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000200)=0x4)

1.88789ms ago: executing program 3 (id=953):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioprio_set$pid(0x1, 0x0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = dup(r0)
read$FUSE(r1, 0x0, 0x0)

0s ago: executing program 3 (id=954):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_pressure(r1, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r2, &(0x7f0000000340)={'some', 0x20, 0x7, 0x20, 0xffffa}, 0x2f)
r3 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
socket$unix(0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$cgroup_pressure(r3, &(0x7f0000000340)={'some'}, 0x2f)

kernel console output (not intermixed with test programs):

eared for block 255
[   90.764867][ T4849] FAULT_INJECTION: forcing a failure.
[   90.764867][ T4849] name failslab, interval 1, probability 0, space 0, times 0
[   90.768369][ T4849] CPU: 1 PID: 4849 Comm: syz.4.221 Not tainted 5.15.163-syzkaller #0
[   90.770579][ T4849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   90.773040][ T4849] Call trace:
[   90.773839][ T4849]  dump_backtrace+0x0/0x530
[   90.775005][ T4849]  show_stack+0x2c/0x3c
[   90.776091][ T4849]  dump_stack_lvl+0x108/0x170
[   90.777290][ T4849]  dump_stack+0x1c/0x58
[   90.778393][ T4849]  should_fail+0x3b8/0x514
[   90.779522][ T4849]  __should_failslab+0xbc/0x110
[   90.780802][ T4849]  should_failslab+0x10/0x28
[   90.781965][ T4849]  slab_pre_alloc_hook+0x64/0xe8
[   90.783183][ T4849]  __kmalloc_node+0xbc/0x5b8
[   90.784399][ T4849]  kvmalloc_node+0x88/0x204
[   90.785477][ T4849]  generic_map_update_batch+0x430/0xbc8
[   90.786831][ T4849]  bpf_map_do_batch+0x3d0/0x574
[   90.788127][ T4849]  __sys_bpf+0x4d4/0x610
[   90.789256][ T4849]  __arm64_sys_bpf+0x80/0x98
[   90.790428][ T4849]  invoke_syscall+0x98/0x2b8
[   90.791638][ T4849]  el0_svc_common+0x138/0x258
[   90.792979][ T4849]  do_el0_svc+0x58/0x14c
[   90.794111][ T4849]  el0_svc+0x7c/0x1f0
[   90.795161][ T4849]  el0t_64_sync_handler+0x84/0xe4
[   90.796437][ T4849]  el0t_64_sync+0x1a0/0x1a4
[   90.810472][ T4018] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   90.843347][ T4018] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   90.867106][ T4852] loop1: detected capacity change from 0 to 256
[   90.923543][ T4014] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   90.955874][ T4847] loop3: detected capacity change from 0 to 8192
[   91.023541][ T4855] loop4: detected capacity change from 0 to 2364
[   91.142252][ T4847] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[   91.145780][ T4847] REISERFS (device loop3): using ordered data mode
[   91.147600][ T4847] reiserfs: using flush barriers
[   91.176517][ T4847] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   91.183390][ T4847] REISERFS (device loop3): checking transaction log (loop3)
[   91.895545][ T4865] loop0: detected capacity change from 0 to 512
[   91.949464][ T4865] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   91.989693][ T4865] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e802e02c, mo2=0002]
[   92.006797][ T4865] System zones: 1-12
[   92.032795][ T4865] EXT4-fs (loop0): orphan cleanup on readonly fs
[   92.052063][ T4865] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.227: bg 0: block 361: padding at end of block bitmap is not set
[   92.066566][ T4865] EXT4-fs (loop0): Remounting filesystem read-only
[   92.068305][ T4865] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6186: Corrupt filesystem
[   92.075860][ T4865] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.227: invalid indirect mapped block 12 (level 1)
[   92.108013][ T4865] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.227: invalid indirect mapped block 2 (level 2)
[   92.127231][ T4847] REISERFS (device loop3): Using tea hash to sort names
[   92.129260][ T4847] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[   92.141978][ T4865] EXT4-fs (loop0): 1 truncate cleaned up
[   92.143739][ T4865] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_dev=0x000000000000ffff,max_batch_time=0x0000000000000007,discard,errors=remount-ro,lazytime. Quota mode: none.
[   92.173745][ T4878] device syzkaller0 entered promiscuous mode
[   92.186806][ T4878] loop1: detected capacity change from 0 to 256
[   92.189237][ T4878] exfat: Unknown parameter './file0'
[   92.200291][ T4847] netlink: 28 bytes leftover after parsing attributes in process `syz.3.222'.
[   92.201509][ T4878] overlayfs: missing 'workdir'
[   92.202513][ T4847] netlink: 28 bytes leftover after parsing attributes in process `syz.3.222'.
[   92.209417][ T4847] netlink: 32 bytes leftover after parsing attributes in process `syz.3.222'.
[   92.547767][ T4887] loop3: detected capacity change from 0 to 512
[   92.566609][ T4889] loop1: detected capacity change from 0 to 128
[   92.626694][ T4887] EXT4-fs (loop3): Ignoring removed oldalloc option
[   92.628455][ T4887] EXT4-fs (loop3): Journaled quota options ignored when QUOTA feature is enabled
[   92.645663][ T4887] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[   92.648218][ T4887] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[   92.650680][ T4887] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[   92.652993][ T4889] FAULT_INJECTION: forcing a failure.
[   92.652993][ T4889] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.670399][ T4887] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   92.672894][ T4887] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e01c, mo2=0000]
[   92.676702][ T4889] CPU: 1 PID: 4889 Comm: syz.1.234 Not tainted 5.15.163-syzkaller #0
[   92.678856][ T4889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   92.681336][ T4889] Call trace:
[   92.682058][ T4889]  dump_backtrace+0x0/0x530
[   92.683208][ T4889]  show_stack+0x2c/0x3c
[   92.684234][ T4889]  dump_stack_lvl+0x108/0x170
[   92.685573][ T4889]  dump_stack+0x1c/0x58
[   92.686568][ T4889]  should_fail+0x3b8/0x514
[   92.687765][ T4889]  should_fail_usercopy+0x20/0x30
[   92.689014][ T4889]  strncpy_from_user+0x48/0x580
[   92.690229][ T4889]  getname_flags+0x104/0x480
[   92.691397][ T4889]  __arm64_sys_mkdirat+0x80/0xa8
[   92.692623][ T4889]  invoke_syscall+0x98/0x2b8
[   92.693814][ T4889]  el0_svc_common+0x138/0x258
[   92.694938][ T4889]  do_el0_svc+0x58/0x14c
[   92.695965][ T4889]  el0_svc+0x7c/0x1f0
[   92.696850][ T4889]  el0t_64_sync_handler+0x84/0xe4
[   92.698110][ T4889]  el0t_64_sync+0x1a0/0x1a4
[   92.716648][ T4887] EXT4-fs (loop3): orphan cleanup on readonly fs
[   92.800275][ T4887] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.235: bg 0: block 34: padding at end of block bitmap is not set
[   92.838795][ T4887] Quota error (device loop3): write_blk: dquota write failed
[   92.852603][ T4887] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   92.864059][ T4887] EXT4-fs error (device loop3): ext4_acquire_dquot:6196: comm syz.3.235: Failed to acquire dquot type 1
[   92.885045][ T4887] EXT4-fs (loop3): 1 truncate cleaned up
[   92.935818][ T4887] EXT4-fs (loop3): mounted filesystem without journal. Opts: oldalloc,discard,usrjquota=./file0,noblock_validity,,errors=continue. Quota mode: writeback.
[   93.250739][ T4897] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   93.253151][ T4897] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e01c, mo2=0000]
[   94.816065][ T4880] loop2: detected capacity change from 0 to 40427
[   94.959615][ T4880] F2FS-fs (loop2): Invalid log blocks per segment (4278190089)
[   94.961604][ T4880] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   94.981651][ T4880] F2FS-fs (loop2): invalid crc value
[   95.002422][ T4906] netlink: 12 bytes leftover after parsing attributes in process `syz.3.238'.
[   95.774874][ T4880] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-4)
[   95.832386][ T4912] loop1: detected capacity change from 0 to 128
[   96.143505][ T4915] loop0: detected capacity change from 0 to 8192
[   96.325888][ T4915] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   96.328766][ T4915] REISERFS (device loop0): using ordered data mode
[   96.332022][ T4915] reiserfs: using flush barriers
[   97.460267][ T4931] loop2: detected capacity change from 0 to 16
[   97.468578][ T4915] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   97.481338][ T4915] REISERFS (device loop0): checking transaction log (loop0)
[   97.581050][ T4931] erofs: (device loop2): mounted with root inode @ nid 36.
[   98.148871][ T4936] loop3: detected capacity change from 0 to 512
[   98.293860][ T4915] REISERFS (device loop0): Using tea hash to sort names
[   98.296106][ T4915] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   98.359682][ T4915] netlink: 28 bytes leftover after parsing attributes in process `syz.0.244'.
[   98.362034][ T4915] netlink: 28 bytes leftover after parsing attributes in process `syz.0.244'.
[   98.386616][ T4936] EXT4-fs (loop3): Ignoring removed oldalloc option
[   98.388391][ T4936] EXT4-fs (loop3): Journaled quota options ignored when QUOTA feature is enabled
[   98.391257][ T4936] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[   98.406806][ T4936] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[   98.409344][ T4936] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[   98.414706][ T4915] netlink: 32 bytes leftover after parsing attributes in process `syz.0.244'.
[   98.427657][ T4936] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   98.430290][ T4936] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e01c, mo2=0000]
[   98.430603][ T4938] vcan0: tx drop: invalid da for name 0x0000000000000801
[   98.445679][ T4936] EXT4-fs (loop3): orphan cleanup on readonly fs
[   98.472794][ T4936] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.249: bg 0: block 34: padding at end of block bitmap is not set
[   98.505433][ T4938] affs: No valid root block on device nbd1
[   98.540400][ T4936] Quota error (device loop3): write_blk: dquota write failed
[   98.542561][ T4936] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[   98.564889][ T4943] loop4: detected capacity change from 0 to 512
[   98.579527][ T4936] EXT4-fs error (device loop3): ext4_acquire_dquot:6196: comm syz.3.249: Failed to acquire dquot type 1
[   98.585572][ T4941] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'.
[   98.602340][ T4936] EXT4-fs (loop3): 1 truncate cleaned up
[   98.610610][ T4929] netlink: 4 bytes leftover after parsing attributes in process `syz.2.242'.
[   98.613500][ T4936] EXT4-fs (loop3): mounted filesystem without journal. Opts: oldalloc,discard,usrjquota=./file0,noblock_validity,,errors=continue. Quota mode: writeback.
[   98.814593][ T4943] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.251: bg 0: block 5: invalid block bitmap
[   98.834908][ T4953] loop2: detected capacity change from 0 to 2048
[   98.835043][ T4943] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6186: Corrupt filesystem
[   98.849251][ T4943] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.251: invalid indirect mapped block 3 (level 2)
[   98.854898][ T4943] EXT4-fs (loop4): 1 orphan inode deleted
[   98.856444][ T4943] EXT4-fs (loop4): 1 truncate cleaned up
[   98.859583][ T4943] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   98.920611][ T4956] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   98.922792][ T4956] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e01c, mo2=0000]
[   99.195107][ T4953] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   99.272965][ T4943] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #12: block 7: comm syz.4.251: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=56 fake=0
[   99.472273][ T4962] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #12: block 7: comm syz.4.251: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=56 fake=0
[  100.179366][ T4962] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #12: block 7: comm syz.4.251: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=56 fake=0
[  101.394110][ T4979] FAULT_INJECTION: forcing a failure.
[  101.394110][ T4979] name failslab, interval 1, probability 0, space 0, times 0
[  101.397324][ T4979] CPU: 1 PID: 4979 Comm: syz.1.260 Not tainted 5.15.163-syzkaller #0
[  101.399459][ T4979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  101.401928][ T4979] Call trace:
[  101.402796][ T4979]  dump_backtrace+0x0/0x530
[  101.404042][ T4979]  show_stack+0x2c/0x3c
[  101.405208][ T4979]  dump_stack_lvl+0x108/0x170
[  101.406525][ T4979]  dump_stack+0x1c/0x58
[  101.407507][ T4979]  should_fail+0x3b8/0x514
[  101.408719][ T4979]  __should_failslab+0xbc/0x110
[  101.409947][ T4979]  should_failslab+0x10/0x28
[  101.410879][ T4979]  slab_pre_alloc_hook+0x64/0xe8
[  101.412310][ T4979]  kmem_cache_alloc+0x98/0x45c
[  101.413510][ T4979]  __alloc_file+0x30/0x240
[  101.414678][ T4979]  alloc_empty_file+0xa8/0x198
[  101.416201][ T4979]  alloc_file+0x64/0x494
[  101.417396][ T4979]  alloc_file_pseudo+0x1e0/0x278
[  101.418719][ T4979]  __shmem_file_setup+0x19c/0x26c
[  101.420255][ T4979]  shmem_file_setup+0x40/0x54
[  101.421495][ T4979]  __arm64_sys_memfd_create+0x374/0x610
[  101.423025][ T4979]  invoke_syscall+0x98/0x2b8
[  101.424179][ T4979]  el0_svc_common+0x138/0x258
[  101.425529][ T4979]  do_el0_svc+0x58/0x14c
[  101.426609][ T4979]  el0_svc+0x7c/0x1f0
[  101.427724][ T4979]  el0t_64_sync_handler+0x84/0xe4
[  101.429079][ T4979]  el0t_64_sync+0x1a0/0x1a4
[  101.662681][ T4981] loop3: detected capacity change from 0 to 8192
[  102.213426][ T4991] loop1: detected capacity change from 0 to 2048
[  102.216758][ T4994] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  102.233198][ T4981] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  102.235418][ T4981] REISERFS (device loop3): using ordered data mode
[  102.237042][ T4981] reiserfs: using flush barriers
[  102.239031][ T4981] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  102.270302][ T4981] REISERFS (device loop3): checking transaction log (loop3)
[  102.293859][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.296455][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.319163][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.322330][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.357514][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.361336][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.371717][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.388753][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.391081][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.426367][ T4991] UDF-fs: iocharset cp86!¾þÞ4 not found
[  102.431221][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.448062][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.479270][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.481285][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.490712][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.492583][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.536013][ T4018] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  102.546673][ T4991] mkiss: ax0: crc mode is auto.
[  102.585353][ T4018] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  102.691759][ T4981] REISERFS (device loop3): Using tea hash to sort names
[  102.700065][ T4981] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  102.802269][ T4981] netlink: 28 bytes leftover after parsing attributes in process `syz.3.262'.
[  102.822902][ T4981] netlink: 28 bytes leftover after parsing attributes in process `syz.3.262'.
[  103.168877][ T4984] loop2: detected capacity change from 0 to 32768
[  103.366140][ T4981] netlink: 32 bytes leftover after parsing attributes in process `syz.3.262'.
[  103.528781][ T4984] XFS (loop2): Mounting V5 Filesystem
[  103.604824][ T5028] FAULT_INJECTION: forcing a failure.
[  103.604824][ T5028] name failslab, interval 1, probability 0, space 0, times 0
[  103.608314][ T5028] CPU: 0 PID: 5028 Comm: syz.1.270 Not tainted 5.15.163-syzkaller #0
[  103.610450][ T5028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  103.613043][ T5028] Call trace:
[  103.613939][ T5028]  dump_backtrace+0x0/0x530
[  103.615154][ T5028]  show_stack+0x2c/0x3c
[  103.616219][ T5028]  dump_stack_lvl+0x108/0x170
[  103.617503][ T5028]  dump_stack+0x1c/0x58
[  103.618613][ T5028]  should_fail+0x3b8/0x514
[  103.619829][ T5028]  __should_failslab+0xbc/0x110
[  103.621199][ T5028]  should_failslab+0x10/0x28
[  103.622458][ T5028]  slab_pre_alloc_hook+0x64/0xe8
[  103.623762][ T5028]  kmem_cache_alloc+0x98/0x45c
[  103.624994][ T5028]  skb_clone+0x180/0x304
[  103.626151][ T5028]  __netlink_deliver_tap+0x360/0x714
[  103.627541][ T5028]  netlink_deliver_tap+0x1ac/0x1b0
[  103.628920][ T5028]  __netlink_sendskb+0x6c/0xbc
[  103.630167][ T5028]  netlink_dump+0x734/0xa88
[  103.631403][ T5028]  __netlink_dump_start+0x488/0x6ec
[  103.632719][ T5028]  unix_diag_handler_dump+0x184/0x724
[  103.634152][ T5028]  sock_diag_rcv_msg+0x174/0x39c
[  103.635518][ T5028]  netlink_rcv_skb+0x20c/0x3b8
[  103.636753][ T5028]  sock_diag_rcv+0x3c/0x54
[  103.637950][ T5028]  netlink_unicast+0x664/0x938
[  103.639165][ T5028]  netlink_sendmsg+0x844/0xb38
[  103.640362][ T5028]  sock_write_iter+0x2b0/0x3f8
[  103.641647][ T5028]  vfs_write+0x884/0xb44
[  103.642843][ T5028]  ksys_write+0x15c/0x26c
[  103.643989][ T5028]  __arm64_sys_write+0x7c/0x90
[  103.645247][ T5028]  invoke_syscall+0x98/0x2b8
[  103.646432][ T5028]  el0_svc_common+0x138/0x258
[  103.647752][ T5028]  do_el0_svc+0x58/0x14c
[  103.648923][ T5028]  el0_svc+0x7c/0x1f0
[  103.650023][ T5028]  el0t_64_sync_handler+0x84/0xe4
[  103.651361][ T5028]  el0t_64_sync+0x1a0/0x1a4
[  103.780063][ T4984] XFS (loop2): Ending clean mount
[  103.834310][ T5024] device syzkaller0 entered promiscuous mode
[  104.796386][ T4237] XFS (loop2): Unmounting Filesystem
[  104.957533][ T5036] netlink: 12 bytes leftover after parsing attributes in process `syz.1.275'.
[  104.978915][ T5041] ceph: No source
[  106.789999][ T5053] loop3: detected capacity change from 0 to 8192
[  106.849436][ T5053] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  106.852392][ T5053] REISERFS (device loop3): using ordered data mode
[  106.862231][ T5053] reiserfs: using flush barriers
[  106.867707][ T5053] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  106.872007][ T5053] REISERFS (device loop3): checking transaction log (loop3)
[  107.092535][ T5053] REISERFS (device loop3): Using tea hash to sort names
[  107.095932][ T5053] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  107.127648][ T5053] netlink: 28 bytes leftover after parsing attributes in process `syz.3.281'.
[  107.129790][ T5053] netlink: 28 bytes leftover after parsing attributes in process `syz.3.281'.
[  107.131919][ T5053] netlink: 32 bytes leftover after parsing attributes in process `syz.3.281'.
[  107.331998][ T5074] loop4: detected capacity change from 0 to 1024
[  107.438951][ T5074] hfsplus: unable to parse mount options
[  107.491481][ T5078] device syzkaller0 entered promiscuous mode
[  107.588423][ T5081] FAULT_INJECTION: forcing a failure.
[  107.588423][ T5081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.591770][ T5081] CPU: 1 PID: 5081 Comm: syz.2.290 Not tainted 5.15.163-syzkaller #0
[  107.593665][ T5081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  107.596009][ T5081] Call trace:
[  107.596794][ T5081]  dump_backtrace+0x0/0x530
[  107.597923][ T5081]  show_stack+0x2c/0x3c
[  107.599012][ T5081]  dump_stack_lvl+0x108/0x170
[  107.600204][ T5081]  dump_stack+0x1c/0x58
[  107.601217][ T5081]  should_fail+0x3b8/0x514
[  107.602311][ T5081]  should_fail_usercopy+0x20/0x30
[  107.603682][ T5081]  _copy_from_iter+0x1f0/0xcf0
[  107.604909][ T5081]  netlink_sendmsg+0x70c/0xb38
[  107.606168][ T5081]  ____sys_sendmsg+0x584/0x870
[  107.607429][ T5081]  ___sys_sendmsg+0x214/0x294
[  107.608704][ T5081]  __arm64_sys_sendmsg+0x1ac/0x25c
[  107.610045][ T5081]  invoke_syscall+0x98/0x2b8
[  107.611261][ T5081]  el0_svc_common+0x138/0x258
[  107.612488][ T5081]  do_el0_svc+0x58/0x14c
[  107.613620][ T5081]  el0_svc+0x7c/0x1f0
[  107.614710][ T5081]  el0t_64_sync_handler+0x84/0xe4
[  107.615973][ T5081]  el0t_64_sync+0x1a0/0x1a4
[  108.944242][ T5074] loop4: detected capacity change from 0 to 32768
[  109.165175][ T5074] XFS (loop4): Mounting V5 Filesystem
[  109.975501][ T5074] XFS (loop4): Ending clean mount
[  109.981010][ T5107] loop3: detected capacity change from 0 to 8192
[  110.004649][ T5074] XFS (loop4): Quotacheck needed: Please wait.
[  110.048209][ T5074] XFS (loop4): Quotacheck: Done.
[  110.058034][ T5074] udc-core: couldn't find an available UDC or it's busy
[  110.059894][ T5074] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  110.176116][ T5107] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  110.178832][ T5107] REISERFS (device loop3): using ordered data mode
[  110.180597][ T5107] reiserfs: using flush barriers
[  110.187003][ T5107] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  110.200341][ T5107] REISERFS (device loop3): checking transaction log (loop3)
[  111.023486][ T5136] capability: warning: `syz.2.305' uses deprecated v2 capabilities in a way that may be insecure
[  111.186754][ T5107] REISERFS (device loop3): Using tea hash to sort names
[  111.188991][ T5107] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  111.768685][ T3983] XFS (loop4): Unmounting Filesystem
[  111.780037][ T5167] FAULT_INJECTION: forcing a failure.
[  111.780037][ T5167] name failslab, interval 1, probability 0, space 0, times 0
[  111.811631][ T5167] CPU: 1 PID: 5167 Comm: syz.3.314 Not tainted 5.15.163-syzkaller #0
[  111.813744][ T5167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  111.816312][ T5167] Call trace:
[  111.817156][ T5167]  dump_backtrace+0x0/0x530
[  111.818378][ T5167]  show_stack+0x2c/0x3c
[  111.819494][ T5167]  dump_stack_lvl+0x108/0x170
[  111.820744][ T5167]  dump_stack+0x1c/0x58
[  111.821671][ T5167]  should_fail+0x3b8/0x514
[  111.822780][ T5167]  __should_failslab+0xbc/0x110
[  111.824011][ T5167]  should_failslab+0x10/0x28
[  111.825165][ T5167]  slab_pre_alloc_hook+0x64/0xe8
[  111.826456][ T5167]  __kmalloc_track_caller+0x78/0x3d8
[  111.827772][ T5167]  kstrdup+0xe4/0x15c
[  111.828829][ T5167]  ceph_parse_source+0xfc/0x5bc
[  111.830127][ T5167]  ceph_parse_mount_param+0xc08/0x1324
[  111.831448][ T5167]  vfs_parse_fs_param+0x1bc/0x3f4
[  111.832781][ T5167]  __arm64_sys_fsconfig+0xae0/0xd18
[  111.833990][ T5167]  invoke_syscall+0x98/0x2b8
[  111.835135][ T5167]  el0_svc_common+0x138/0x258
[  111.836334][ T5167]  do_el0_svc+0x58/0x14c
[  111.837304][ T5167]  el0_svc+0x7c/0x1f0
[  111.838238][ T5167]  el0t_64_sync_handler+0x84/0xe4
[  111.839426][ T5167]  el0t_64_sync+0x1a0/0x1a4
[  111.992546][ T5173] loop3: detected capacity change from 0 to 16
[  112.041586][ T5180] FAULT_INJECTION: forcing a failure.
[  112.041586][ T5180] name failslab, interval 1, probability 0, space 0, times 0
[  112.079844][ T5180] CPU: 1 PID: 5180 Comm: syz.1.321 Not tainted 5.15.163-syzkaller #0
[  112.082062][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  112.084733][ T5180] Call trace:
[  112.085632][ T5180]  dump_backtrace+0x0/0x530
[  112.086785][ T5180]  show_stack+0x2c/0x3c
[  112.087865][ T5180]  dump_stack_lvl+0x108/0x170
[  112.089078][ T5180]  dump_stack+0x1c/0x58
[  112.090174][ T5180]  should_fail+0x3b8/0x514
[  112.091331][ T5180]  __should_failslab+0xbc/0x110
[  112.092616][ T5180]  should_failslab+0x10/0x28
[  112.093810][ T5180]  slab_pre_alloc_hook+0x64/0xe8
[  112.095134][ T5180]  kmem_cache_alloc+0x98/0x45c
[  112.096357][ T5180]  can_rx_register+0x12c/0x5f4
[  112.097616][ T5180]  bcm_rx_setup+0xcdc/0x14ac
[  112.098875][ T5180]  bcm_sendmsg+0x3e8/0x628
[  112.100086][ T5180]  ____sys_sendmsg+0x584/0x870
[  112.101349][ T5180]  ___sys_sendmsg+0x214/0x294
[  112.102609][ T5180]  __sys_sendmmsg+0x23c/0x648
[  112.103857][ T5180]  __arm64_sys_sendmmsg+0xa0/0xbc
[  112.105112][ T5180]  invoke_syscall+0x98/0x2b8
[  112.106322][ T5180]  el0_svc_common+0x138/0x258
[  112.107582][ T5180]  do_el0_svc+0x58/0x14c
[  112.108696][ T5180]  el0_svc+0x7c/0x1f0
[  112.109775][ T5180]  el0t_64_sync_handler+0x84/0xe4
[  112.111105][ T5180]  el0t_64_sync+0x1a0/0x1a4
[  112.270175][ T5191] FAULT_INJECTION: forcing a failure.
[  112.270175][ T5191] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.346318][ T5191] CPU: 1 PID: 5191 Comm: syz.1.326 Not tainted 5.15.163-syzkaller #0
[  112.348705][ T5191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  112.351463][ T5191] Call trace:
[  112.352354][ T5191]  dump_backtrace+0x0/0x530
[  112.353529][ T5191]  show_stack+0x2c/0x3c
[  112.354664][ T5191]  dump_stack_lvl+0x108/0x170
[  112.355942][ T5191]  dump_stack+0x1c/0x58
[  112.357114][ T5191]  should_fail+0x3b8/0x514
[  112.358196][ T5191]  should_fail_usercopy+0x20/0x30
[  112.359535][ T5191]  simple_read_from_buffer+0xd8/0x26c
[  112.360999][ T5191]  proc_fail_nth_read+0x1a0/0x248
[  112.362433][ T5191]  vfs_read+0x278/0xb18
[  112.363732][ T5191]  ksys_read+0x15c/0x26c
[  112.364899][ T5191]  __arm64_sys_read+0x7c/0x90
[  112.366129][ T5191]  invoke_syscall+0x98/0x2b8
[  112.367309][ T5191]  el0_svc_common+0x138/0x258
[  112.368503][ T5191]  do_el0_svc+0x58/0x14c
[  112.369653][ T5191]  el0_svc+0x7c/0x1f0
[  112.370752][ T5191]  el0t_64_sync_handler+0x84/0xe4
[  112.371904][ T5191]  el0t_64_sync+0x1a0/0x1a4
[  112.840860][ T5196] FAULT_INJECTION: forcing a failure.
[  112.840860][ T5196] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.880967][ T5196] CPU: 1 PID: 5196 Comm: syz.1.328 Not tainted 5.15.163-syzkaller #0
[  112.883063][ T5196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  112.886044][ T5196] Call trace:
[  112.886915][ T5196]  dump_backtrace+0x0/0x530
[  112.888126][ T5196]  show_stack+0x2c/0x3c
[  112.889251][ T5196]  dump_stack_lvl+0x108/0x170
[  112.890511][ T5196]  dump_stack+0x1c/0x58
[  112.891770][ T5196]  should_fail+0x3b8/0x514
[  112.892980][ T5196]  should_fail_usercopy+0x20/0x30
[  112.894389][ T5196]  ioctl_standard_iw_point+0x450/0xe24
[  112.895889][ T5196]  ioctl_standard_call+0xcc/0x264
[  112.897259][ T5196]  wext_ioctl_dispatch+0x16c/0x3ec
[  112.898803][ T5196]  wext_handle_ioctl+0x224/0x448
[  112.900153][ T5196]  sock_ioctl+0x140/0x8ac
[  112.901350][ T5196]  __arm64_sys_ioctl+0x14c/0x1c8
[  112.902728][ T5196]  invoke_syscall+0x98/0x2b8
[  112.903974][ T5196]  el0_svc_common+0x138/0x258
[  112.905196][ T5196]  do_el0_svc+0x58/0x14c
[  112.906242][ T5196]  el0_svc+0x7c/0x1f0
[  112.907330][ T5196]  el0t_64_sync_handler+0x84/0xe4
[  112.908638][ T5196]  el0t_64_sync+0x1a0/0x1a4
[  112.974200][ T5198] netlink: 28 bytes leftover after parsing attributes in process `syz.2.329'.
[  112.976673][ T5198] netlink: 28 bytes leftover after parsing attributes in process `syz.2.329'.
[  112.978855][ T5198] netlink: 8 bytes leftover after parsing attributes in process `syz.2.329'.
[  113.021527][ T5205] netlink: 8 bytes leftover after parsing attributes in process `syz.1.330'.
[  114.173674][ T5202] loop4: detected capacity change from 0 to 32768
[  114.252668][ T5226] loop3: detected capacity change from 0 to 1024
[  114.262100][ T5228] binder: 5227:5228 tried to acquire reference to desc 0, got 1 instead
[  114.271246][ T5228] binder: 5227:5228 got transaction with invalid offsets size, 113
[  114.290271][ T5228] binder: 5227:5228 transaction failed 29201/-22, size 112-113 line 3134
[  114.297338][ T5226] EXT4-fs (loop3): bad geometry: first data block is 0 with a 1k block and cluster size
[  116.209841][ T3555] binder: undelivered TRANSACTION_ERROR: 29201
[  117.433596][ T5270] cgroup: release_agent respecified
[  117.452236][ T5272] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  117.472988][ T5272] FAULT_INJECTION: forcing a failure.
[  117.472988][ T5272] name failslab, interval 1, probability 0, space 0, times 0
[  117.481950][ T5272] CPU: 1 PID: 5272 Comm: syz.0.352 Not tainted 5.15.163-syzkaller #0
[  117.484000][ T5272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  117.484862][ T5283] FAULT_INJECTION: forcing a failure.
[  117.484862][ T5283] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.486545][ T5272] Call trace:
[  117.490859][ T5272]  dump_backtrace+0x0/0x530
[  117.491969][ T5272]  show_stack+0x2c/0x3c
[  117.492922][ T5272]  dump_stack_lvl+0x108/0x170
[  117.494146][ T5272]  dump_stack+0x1c/0x58
[  117.495267][ T5272]  should_fail+0x3b8/0x514
[  117.496378][ T5272]  __should_failslab+0xbc/0x110
[  117.497630][ T5272]  should_failslab+0x10/0x28
[  117.498922][ T5272]  slab_pre_alloc_hook+0x64/0xe8
[  117.500208][ T5272]  kmem_cache_alloc_trace+0x9c/0x47c
[  117.501690][ T5272]  sctp_add_bind_addr+0xa0/0x2e8
[  117.502908][ T5272]  sctp_copy_local_addr_list+0x2d8/0x494
[  117.504455][ T5272]  sctp_copy_one_addr+0xc0/0x348
[  117.505758][ T5272]  sctp_bind_addr_copy+0xb8/0x388
[  117.507064][ T5272]  sctp_assoc_set_bind_addr_from_ep+0x11c/0x16c
[  117.508677][ T5272]  sctp_connect_new_asoc+0x278/0x5dc
[  117.510107][ T5272]  sctp_sendmsg+0x1684/0x2844
[  117.511333][ T5272]  inet_sendmsg+0x15c/0x290
[  117.512589][ T5272]  ____sys_sendmsg+0x584/0x870
[  117.513771][ T5272]  ___sys_sendmsg+0x214/0x294
[  117.515003][ T5272]  __sys_sendmmsg+0x23c/0x648
[  117.516208][ T5272]  __arm64_sys_sendmmsg+0xa0/0xbc
[  117.517533][ T5272]  invoke_syscall+0x98/0x2b8
[  117.518775][ T5272]  el0_svc_common+0x138/0x258
[  117.519950][ T5272]  do_el0_svc+0x58/0x14c
[  117.521116][ T5272]  el0_svc+0x7c/0x1f0
[  117.522208][ T5272]  el0t_64_sync_handler+0x84/0xe4
[  117.523478][ T5272]  el0t_64_sync+0x1a0/0x1a4
[  117.540288][ T5283] CPU: 0 PID: 5283 Comm: syz.4.350 Not tainted 5.15.163-syzkaller #0
[  117.542477][ T5283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  117.545043][ T5283] Call trace:
[  117.545897][ T5283]  dump_backtrace+0x0/0x530
[  117.547133][ T5283]  show_stack+0x2c/0x3c
[  117.548237][ T5283]  dump_stack_lvl+0x108/0x170
[  117.549747][ T5283]  dump_stack+0x1c/0x58
[  117.550765][ T5283]  should_fail+0x3b8/0x514
[  117.551873][ T5283]  should_fail_usercopy+0x20/0x30
[  117.553137][ T5283]  __copy_msghdr_from_user+0xbc/0x5d0
[  117.554798][ T5283]  ___sys_sendmsg+0x154/0x294
[  117.556108][ T5283]  __arm64_sys_sendmsg+0x1ac/0x25c
[  117.557421][ T5283]  invoke_syscall+0x98/0x2b8
[  117.558577][ T5283]  el0_svc_common+0x138/0x258
[  117.559857][ T5283]  do_el0_svc+0x58/0x14c
[  117.561008][ T5283]  el0_svc+0x7c/0x1f0
[  117.561997][ T5283]  el0t_64_sync_handler+0x84/0xe4
[  117.563312][ T5283]  el0t_64_sync+0x1a0/0x1a4
[  117.678784][ T5293] loop4: detected capacity change from 0 to 164
[  119.150498][ T5308] binder: 5307 BINDER_GET_NODE_INFO_FOR_REF: only handle may be non-zero.
[  119.150524][ T5308] binder: 5307:5308 ioctl c018620c 20000a00 returned -22
[  119.222075][ T5310] loop4: detected capacity change from 0 to 164
[  119.381250][ T5312] 9pnet: Insufficient options for proto=fd
[  119.451103][ T5317] FAULT_INJECTION: forcing a failure.
[  119.451103][ T5317] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.473122][ T5317] CPU: 0 PID: 5317 Comm: syz.3.370 Not tainted 5.15.163-syzkaller #0
[  119.475244][ T5317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  119.477889][ T5317] Call trace:
[  119.478777][ T5317]  dump_backtrace+0x0/0x530
[  119.479946][ T5317]  show_stack+0x2c/0x3c
[  119.480929][ T5317]  dump_stack_lvl+0x108/0x170
[  119.482159][ T5317]  dump_stack+0x1c/0x58
[  119.483298][ T5317]  should_fail+0x3b8/0x514
[  119.484376][ T5317]  should_fail_usercopy+0x20/0x30
[  119.485700][ T5317]  __copy_msghdr_from_user+0xbc/0x5d0
[  119.487100][ T5317]  ___sys_recvmsg+0x150/0x2cc
[  119.488315][ T5317]  do_recvmmsg+0x310/0x9a4
[  119.489425][ T5317]  __arm64_sys_recvmmsg+0x180/0x23c
[  119.490838][ T5317]  invoke_syscall+0x98/0x2b8
[  119.492021][ T5317]  el0_svc_common+0x138/0x258
[  119.493282][ T5317]  do_el0_svc+0x58/0x14c
[  119.494395][ T5317]  el0_svc+0x7c/0x1f0
[  119.495407][ T5317]  el0t_64_sync_handler+0x84/0xe4
[  119.496760][ T5317]  el0t_64_sync+0x1a0/0x1a4
[  119.577629][ T5328] FAULT_INJECTION: forcing a failure.
[  119.577629][ T5328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.587901][ T5328] CPU: 1 PID: 5328 Comm: syz.2.373 Not tainted 5.15.163-syzkaller #0
[  119.589987][ T5328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  119.592646][ T5328] Call trace:
[  119.593451][ T5328]  dump_backtrace+0x0/0x530
[  119.594538][ T5328]  show_stack+0x2c/0x3c
[  119.595619][ T5328]  dump_stack_lvl+0x108/0x170
[  119.596823][ T5328]  dump_stack+0x1c/0x58
[  119.597876][ T5328]  should_fail+0x3b8/0x514
[  119.598895][ T5328]  should_fail_usercopy+0x20/0x30
[  119.600137][ T5328]  simple_read_from_buffer+0xd8/0x26c
[  119.601499][ T5328]  proc_fail_nth_read+0x1a0/0x248
[  119.602739][ T5328]  vfs_read+0x278/0xb18
[  119.603754][ T5328]  ksys_read+0x15c/0x26c
[  119.604751][ T5328]  __arm64_sys_read+0x7c/0x90
[  119.605899][ T5328]  invoke_syscall+0x98/0x2b8
[  119.607091][ T5328]  el0_svc_common+0x138/0x258
[  119.608290][ T5328]  do_el0_svc+0x58/0x14c
[  119.609318][ T5328]  el0_svc+0x7c/0x1f0
[  119.610348][ T5328]  el0t_64_sync_handler+0x84/0xe4
[  119.611600][ T5328]  el0t_64_sync+0x1a0/0x1a4
[  119.612712][    C1] vkms_vblank_simulate: vblank timer overrun
[  119.629186][ T5291] udc-core: couldn't find an available UDC or it's busy
[  119.631001][ T5291] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  119.824647][ T5337] xt_recent: hitcount (448) is larger than allowed maximum (255)
[  120.090945][ T5310] iso9660: Corrupted directory entry in block 4 of inode 1792
[  121.047109][ T4102] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.142267][ T4102] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.238658][ T4102] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.260661][ T5392] device pim6reg1 entered promiscuous mode
[  121.300148][ T4102] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.334987][ T5396] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  121.366155][ T5373] chnl_net:caif_netlink_parms(): no params data found
[  121.459142][ T5412] netlink: 12 bytes leftover after parsing attributes in process `syz.2.405'.
[  121.516316][ T5373] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.518530][ T5373] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.529915][ T5373] device bridge_slave_0 entered promiscuous mode
[  121.539082][ T5373] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.541067][ T5373] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.543972][ T5373] device bridge_slave_1 entered promiscuous mode
[  121.555512][ T5421] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  121.624803][ T5373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  121.631387][ T5373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  121.674195][ T5373] team0: Port device team_slave_0 added
[  121.684708][ T5373] team0: Port device team_slave_1 added
[  121.762927][ T5373] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.775157][ T5373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.800076][ T5373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.863249][ T5373] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.865373][ T5373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.872298][ T5373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.995786][ T5373] device hsr_slave_0 entered promiscuous mode
[  122.033723][ T5373] device hsr_slave_1 entered promiscuous mode
[  122.063440][ T5373] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  122.066963][ T5373] Cannot create hsr debugfs directory
[  122.733462][ T4015] Bluetooth: hci1: command 0x0409 tx timeout
[  122.907115][ T5373] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  122.944008][ T5487] dlm: dev_write: no op f4a73b f7fd00000000
[  123.019295][ T5373] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  123.087137][ T5373] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  123.292964][ T5373] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  123.510078][ T5499] netlink: 20 bytes leftover after parsing attributes in process `syz.3.435'.
[  123.732876][ T5373] 8021q: adding VLAN 0 to HW filter on device bond0
[  123.809681][ T5373] 8021q: adding VLAN 0 to HW filter on device team0
[  123.824121][ T4102] device hsr_slave_0 left promiscuous mode
[  123.835450][ T4102] device hsr_slave_1 left promiscuous mode
[  123.924000][ T4102] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  123.926127][ T4102] batman_adv: batadv0: Removing interface: batadv_slave_0
[  123.929264][ T4102] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  123.931130][ T4102] batman_adv: batadv0: Removing interface: batadv_slave_1
[  123.935825][ T4102] device bridge_slave_1 left promiscuous mode
[  123.943882][ T4102] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.992058][ T4102] device bridge_slave_0 left promiscuous mode
[  123.994539][ T4102] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.133466][ T4102] device veth1_macvtap left promiscuous mode
[  124.135402][ T4102] device veth0_macvtap left promiscuous mode
[  124.137166][ T4102] device veth1_vlan left promiscuous mode
[  124.138759][ T4102] device veth0_vlan left promiscuous mode
[  124.326916][ T5557] netlink: 'syz.4.452': attribute type 13 has an invalid length.
[  124.525516][ T4102] team0 (unregistering): Port device team_slave_1 removed
[  124.544729][ T4102] team0 (unregistering): Port device team_slave_0 removed
[  124.562270][ T4102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  124.620720][ T4102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  124.823420][   T21] Bluetooth: hci1: command 0x041b tx timeout
[  124.889696][ T4102] bond0 (unregistering): Released all slaves
[  124.970669][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  124.973922][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  124.994023][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  124.996737][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  124.999099][ T4463] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.000917][ T4463] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.032835][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  125.036804][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  125.039588][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  125.041985][   T21] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.043995][   T21] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.067019][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  125.070005][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  125.072810][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  125.077202][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  125.123665][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  125.127067][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  125.130203][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  125.132975][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  125.143769][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  125.150205][ T5373] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  125.176123][ T5373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  125.189727][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  125.192854][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  125.268565][ T5561] ODEBUG: Out of memory. ODEBUG disabled
[  126.674857][ T5595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.463'.
[  126.690918][ T5562] syz.3.453 (5562): drop_caches: 2
[  126.711830][ T5373] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.745142][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  126.747155][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  126.779356][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  126.782314][ T1963] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  126.839461][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  126.842385][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  126.845797][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  126.848181][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  126.859464][ T5373] device veth0_vlan entered promiscuous mode
[  126.899243][ T5373] device veth1_vlan entered promiscuous mode
[  126.910654][ T1963] Bluetooth: hci1: command 0x040f tx timeout
[  126.929515][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  126.932105][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  126.935077][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  126.937686][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  126.962544][ T5373] device veth0_macvtap entered promiscuous mode
[  126.967732][ T5373] device veth1_macvtap entered promiscuous mode
[  127.004686][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.007365][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.009810][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.024431][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.026804][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.029360][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.049826][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.053880][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.091290][ T5373] batman_adv: batadv0: Interface activated: batadv_slave_0
[  127.097221][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  127.099797][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  127.102708][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  127.113899][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  127.145376][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.148176][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.163202][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.171177][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.176032][ T5561] syz.3.453 (5561): drop_caches: 2
[  127.182518][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.186021][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.189554][ T5373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.678987][ T5373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.074499][ T5373] batman_adv: batadv0: Interface activated: batadv_slave_1
[  128.132362][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  128.135131][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  128.169825][ T5373] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.172168][ T5373] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.195640][ T5373] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.206833][ T5373] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.237958][ T5623] netlink: 'syz.3.471': attribute type 17 has an invalid length.
[  128.240472][ T5623] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  128.282720][ T5623] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  128.541491][ T4115] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.546210][ T4115] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.551207][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  128.730138][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.732583][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.739414][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  128.929530][ T3972] Bluetooth: hci3: unexpected event for opcode 0x2039
[  128.973453][ T4015] Bluetooth: hci1: command 0x0419 tx timeout
[  129.021898][ T5644] dccp_invalid_packet: P.Data Offset(172) too large
[  129.548460][ T5675] dccp_invalid_packet: P.Data Offset(172) too large
[  129.711548][ T5683] syz.0.500 (5683): drop_caches: 2
[  129.720579][ T5683] syz.0.500 (5683): drop_caches: 2
[  129.800927][ T5682] hub 6-0:1.0: USB hub found
[  129.806867][ T5682] hub 6-0:1.0: 8 ports detected
[  129.832901][ T5679] syz.0.500 (5679): drop_caches: 2
[  129.847543][ T5679] syz.0.500 (5679): drop_caches: 2
[  129.907483][ T5688] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  129.924054][ T5688] VFS: Can't find a romfs filesystem on dev nullb0.
[  129.924054][ T5688] 
[  129.957836][ T5692] netlink: 32 bytes leftover after parsing attributes in process `syz.2.503'.
[  130.068614][   T26] audit: type=1326 audit(130.040:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5697 comm="syz.2.505" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8a3502a8 code=0x7ffc0000
[  130.078144][   T26] audit: type=1326 audit(130.050:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5697 comm="syz.2.505" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=262 compat=0 ip=0xffff8a3502a8 code=0x7ffc0000
[  130.089930][   T26] audit: type=1326 audit(130.050:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5697 comm="syz.2.505" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8a3502a8 code=0x7ffc0000
[  130.115712][   T26] audit: type=1326 audit(130.050:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5697 comm="syz.2.505" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8a3502a8 code=0x7ffc0000
[  130.152046][   T26] audit: type=1326 audit(130.050:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5697 comm="syz.2.505" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8a3502a8 code=0x7ffc0000
[  130.168977][ T5705] dccp_invalid_packet: P.Data Offset(172) too large
[  130.179295][   T26] audit: type=1326 audit(130.050:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5697 comm="syz.2.505" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=263 compat=0 ip=0xffff8a3502a8 code=0x7ffc0000
[  130.195328][   T26] audit: type=1326 audit(130.050:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5697 comm="syz.2.505" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8a3502a8 code=0x7ffc0000
[  130.225779][   T26] audit: type=1326 audit(130.050:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5697 comm="syz.2.505" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8a3502a8 code=0x7ffc0000
[  130.293950][ T5711] (syz.4.507,5711,1):ocfs2_fill_super:991 ERROR: superblock probe failed!
[  130.296368][ T5711] (syz.4.507,5711,1):ocfs2_fill_super:1177 ERROR: status = -22
[  130.410037][ T5718] syz.3.512 (5718): drop_caches: 2
[  130.411944][ T5718] syz.3.512 (5718): drop_caches: 2
[  130.457918][ T5718] syz.3.512 (5718): drop_caches: 2
[  130.464868][ T5718] syz.3.512 (5718): drop_caches: 2
[  130.579837][ T5742] dccp_invalid_packet: P.Data Offset(172) too large
[  130.963497][ T5763] syz.0.530 (5763): drop_caches: 2
[  130.965753][ T5763] syz.0.530 (5763): drop_caches: 2
[  130.977921][ T5763] syz.0.530 (5763): drop_caches: 2
[  131.411998][ T5763] syz.0.530 (5763): drop_caches: 2
[  131.863431][ T2047] ieee802154 phy0 wpan0: encryption failed: -22
[  131.864938][ T2047] ieee802154 phy1 wpan1: encryption failed: -22
[  132.220250][ T5798] netlink: 'syz.3.546': attribute type 10 has an invalid length.
[  132.248263][ T5798] team0: Port device netdevsim0 added
[  132.432695][ T5812] netlink: 40 bytes leftover after parsing attributes in process `syz.3.551'.
[  132.467192][ T5814] netlink: 72 bytes leftover after parsing attributes in process `syz.3.552'.
[  132.585319][ T4015] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  132.587851][ T4015] Bluetooth: hci0: Injecting HCI hardware error event
[  132.591034][ T3972] Bluetooth: hci0: hardware error 0x00
[  132.865949][ T5831] xt_HMARK: spi-set and port-set can't be combined
[  133.595909][ T5865] netlink: 36 bytes leftover after parsing attributes in process `syz.3.574'.
[  134.605534][ T5895] udc-core: couldn't find an available UDC or it's busy
[  134.607386][ T5895] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  134.841529][ T5895] udc-core: couldn't find an available UDC or it's busy
[  134.849450][ T5895] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  135.265385][ T5927] device pim6reg1 entered promiscuous mode
[  135.620634][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.647851][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.649760][ T5947] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.690698][ T5953] device pim6reg1 entered promiscuous mode
[  136.159329][ T5958] chnl_net:caif_netlink_parms(): no params data found
[  136.373244][   T13] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  136.613130][   T13] usb 1-1: Using ep0 maxpacket: 8
[  136.738338][   T13] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  136.741309][   T13] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  136.753186][   T13] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  136.756297][   T13] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  136.758985][   T13] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  136.761172][   T13] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.849520][   T13] hub 1-1:1.0: bad descriptor, ignoring hub
[  136.851370][   T13] hub: probe of 1-1:1.0 failed with error -5
[  136.856078][ T4115] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.898596][   T13] cdc_wdm 1-1:1.0: skipping garbage
[  136.899902][   T13] cdc_wdm 1-1:1.0: skipping garbage
[  136.933363][ T5958] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.935253][ T5958] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.937879][ T5958] device bridge_slave_0 entered promiscuous mode
[  136.975888][   T13] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  136.977597][   T13] cdc_wdm 1-1:1.0: Unknown control protocol
[  137.062421][   T13] usb 1-1: USB disconnect, device number 2
[  137.149334][ T4115] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.160676][ T5958] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.162496][ T5958] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.165516][ T5958] device bridge_slave_1 entered promiscuous mode
[  137.248946][ T5958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.264482][ T5958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.307462][ T4115] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.352043][ T5958] team0: Port device team_slave_0 added
[  137.357647][ T5958] team0: Port device team_slave_1 added
[  137.415438][ T4115] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.475643][ T5958] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.477545][ T5958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.495475][ T5958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.499737][ T5958] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.501485][ T5958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.528873][ T5958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.700314][   T13] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  137.745073][ T5958] device hsr_slave_0 entered promiscuous mode
[  137.790681][ T5958] device hsr_slave_1 entered promiscuous mode
[  137.859325][   T25] Bluetooth: hci0: command 0x0409 tx timeout
[  137.952298][   T13] usb 1-1: Using ep0 maxpacket: 8
[  138.073316][   T13] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  138.076056][   T13] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  138.078345][   T13] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  138.081011][   T13] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  138.109672][   T13] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  138.112131][   T13] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.174315][   T13] hub 1-1:1.0: bad descriptor, ignoring hub
[  138.175854][   T13] hub: probe of 1-1:1.0 failed with error -5
[  138.218969][   T13] cdc_wdm 1-1:1.0: skipping garbage
[  138.220411][   T13] cdc_wdm 1-1:1.0: skipping garbage
[  138.233411][   T13] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  138.235090][   T13] cdc_wdm 1-1:1.0: Unknown control protocol
[  138.524120][ T6030] device pim6reg1 entered promiscuous mode
[  139.046300][   T25] usb 1-1: USB disconnect, device number 3
[  139.056424][ T5958] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  139.096418][ T5958] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  139.200927][ T5958] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  139.225771][ T5958] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  139.420365][ T6070] udc-core: couldn't find an available UDC or it's busy
[  139.443186][ T6070] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  139.492720][ T5958] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.530270][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  139.532886][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  139.559090][ T5958] 8021q: adding VLAN 0 to HW filter on device team0
[  139.580218][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  139.582765][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  139.585359][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.587293][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.589460][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  139.624886][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  139.627583][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  139.629989][   T21] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.631634][   T21] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.645456][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  139.648410][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  139.752635][ T5958] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  139.793225][ T5958] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  139.866234][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  139.873672][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  139.876355][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  139.879065][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  139.881743][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  139.888007][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  139.890717][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  139.893452][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  139.905370][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  139.908094][ T4015] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  139.933276][ T4015] Bluetooth: hci0: command 0x041b tx timeout
[  140.126221][ T3555] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  140.128213][ T3555] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  140.197974][ T4115] device hsr_slave_0 left promiscuous mode
[  140.297505][ T4115] device hsr_slave_1 left promiscuous mode
[  140.495503][ T6086] netlink: 8 bytes leftover after parsing attributes in process `syz.3.655'.
[  140.653434][ T4115] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  140.764884][ T4115] batman_adv: batadv0: Removing interface: batadv_slave_0
[  141.223169][ T4115] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  141.225242][ T4115] batman_adv: batadv0: Removing interface: batadv_slave_1
[  141.236371][ T4115] device bridge_slave_1 left promiscuous mode
[  141.238119][ T4115] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.306524][ T4115] device bridge_slave_0 left promiscuous mode
[  141.308308][ T4115] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.443413][ T4115] device veth1_macvtap left promiscuous mode
[  141.444878][ T4115] device veth0_macvtap left promiscuous mode
[  141.446508][ T4115] device veth1_vlan left promiscuous mode
[  141.447974][ T4115] device veth0_vlan left promiscuous mode
[  142.013178][ T4015] Bluetooth: hci0: command 0x040f tx timeout
[  142.091975][ T4115] team0 (unregistering): Port device team_slave_1 removed
[  142.129752][ T4115] team0 (unregistering): Port device team_slave_0 removed
[  142.159443][ T4115] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.200862][ T4115] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.448353][ T4115] bond0 (unregistering): Released all slaves
[  142.612678][ T5958] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.720970][   T26] audit: type=1326 audit(142.690:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6100 comm="syz.4.662" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff98e612a8 code=0x7ffc0000
[  142.731430][   T26] audit: type=1326 audit(142.700:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6100 comm="syz.4.662" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=9 compat=0 ip=0xffff98e612a8 code=0x7ffc0000
[  142.731798][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  142.739802][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  142.759226][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  142.759589][   T26] audit: type=1326 audit(142.710:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6100 comm="syz.4.662" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff98e612a8 code=0x7ffc0000
[  142.761645][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  142.784397][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  142.800772][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  142.805257][ T5958] device veth0_vlan entered promiscuous mode
[  142.823531][ T5958] device veth1_vlan entered promiscuous mode
[  142.902660][ T5958] device veth0_macvtap entered promiscuous mode
[  142.933388][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  142.935978][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  142.938853][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  142.941425][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  142.972818][ T5958] device veth1_macvtap entered promiscuous mode
[  142.976392][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  142.978836][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  143.008418][ T5958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.011031][ T5958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.025962][ T5958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.028598][ T5958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.030730][ T5958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.043122][ T5958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.045591][ T5958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.053464][ T5958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.064285][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_0
[  143.075291][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  143.078160][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  143.082646][ T5958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.104608][ T5958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.107195][ T5958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.109837][ T5958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.112189][ T5958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.135770][ T5958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.138380][ T5958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.141082][ T5958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.167533][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_1
[  143.187703][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  143.190271][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  143.196372][ T5958] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.213525][ T5958] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  143.215611][ T5958] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  143.217776][ T5958] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.093308][ T4463] Bluetooth: hci0: command 0x0419 tx timeout
[  144.262669][ T6102] chnl_net:caif_netlink_parms(): no params data found
[  144.479917][  T294] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.483596][  T294] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.324314][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  145.343251][ T4014] Bluetooth: hci5: command 0x0409 tx timeout
[  145.413925][ T6102] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.415696][ T6102] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.418224][ T6102] device bridge_slave_0 entered promiscuous mode
[  145.432268][  T538] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.432946][ T6102] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.436862][ T6102] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.439345][ T6102] device bridge_slave_1 entered promiscuous mode
[  145.441949][  T538] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.462087][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  145.522054][ T6102] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  145.532997][ T6102] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  145.598537][ T6102] team0: Port device team_slave_0 added
[  145.627553][ T6102] team0: Port device team_slave_1 added
[  145.692869][ T6102] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.702925][ T6102] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.728126][ T6102] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.735107][ T6102] batman_adv: batadv0: Adding interface: batadv_slave_1
[  145.737065][ T6102] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.764520][ T6102] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.905386][ T6102] device hsr_slave_0 entered promiscuous mode
[  145.954433][ T6102] device hsr_slave_1 entered promiscuous mode
[  146.063307][ T6102] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  146.065257][ T6102] Cannot create hsr debugfs directory
[  147.291527][ T6102] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.373215][ T4014] Bluetooth: hci5: command 0x041b tx timeout
[  147.374253][ T6166] netlink: 'syz.3.685': attribute type 10 has an invalid length.
[  147.376668][ T6166] netlink: 40 bytes leftover after parsing attributes in process `syz.3.685'.
[  147.380270][ T6166] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  148.523533][ T6102] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.768185][ T6102] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.942162][ T6102] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.212359][ T6208] loop3: detected capacity change from 0 to 1024
[  150.087628][ T6215] input: syz0 as /devices/virtual/input/input6
[  150.658927][ T6102] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  150.720482][ T4020] Bluetooth: hci5: command 0x040f tx timeout
[  150.796425][ T6102] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  150.857300][ T6102] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  150.896388][ T6102] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  151.126186][ T6224] loop3: detected capacity change from 0 to 128
[  151.153147][ T6102] 8021q: adding VLAN 0 to HW filter on device bond0
[  151.198509][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  151.201226][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  151.213021][ T6102] 8021q: adding VLAN 0 to HW filter on device team0
[  151.221011][ T6224] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  151.226038][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  151.228760][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  151.231144][ T4022] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.233028][ T4022] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.240362][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  151.244044][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  151.246890][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  151.249502][ T4022] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.251536][ T4022] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.265183][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  151.267908][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  151.271392][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  151.275584][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  151.278297][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  151.294914][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  151.305013][ T6102] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  151.307898][ T6102] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  151.314081][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  151.316659][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  151.319266][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  151.322126][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  151.326688][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  151.337187][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  151.643612][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  151.645772][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  151.655590][ T6102] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.714295][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  151.717180][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  151.746402][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  151.749111][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  151.764536][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  151.767325][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  151.776036][ T6102] device veth0_vlan entered promiscuous mode
[  151.810500][ T6102] device veth1_vlan entered promiscuous mode
[  151.849640][   T26] audit: type=1326 audit(151.820:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.1.709" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb98442a8 code=0x0
[  151.859378][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  151.862136][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  151.874553][ T6102] device veth0_macvtap entered promiscuous mode
[  151.892436][ T6102] device veth1_macvtap entered promiscuous mode
[  151.928382][ T6102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.941527][ T6102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.947030][ T6102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.953704][ T6102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.956282][ T6102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.958952][ T6102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.961280][ T6102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.994471][ T6102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.996902][ T6102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.999410][ T6102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.017741][ T6102] batman_adv: batadv0: Interface activated: batadv_slave_0
[  152.028450][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  152.031076][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  152.034114][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  152.040131][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  152.049132][ T6102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.055797][ T6102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.069874][ T6102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.080514][ T6102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.091327][ T6102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.102522][ T6102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.110905][ T6102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.119443][ T6102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.119603][ T6102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.119619][ T6102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.130324][ T6102] batman_adv: batadv0: Interface activated: batadv_slave_1
[  152.131230][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  152.131750][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  152.141676][ T6102] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  152.141746][ T6102] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  152.141769][ T6102] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  152.141792][ T6102] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  152.258423][ T6178] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.260715][ T6178] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.266780][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  152.297255][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  152.317824][ T6245] loop4: detected capacity change from 0 to 1024
[  152.328811][ T4176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.331224][ T4176] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.338299][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  152.531639][ T6245] udc-core: couldn't find an available UDC or it's busy
[  152.533660][ T6245] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  152.540085][   T26] audit: type=1326 audit(152.510:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b9442a8 code=0x7ffc0000
[  152.553682][   T26] audit: type=1326 audit(152.530:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=425 compat=0 ip=0xffff8b9442a8 code=0x7ffc0000
[  152.562847][   T26] audit: type=1326 audit(152.530:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff8b9442dc code=0x7ffc0000
[  152.584781][   T26] audit: type=1326 audit(152.530:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff8b9442dc code=0x7ffc0000
[  152.623518][   T26] audit: type=1326 audit(152.530:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b9442a8 code=0x7ffc0000
[  152.633269][ T4020] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  152.646062][   T26] audit: type=1326 audit(152.540:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=427 compat=0 ip=0xffff8b9442a8 code=0x7ffc0000
[  152.646102][   T26] audit: type=1326 audit(152.540:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b9442a8 code=0x7ffc0000
[  152.733304][ T3769] Bluetooth: hci5: command 0x0419 tx timeout
[  152.756347][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.763989][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.770456][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.775849][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.780066][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.783338][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.787535][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.791770][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.796112][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.800290][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.805567][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.809944][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.814896][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.819204][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.823716][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.827090][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.831354][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.835943][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.840178][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.852955][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.860873][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.866164][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.873446][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.879828][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.883334][ T4020] usb 1-1: Using ep0 maxpacket: 8
[  152.888874][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.905069][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.912607][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.919343][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.926071][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.932446][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  152.949997][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.342550][ T6262] input: syz0 as /devices/virtual/input/input7
[  153.840753][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.842784][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.844827][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.846741][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.848671][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.850536][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.853775][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.857008][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.858827][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.860745][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.862571][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.883383][ T4020] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  153.885531][ T4020] usb 1-1: config 179 has no interface number 0
[  153.887075][ T4020] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  153.889858][ T4020] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  153.892594][ T4020] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11
[  153.907585][ T3769] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  153.910549][ T4020] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024
[  153.920859][ T3769] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  153.923604][ T4020] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  153.951045][ T4020] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  153.960330][ T4020] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.083325][ T6249] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  154.086118][ T6249] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  154.099316][ T4020] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input8
[  154.305413][ T4020] usb 1-1: USB disconnect, device number 4
[  154.314332][ T4020] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  154.868870][   T26] audit: type=1326 audit(154.840:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6278 comm="syz.0.724" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd9122a8 code=0x7ffc0000
[  154.875728][   T26] audit: type=1326 audit(154.840:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6278 comm="syz.0.724" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=425 compat=0 ip=0xffffbd9122a8 code=0x7ffc0000
[  155.633230][ T6295] udc-core: couldn't find an available UDC or it's busy
[  155.635067][ T6295] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  155.732952][  T648] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.851460][  T648] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.957582][  T648] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.061315][  T648] team0: Port device netdevsim0 removed
[  156.071204][  T648] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.117957][ T6293] chnl_net:caif_netlink_parms(): no params data found
[  156.217861][ T6293] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.227847][ T6293] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.230715][ T6293] device bridge_slave_0 entered promiscuous mode
[  156.244428][ T6293] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.246172][ T6293] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.249060][ T6293] device bridge_slave_1 entered promiscuous mode
[  156.396375][ T6293] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.411609][ T6293] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.498548][ T6293] team0: Port device team_slave_0 added
[  156.502221][ T6293] team0: Port device team_slave_1 added
[  156.570718][ T6293] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.572833][ T6293] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.588309][ T6293] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.592765][ T6293] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.611489][ T6293] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.631800][ T6293] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.764680][ T6293] device hsr_slave_0 entered promiscuous mode
[  156.803758][ T6293] device hsr_slave_1 entered promiscuous mode
[  156.813427][ T3769] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  156.853644][ T6293] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  156.855584][ T6293] Cannot create hsr debugfs directory
[  157.063273][ T3769] usb 1-1: Using ep0 maxpacket: 8
[  157.976982][ T4463] Bluetooth: hci3: command 0x0409 tx timeout
[  158.043778][ T3769] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  158.045846][ T3769] usb 1-1: config 179 has no interface number 0
[  158.047478][ T3769] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  158.050051][ T3769] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  158.053019][ T3769] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11
[  158.056446][ T3769] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024
[  158.059210][ T3769] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  158.062630][ T3769] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  158.064977][ T3769] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.094666][ T6315] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  158.096675][ T6315] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  158.116062][ T3769] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input9
[  158.362209][ T3769] usb 1-1: USB disconnect, device number 5
[  158.373404][ T3769] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  158.796436][ T6293] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  159.005042][ T6293] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  159.267557][ T6293] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  159.305224][ T6293] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  159.646425][ T6379] x_tables: unsorted underflow at hook 3
[  160.013449][ T6148] Bluetooth: hci3: command 0x041b tx timeout
[  160.564941][ T6390] loop4: detected capacity change from 0 to 1024
[  160.673081][ T6390] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  160.689983][ T6390] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,sysvgroups,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback.
[  161.360866][ T6398] input: syz0 as /devices/virtual/input/input10
[  161.670675][ T6293] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.716554][  T648] device hsr_slave_0 left promiscuous mode
[  161.733994][  T648] device hsr_slave_1 left promiscuous mode
[  161.833609][  T648] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.838795][  T648] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.891098][  T648] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.895644][  T648] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.923668][  T648] device bridge_slave_1 left promiscuous mode
[  161.925377][  T648] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.934929][ T6411] udc-core: couldn't find an available UDC or it's busy
[  161.936823][ T6411] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  162.033635][  T648] device bridge_slave_0 left promiscuous mode
[  162.035294][  T648] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.103350][ T6148] Bluetooth: hci3: command 0x040f tx timeout
[  162.203530][  T648] device veth1_macvtap left promiscuous mode
[  162.205262][  T648] device veth0_macvtap left promiscuous mode
[  162.206758][  T648] device veth1_vlan left promiscuous mode
[  162.208106][  T648] device veth0_vlan left promiscuous mode
[  162.566242][ T6430] loop4: detected capacity change from 0 to 128
[  163.252271][ T6432] x_tables: unsorted underflow at hook 3
[  163.853294][ T4463] Bluetooth: hci4: command 0x0406 tx timeout
[  163.922610][  T648] team0 (unregistering): Port device team_slave_1 removed
[  163.951089][  T648] team0 (unregistering): Port device team_slave_0 removed
[  163.970557][  T648] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  164.032034][  T648] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  164.173233][ T4022] Bluetooth: hci3: command 0x0419 tx timeout
[  164.249340][  T648] bond0 (unregistering): Released all slaves
[  164.368197][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  164.370762][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  164.389214][ T6293] 8021q: adding VLAN 0 to HW filter on device team0
[  164.413646][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  164.416468][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  164.443592][ T4022] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.445388][ T4022] bridge0: port 1(bridge_slave_0) entered forwarding state
[  164.453846][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  164.456977][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  164.468452][ T4022] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.470522][ T4022] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.534773][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  164.537209][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  164.555487][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  164.567953][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  164.570762][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  164.573772][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  164.582173][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  164.702272][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  164.719532][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  164.806538][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  165.282137][ T6293] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  165.298615][ T6293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  165.447350][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  165.451570][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  165.639054][ T6477] input: syz0 as /devices/virtual/input/input11
[  166.377475][ T6476] udc-core: couldn't find an available UDC or it's busy
[  166.379357][ T6476] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  166.994099][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  166.996443][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  167.030172][ T6293] 8021q: adding VLAN 0 to HW filter on device batadv0
[  167.087450][ T4020] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  167.090157][ T4020] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  167.125453][ T6500] x_tables: unsorted underflow at hook 3
[  167.168012][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  167.175067][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  167.182634][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  167.187465][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  167.190961][ T6293] device veth0_vlan entered promiscuous mode
[  167.254173][ T6293] device veth1_vlan entered promiscuous mode
[  167.451440][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  167.454250][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  167.456826][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  167.459312][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  167.526771][ T6293] device veth0_macvtap entered promiscuous mode
[  167.559644][ T6293] device veth1_macvtap entered promiscuous mode
[  167.621579][ T6293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.630793][ T6293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.640544][ T6293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.649650][ T6293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.652412][ T6293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.666786][ T6293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.669303][ T6293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.671870][ T6293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.689086][ T6293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.691576][ T6293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.708218][ T6293] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.719104][ T6293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.779945][ T6293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.782495][ T6293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.809792][ T6520] udc-core: couldn't find an available UDC or it's busy
[  167.811916][ T6520] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  167.814272][ T6293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.816813][ T6293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.842096][ T6293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.144708][ T6293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.222134][ T6293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.303422][ T6293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.422168][ T6293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.615171][ T6293] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.635155][ T6293] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.637490][ T6293] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.639630][ T6293] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.673553][ T6293] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.678283][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  168.680979][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  168.683501][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  168.686220][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  168.688882][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  168.691587][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  168.851069][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.853652][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.857969][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  168.927422][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.929871][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.935167][ T4014] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  169.299853][ T6525] input: syz0 as /devices/virtual/input/input12
[  170.009830][ T6527] loop3: detected capacity change from 0 to 1024
[  170.030082][ T6533] loop4: detected capacity change from 0 to 1024
[  170.171519][ T6533] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  170.183922][ T6539] udc-core: couldn't find an available UDC or it's busy
[  170.185660][ T6539] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  170.594706][ T6543] input: syz0 as /devices/virtual/input/input13
[  171.939473][ T6555] udc-core: couldn't find an available UDC or it's busy
[  171.941582][ T6555] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  173.842930][ T4176] Bluetooth: hci2: Frame reassembly failed (-84)
[  174.000490][ T4176] Bluetooth: hci2: Frame reassembly failed (-84)
[  174.204511][ T6565] loop3: detected capacity change from 0 to 256
[  174.724850][ T6568] input: syz0 as /devices/virtual/input/input14
[  175.135406][ T6576] loop4: detected capacity change from 0 to 1024
[  175.199813][ T6576] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  175.656378][ T6580] input: syz0 as /devices/virtual/input/input15
[  175.773175][   T25] Bluetooth: hci2: command 0x1003 tx timeout
[  175.783429][ T3972] Bluetooth: hci2: sending frame failed (-49)
[  177.790149][ T6589] input: syz0 as /devices/virtual/input/input16
[  177.936583][   T25] Bluetooth: hci2: command 0x1001 tx timeout
[  177.938156][ T3972] Bluetooth: hci2: sending frame failed (-49)
[  178.699768][ T6602] x_tables: unsorted underflow at hook 3
[  179.405773][ T6613] loop4: detected capacity change from 0 to 128
[  179.492833][ T6615] input: syz0 as /devices/virtual/input/input17
[  180.057886][   T21] Bluetooth: hci2: command 0x1009 tx timeout
[  180.586530][ T6623] 9pnet: Insufficient options for proto=fd
[  180.673813][   T26] kauditd_printk_skb: 5 callbacks suppressed
[  180.673830][   T26] audit: type=1326 audit(180.590:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6625 comm="syz.2.811" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b9442a8 code=0x7ffc0000
[  180.681160][   T26] audit: type=1326 audit(180.590:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6625 comm="syz.2.811" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8b9442a8 code=0x7ffc0000
[  180.697696][   T26] audit: type=1326 audit(180.590:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6625 comm="syz.2.811" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b9442a8 code=0x7ffc0000
[  180.708933][   T26] audit: type=1326 audit(180.590:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6625 comm="syz.2.811" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=45 compat=0 ip=0xffff8b9442a8 code=0x7ffc0000
[  180.717015][   T26] audit: type=1326 audit(180.590:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6625 comm="syz.2.811" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8b9442a8 code=0x7ffc0000
[  180.926963][ T6621] input: syz0 as /devices/virtual/input/input18
[  182.044061][ T6620] netlink: 4 bytes leftover after parsing attributes in process `syz.3.807'.
[  182.056068][ T6640] netlink: 4 bytes leftover after parsing attributes in process `syz.4.814'.
[  183.911615][ T6664] netlink: 'syz.1.824': attribute type 29 has an invalid length.
[  183.971029][ T6664] netlink: 'syz.1.824': attribute type 29 has an invalid length.
[  183.988651][ T6668] netlink: 'syz.1.824': attribute type 29 has an invalid length.
[  184.034500][ T6664] netlink: 'syz.1.824': attribute type 29 has an invalid length.
[  184.051947][ T6664] netlink: 'syz.1.824': attribute type 29 has an invalid length.
[  184.245831][ T6675] netlink: 'syz.2.828': attribute type 21 has an invalid length.
[  184.247998][ T6675] netlink: 'syz.2.828': attribute type 6 has an invalid length.
[  184.249997][ T6675] netlink: 132 bytes leftover after parsing attributes in process `syz.2.828'.
[  185.060252][ T6680] input: syz0 as /devices/virtual/input/input20
[  186.455601][ T3555] Bluetooth: hci6: command 0x0409 tx timeout
[  186.495136][ T6691] loop4: detected capacity change from 0 to 8192
[  186.678673][ T6676] chnl_net:caif_netlink_parms(): no params data found
[  188.948636][ T6178] Bluetooth: hci1: Frame reassembly failed (-84)
[  189.103585][ T4014] Bluetooth: hci6: command 0x041b tx timeout
[  189.137435][ T6676] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.139147][ T6676] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.141817][ T6676] device bridge_slave_0 entered promiscuous mode
[  189.160624][ T6676] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.162531][ T6676] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.177501][ T6676] device bridge_slave_1 entered promiscuous mode
[  189.271611][ T6676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  189.276623][ T6676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  189.318952][ T6676] team0: Port device team_slave_0 added
[  189.325166][ T6676] team0: Port device team_slave_1 added
[  189.399183][ T6676] batman_adv: batadv0: Adding interface: batadv_slave_0
[  189.401000][ T6676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.411302][ T6676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  189.431582][ T6676] batman_adv: batadv0: Adding interface: batadv_slave_1
[  189.437941][ T6676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.457776][ T6676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  189.595987][ T6676] device hsr_slave_0 entered promiscuous mode
[  189.623979][ T6676] device hsr_slave_1 entered promiscuous mode
[  189.683158][ T6676] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  189.685451][ T6676] Cannot create hsr debugfs directory
[  189.921497][ T6676] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.008946][ T6676] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.013808][ T6752] udc-core: couldn't find an available UDC or it's busy
[  190.023620][ T6752] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  190.094147][ T6676] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.165370][  T648] device hsr_slave_0 left promiscuous mode
[  190.294261][  T648] device hsr_slave_1 left promiscuous mode
[  190.735685][ T4022] Bluetooth: hci1: command 0x1003 tx timeout
[  190.754939][ T3976] Bluetooth: hci1: sending frame failed (-49)
[  190.775229][  T648] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  190.811983][  T648] batman_adv: batadv0: Removing interface: batadv_slave_0
[  190.987788][  T648] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.080056][  T648] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.134280][ T4022] Bluetooth: hci6: command 0x040f tx timeout
[  191.148768][  T648] device bridge_slave_1 left promiscuous mode
[  191.157963][  T648] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.195442][  T648] device bridge_slave_0 left promiscuous mode
[  191.197229][  T648] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.213793][ T6148] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  191.333332][  T648] device veth1_macvtap left promiscuous mode
[  191.335068][  T648] device veth0_macvtap left promiscuous mode
[  191.336703][  T648] device veth1_vlan left promiscuous mode
[  191.338785][  T648] device veth0_vlan left promiscuous mode
[  191.637109][  T648] team0 (unregistering): Port device team_slave_1 removed
[  191.650391][  T648] team0 (unregistering): Port device team_slave_0 removed
[  191.664454][  T648] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.710725][  T648] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.849092][  T648] bond0 (unregistering): Released all slaves
[  191.978824][ T6676] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.319902][ T6676] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  192.395546][ T6676] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  192.435157][ T6676] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  192.495615][ T6676] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  192.498391][ T2047] ieee802154 phy0 wpan0: encryption failed: -22
[  192.500233][ T2047] ieee802154 phy1 wpan1: encryption failed: -22
[  192.658273][ T6676] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.331881][ T4022] Bluetooth: hci1: command 0x1001 tx timeout
[  193.334514][ T3976] Bluetooth: hci1: sending frame failed (-49)
[  193.336157][   T21] Bluetooth: hci6: command 0x0419 tx timeout
[  193.345743][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  193.348177][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  193.356047][ T6676] 8021q: adding VLAN 0 to HW filter on device team0
[  193.361483][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  193.364680][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  193.367179][ T4022] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.369003][ T4022] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.371303][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  193.384648][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  193.387576][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  193.390054][   T21] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.391818][   T21] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.395094][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  193.398018][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  193.411507][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  193.414645][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  193.417433][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  193.420686][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  193.444292][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  193.449611][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  193.481811][ T6676] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  193.489706][ T6676] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  193.500217][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  193.509920][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  193.512723][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  193.696664][ T4014] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  193.698865][ T4014] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  193.709393][ T6676] 8021q: adding VLAN 0 to HW filter on device batadv0
[  193.753835][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  193.761238][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  193.790524][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  193.793800][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  193.797166][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  193.802088][   T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  193.807807][ T6676] device veth0_vlan entered promiscuous mode
[  193.828626][ T6676] device veth1_vlan entered promiscuous mode
[  193.873799][ T6676] device veth0_macvtap entered promiscuous mode
[  193.878210][ T6676] device veth1_macvtap entered promiscuous mode
[  193.887882][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.890929][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.893844][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.896485][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.898852][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.901525][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.904833][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.907705][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.910408][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.913764][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.917703][ T6676] batman_adv: batadv0: Interface activated: batadv_slave_0
[  193.922124][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.934288][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.939428][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.942815][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.951346][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.957606][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.961678][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.970734][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.977766][ T6676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.982063][ T6676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.991164][ T6676] batman_adv: batadv0: Interface activated: batadv_slave_1
[  193.999329][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  194.002346][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  194.015304][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  194.017999][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  194.031926][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  194.034687][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  194.037258][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  194.040002][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  194.042592][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  194.054243][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  194.101466][ T6676] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.516932][ T6676] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.950321][ T6676] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.952814][ T6676] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  195.173313][ T6824] netlink: 4 bytes leftover after parsing attributes in process `syz.3.877'.
[  195.173313][ T4411] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.177869][ T4411] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  195.182480][ T4014] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  195.235706][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.238327][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  195.243549][ T4014] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  195.338324][ T6828] ALSA: mixer_oss: invalid OSS volume ''
[  195.373487][ T4057] Bluetooth: hci1: command 0x1009 tx timeout
[  197.516079][   T21] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  197.519677][   T21] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  197.626474][ T6562] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  198.111466][ T6869] chnl_net:caif_netlink_parms(): no params data found
[  199.380746][ T6562] Bluetooth: hci7: Frame reassembly failed (-84)
[  199.940555][ T3769] Bluetooth: hci2: command 0x0409 tx timeout
[  200.503418][ T6869] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.507773][ T6869] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.511036][ T6869] device bridge_slave_0 entered promiscuous mode
[  200.521420][ T6869] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.526659][ T6869] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.530456][ T6869] device bridge_slave_1 entered promiscuous mode
[  200.557153][ T6869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.562720][ T6869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.631587][ T6869] team0: Port device team_slave_0 added
[  200.649543][ T6916] input: syz1 as /devices/virtual/input/input22
[  200.689707][ T6869] team0: Port device team_slave_1 added
[  200.736272][ T6869] batman_adv: batadv0: Adding interface: batadv_slave_0
[  200.740622][ T6869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.762091][ T6869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  200.772645][ T6869] batman_adv: batadv0: Adding interface: batadv_slave_1
[  200.777214][ T6869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.794808][ T6869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  200.875230][ T6869] device hsr_slave_0 entered promiscuous mode
[  200.940823][ T6869] device hsr_slave_1 entered promiscuous mode
[  200.983873][ T6869] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  200.985869][ T6869] Cannot create hsr debugfs directory
[  201.501609][ T3769] Bluetooth: hci7: command 0x1003 tx timeout
[  201.586929][ T3978] Bluetooth: hci7: sending frame failed (-49)
[  201.934410][ T4018] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  201.938381][ T4018] Bluetooth: hci6: Injecting HCI hardware error event
[  202.002077][ T3978] Bluetooth: hci6: hardware error 0x00
[  202.013489][ T4057] Bluetooth: hci2: command 0x041b tx timeout
[  202.141654][ T6869] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.152055][ T6934] sctp: [Deprecated]: syz.3.914 (pid 6934) Use of int in maxseg socket option.
[  202.152055][ T6934] Use struct sctp_assoc_value instead
[  202.256283][ T6869] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.353292][ T6938] sock: sock_timestamping_bind_phc: sock not bind to device
[  203.127616][ T6869] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.205563][ T6869] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.339916][ T6951] 9pnet: Could not find request transport: j0xffffffffffffffff0xffffffffffffffff
[  203.373740][ T6562] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  203.387303][ T6869] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  203.411392][ T6955] udc-core: couldn't find an available UDC or it's busy
[  203.413720][ T6955] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  203.424983][ T6869] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  203.485146][ T6869] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  203.517820][ T6869] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  203.613260][ T3555] Bluetooth: hci7: command 0x1001 tx timeout
[  203.615858][ T3976] Bluetooth: hci7: sending frame failed (-49)
[  203.648483][   T26] audit: type=1326 audit(203.620:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad4332a8 code=0x7ffc0000
[  203.655469][   T26] audit: type=1326 audit(203.620:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=439 compat=0 ip=0xffffad4332a8 code=0x7ffc0000
[  203.661290][   T26] audit: type=1326 audit(203.620:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad4332a8 code=0x7ffc0000
[  203.850300][  T648] device hsr_slave_0 left promiscuous mode
[  203.893526][  T648] device hsr_slave_1 left promiscuous mode
[  204.684138][ T4022] Bluetooth: hci2: command 0x040f tx timeout
[  204.714082][  T648] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.716448][  T648] batman_adv: batadv0: Removing interface: batadv_slave_0
[  204.726429][  T648] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.739018][  T648] batman_adv: batadv0: Removing interface: batadv_slave_1
[  204.760103][  T648] device bridge_slave_1 left promiscuous mode
[  204.761767][  T648] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.887836][ T6968] sock: sock_timestamping_bind_phc: sock not bind to device
[  205.040624][  T648] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.693353][ T4057] Bluetooth: hci7: command 0x1009 tx timeout
[  205.773232][  T648] device veth1_macvtap left promiscuous mode
[  205.774750][  T648] device veth0_macvtap left promiscuous mode
[  205.776330][  T648] device veth1_vlan left promiscuous mode
[  205.777857][  T648] device veth0_vlan left promiscuous mode
[  206.625129][ T4057] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  206.743500][ T4022] Bluetooth: hci2: command 0x0419 tx timeout
[  206.936804][  T648] team0 (unregistering): Port device team_slave_1 removed
[  206.952054][  T648] team0 (unregistering): Port device team_slave_0 removed
[  206.967338][  T648] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.010268][  T648] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.232583][  T648] bond0 (unregistering): Released all slaves
[  207.340474][ T6869] 8021q: adding VLAN 0 to HW filter on device bond0
[  207.363738][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  207.366194][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  207.395841][ T6869] 8021q: adding VLAN 0 to HW filter on device team0
[  207.401583][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  207.404385][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  207.406904][ T4022] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.408850][ T4022] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.411179][ T4022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  207.448041][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  207.450689][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  207.453384][ T4463] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.455330][ T4463] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.457750][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  207.461025][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  207.562138][ T7008] sock: sock_timestamping_bind_phc: sock not bind to device
[  207.642483][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  207.704030][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  207.819189][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  207.958839][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  208.093960][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  208.190164][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  208.303299][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  208.312241][ T4057] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  208.348464][ T6869] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  208.373338][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  208.526471][ T7021] netlink: 16 bytes leftover after parsing attributes in process `syz.4.945'.
[  208.809169][ T7015] chnl_net:caif_netlink_parms(): no params data found
[  208.876822][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  208.879131][ T4018] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  208.923395][ T6869] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.953825][ T7015] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.955852][ T7015] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.960883][ T7015] device bridge_slave_0 entered promiscuous mode
[  208.977291][ T7015] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.979224][ T7015] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.982169][ T7015] device bridge_slave_1 entered promiscuous mode
[  208.998871][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  209.007109][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  209.137061][ T4176] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  209.160787][ T7048] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  209.167643][ T7015] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  209.175775][ T7015] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  209.190968][ T7048] netlink: 12 bytes leftover after parsing attributes in process `syz.4.952'.
[  210.193874][  T294] Bluetooth: hci5: Frame reassembly failed (-84)
[  210.210467][ T7015] team0: Port device team_slave_0 added
[  210.242362][ T7015] team0: Port device team_slave_1 added
[  210.274585][ T3978] 
[  210.275173][ T3978] ============================================
[  210.276648][ T3978] WARNING: possible recursive locking detected
[  210.278022][ T3978] 5.15.163-syzkaller #0 Not tainted
[  210.279365][ T3978] --------------------------------------------
[  210.280956][ T3978] kworker/u5:4/3978 is trying to acquire lock:
[  210.282589][ T3978] ffff0000ce538138 ((wq_completion)hci6){+.+.}-{0:0}, at: flush_workqueue+0x120/0x11c4
[  210.285070][ T3978] 
[  210.285070][ T3978] but task is already holding lock:
[  210.287022][ T3978] ffff0000ce538138 ((wq_completion)hci6){+.+.}-{0:0}, at: process_one_work+0x66c/0x11b8
[  210.289643][ T3978] 
[  210.289643][ T3978] other info that might help us debug this:
[  210.291550][ T3978]  Possible unsafe locking scenario:
[  210.291550][ T3978] 
[  210.293439][ T3978]        CPU0
[  210.294309][ T3978]        ----
[  210.295215][ T3978]   lock((wq_completion)hci6);
[  210.296638][ T3978]   lock((wq_completion)hci6);
[  210.297934][ T3978] 
[  210.297934][ T3978]  *** DEADLOCK ***
[  210.297934][ T3978] 
[  210.299983][ T3978]  May be due to missing lock nesting notation
[  210.299983][ T3978] 
[  210.302223][ T3978] 2 locks held by kworker/u5:4/3978:
[  210.303450][ T3978]  #0: ffff0000ce538138 ((wq_completion)hci6){+.+.}-{0:0}, at: process_one_work+0x66c/0x11b8
[  210.306087][ T3978]  #1: ffff80001c6b7c00 ((work_completion)(&hdev->error_reset)){+.+.}-{0:0}, at: process_one_work+0x6ac/0x11b8
[  210.309294][ T3978] 
[  210.309294][ T3978] stack backtrace:
[  210.310802][ T3978] CPU: 0 PID: 3978 Comm: kworker/u5:4 Not tainted 5.15.163-syzkaller #0
[  210.312856][ T3978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  210.315440][ T3978] Workqueue: hci6 hci_error_reset
[  210.316764][ T3978] Call trace:
[  210.317557][ T3978]  dump_backtrace+0x0/0x530
[  210.318739][ T3978]  show_stack+0x2c/0x3c
[  210.319889][ T3978]  dump_stack_lvl+0x108/0x170
[  210.321005][ T3978]  dump_stack+0x1c/0x58
[  210.322049][ T3978]  __lock_acquire+0x62bc/0x7638
[  210.323371][ T3978]  lock_acquire+0x240/0x77c
[  210.324557][ T3978]  flush_workqueue+0x14c/0x11c4
[  210.325969][ T3978]  drain_workqueue+0xb8/0x32c
[  210.327181][ T3978]  destroy_workqueue+0x80/0xa34
[  210.328407][ T3978]  hci_release_dev+0x118/0x116c
[  210.329678][ T3978]  bt_host_release+0x70/0x88
[  210.330943][ T3978]  device_release+0x8c/0x1ac
[  210.332128][ T3978]  kobject_put+0x2c4/0x438
[  210.333282][ T3978]  put_device+0x28/0x40
[  210.334371][ T3978]  hci_error_reset+0x124/0x2b8
[  210.335481][ T3978]  process_one_work+0x790/0x11b8
[  210.337160][ T3978]  worker_thread+0x910/0x1034
[  210.338501][ T3978]  kthread+0x37c/0x45c
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  210.339505][ T3978]  ret_from_fork+0x10/0x20
[  210.359312][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  210.380052][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  210.382655][ T6869] device veth0_vlan entered promiscuous mode
[  210.484057][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  210.486314][ T6148] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  210.508137][ T4022] Bluetooth: hci1: command 0x0409 tx timeout
[  211.425155][  T648] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.458808][  T648] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.497929][  T648] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.549699][  T648] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.253379][ T4388] Bluetooth: hci5: command 0x1003 tx timeout
[  212.255165][ T3972] Bluetooth: hci5: sending frame failed (-49)
[  212.974064][  T136] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  213.933907][  T648] device hsr_slave_0 left promiscuous mode
[  213.993322][  T648] device hsr_slave_1 left promiscuous mode
[  214.073256][  T648] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  214.075315][  T648] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.077780][  T648] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.079712][  T648] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.081998][  T648] device bridge_slave_1 left promiscuous mode
[  214.083832][  T648] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.124685][  T648] device bridge_slave_0 left promiscuous mode
[  214.126507][  T648] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.178708][  T136] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  214.186153][  T648] device hsr_slave_0 left promiscuous mode
[  214.258434][  T648] device hsr_slave_1 left promiscuous mode
[  214.333551][ T6148] Bluetooth: hci5: command 0x1001 tx timeout
[  214.335683][ T3972] Bluetooth: hci5: sending frame failed (-49)
[  214.343210][  T648] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  214.345290][  T648] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.348003][  T648] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.349976][  T648] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.352295][  T648] device bridge_slave_1 left promiscuous mode
[  214.354088][  T648] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.403909][  T648] device bridge_slave_0 left promiscuous mode
[  214.405441][  T648] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.543277][  T648] device veth1_macvtap left promiscuous mode
[  214.545121][  T648] device veth0_macvtap left promiscuous mode
[  214.546694][  T648] device veth1_vlan left promiscuous mode
[  214.548288][  T648] device veth0_vlan left promiscuous mode
[  214.633290][  T648] device veth1_macvtap left promiscuous mode
[  214.634993][  T648] device veth0_macvtap left promiscuous mode
[  214.636618][  T648] device veth1_vlan left promiscuous mode
[  214.638050][  T648] device veth0_vlan left promiscuous mode
[  214.844544][  T648] team0 (unregistering): Port device team_slave_1 removed
[  214.850586][  T648] team0 (unregistering): Port device team_slave_0 removed
[  214.856550][  T648] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.889644][  T648] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.998356][  T648] bond0 (unregistering): Released all slaves
[  215.140254][  T648] team0 (unregistering): Port device team_slave_1 removed
[  215.148375][  T648] team0 (unregistering): Port device team_slave_0 removed
[  215.154078][  T648] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  215.208020][  T648] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  215.319165][  T648] bond0 (unregistering): Released all slaves
[  216.413376][ T4388] Bluetooth: hci5: command 0x1009 tx timeout
[  218.940214][  T648] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.997372][  T648] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.057852][  T648] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.097841][  T648] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.256606][  T648] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.287194][  T648] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.321333][  T648] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.367858][  T648] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0